The processing of personal data, such as the name, address, e-mail address, or telephone number of a data subject shall always be in line with the General Data Protection Regulation (GDPR), and in accordance with the country-specific data protection regulations applicable to Concrete Coffee. By means of this data protection declaration, our business would like to inform the general public of the nature, scope, and purpose of the personal data we collect, use and process. Furthermore, data subjects are informed, by means of this data protection declaration, of the rights to which they are entitled.
Name and Address of the controller
Controller for the purposes of the General Data Protection Regulation (GDPR), other data protection laws applicable in Member states of the European Union and other provisions related to data protection is: Concrete CoffeeLTD
Address: Watergate Building, New Crane Street CH14JE
Email: info@concretecoffee.co.uk
Website: www.concretecoffee.co.uk
Any data subject may, at any time, contact us with any questions and suggestions concerning data protection.
We collect:
- your IP address, and details of which version of web browser you used
- information on how you use the site, using cookies and page tagging techniques
- information for the facilitation of order processing and delivery such as delivery addressesThis data can be viewed by authorised people within our business to:
- Fulfil orders placed on this website or repeat orders via our subscription service
- Improve the form and function of our website
- Understand our customers for improvement to delivery of marketing activity
Cookies
We use cookies for a number of reasons:
- For statistical purposes to track how many users we have and how often they visit our websites. We collect informationlisting which of our pages are most frequently visited, and by which types of users and from which countries.
- We use other organisations to collect anonymous user information, sometimes through cookies and web beacons, (information embedded in images which allow them to analyse how the website is being used and the number of visitors).
- We and other advertisers may use statistical cookies to track who has seen an advert and clicked on it. You can find more information on this in the online behavioural advertising section of this privacy policy.
- We may use ‘Flash’ cookies to store your preferences for your media player (for example, volume and so on). If we don’t use them, you may not be able to watch some video content.
- We or other companies may use cookies to suggest and deliver content which we believe may interest you.
It is usually possible to stop your browser accepting cookies, or to stop it accepting cookies from a particular website, but you need to be aware that you might lose some of the functionality of that website. All modern browsers allow you to change your cookie settings. These settings will typically be found in the ‘options’ or ‘preferences’ menu of your browser.
Contact possibility via the website
The website of Concrete Coffee contains information that enables a quick electronic contact to our business, as well as direct communication with us, which also includes a general address of the so-called electronic mail (e-mail address). If a data subject contacts the controllerby e-mail or via a contact form, the personal data transmitted by the data subject are automatically stored. Such personal data transmitted on a voluntary basis by a data subject to the data controller are stored for the purpose of processing or contacting the data subject. There is no transfer of this personal data to third parties.
Links to other websites
www.concretecoffee.co.uk (and it’s sub-domains) contain links to other websites. This privacy policy only applies to concretecoffee.co.uk(and it’ssub-domains), and doesn’t cover other website that we link to. These websites, such as the Specialty Coffee Association have their own terms and conditions and privacy policies.
Legal basis for the processing
Consent -By disclosing your personal information to us using this website or over the telephone, you consent to the collection, storage and processing of your personal information by Concrete Coffee in the manner set out in this Privacy Policy. Contract –Where Concrete Coffee need to process someone’s personal data to fulfil contractual obligations to you or because you have asked Concrete Coffee to do something before entering into a contract(eg provide a quote), contract is used as a legal basis.Legitimate interests –if processing is necessary for your interests, for example keeping customers appraised of new product lines relevant to their business, this is done using legitimate interests as a legal basis.
Period for which the personal data will be stored
The criteria used to determine the period of storage of personal data is the respective statutory retention period. After expiration of that period, the corresponding data is routinely deleted, in line with our internal retention policy.
Disclosing your information
We may pass on your personal information if we have a legal obligation to do so, or if we have to enforce or apply our terms of use and other agreements. This includes exchanging information with other government departments for legal reasons.We won’t share your information with any other organisations for marketing, market research or commercial purposes, and we don’t pass on your details to other websites.Any other organisations who access your information in the course of providing services on our behalf will be governed by strict contractual restrictions to make sure that they protect your information and keep to data-protection and privacy laws which apply. We may use service providers to help us run these sites (or services available on the sites).
Your rights
You can find out what information we hold about you, and ask us not to use any of the information we collect.
Existence of automated decision-making
As a responsible company, we do not use automatic decision-making or profiling.
GDPR and our business customers
A new piece oflegislation regarding Data Protection became law In May 2018. General Data Protection Regulations (GDPR) replaced the dated Data Protection previously operated by the ICO.We shall use appropriate technical and organisational measures to protect against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data. We shall not sub-contract any processing of personal data unless that personal data continues to be subject to an appropriate level of protection. To the extent that we as data processor for you, we shall only process personal data in accordance with your instructions.We will keep and use it to enable us to run the business and manage our relationship with you effectively, lawfully and appropriately, whilst we are working with you and past this point. This includes using information to enable us to comply with our customer contract, to comply with any legal requirements, pursue the legitimate interests of the Company and protect our legal position in the event of legal proceedings. If you do not provide this data, we may be unable in some circumstances to comply with our obligations and we will tell you about the implications of that decision.The criteria used to determine the period of retention of personal data is the respective statutory retention period. After expiration of that period, the corresponding data is routinely deleted, in line with our internal data retention policy, as long as it is no longer necessary for the fulfilment of or initiation of the services being provided or is no longer necessary for the specific purpose for which it was obtained. Under the GDPR data subjects have a number of rights:
- The right to be informed about whether their personal data is being processed by us;
- The right of access to the personal data that we store about them;
- The right to rectification of their personal data should it prove to be inaccurate;
- The right to erasure of their personal data under specified circumstances;
- The right to restrict the processing or their personal data under specified circumstances;
- The right to data portability –the ability to have their personal data transferred to another data controller;
- The right to object to havingtheir personal data processed by us (under specified circumstances); and
- The right not to be subject to automated decision-making, including profiling. ([entity name] does not use automated decision-making or profiling).
More detailed information on data subjects’ rights can be obtained by contacting the Data Protection Team using the contact details at the top of this privacy notice.As a data subject, if you are not satisfied with the action we have taken in relation to exercising your rights, or if you believe that your data has been misused or that we have not kept it secure, you may complain to the Information Commissioners Office at Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF. Tel: 0303 123 1113 (local rate) or 01625 545 745 (national rate) or via https://ico.org.uk/make-a-complaint/