Privacy Policy - Coffee Inn Nomad

Introduction

At Coffee Inn Nomad ("we," "our," or "us"), we respect your privacy and are committed to protecting your personal data. This comprehensive privacy policy explains in detail how we collect, use, store, and safeguard your information when you visit our website, purchase our specialty coffee products, enroll in our courses, or interact with our services in any way. We believe in transparency and want you to understand exactly how your data is handled.

This policy applies to all visitors, customers, course participants, and anyone who interacts with Coffee Inn Nomad through our website, email communications, social media channels, or in-person at our cafes and events. By using our services, you acknowledge that you have read and understood this privacy policy.

Information We Collect

Personal Information You Provide

When you interact with Coffee Inn Nomad, we collect various types of personal information that you voluntarily provide to us. This information is essential for us to deliver our products and services effectively:

Contact Information: Your full name, email address, phone number, billing address, and shipping address when you create an account or place an order
Payment Information: Credit card details, billing address, and transaction history. All payment data is processed securely through certified third-party payment processors who comply with PCI DSS standards
Account Credentials: Username, password (encrypted), and security questions if you create an account on our website
Order Information: Purchase history, product preferences, coffee grind selections, subscription details, and delivery preferences
Course Enrollment Data: Information provided when registering for coffee courses, including skill level, dietary restrictions for tastings, and learning objectives
Communications: Content of emails, chat messages, customer service inquiries, product reviews, feedback, and survey responses
Marketing Preferences: Your consent and preferences for receiving promotional emails, newsletters, and special offers

Automatically Collected Information

When you visit our website, certain information is automatically collected through various technologies to improve your browsing experience and help us understand how our website is used:

Device Information: IP address, device type, unique device identifiers, browser type and version, operating system, screen resolution, and device settings
Usage Data: Pages visited, time spent on each page, links clicked, search queries, referring website, date and time of visits, and navigation paths through our website
Location Data: General geographic location based on IP address (city and country level)
Cookies and Tracking: Data collected through cookies, web beacons, pixels, and similar tracking technologies to remember your preferences and analyze site performance
Shopping Behavior: Products viewed, items added to cart, abandoned carts, and purchase patterns

How We Use Your Information

We use the personal information we collect for various legitimate business purposes to provide you with the best possible service experience:

Order Processing: To process, fulfill, and deliver your coffee orders, manage returns and exchanges, and handle customer service inquiries related to your purchases
Account Management: To create and maintain your customer account, enable you to access your order history, save preferences, and manage your subscription services
Course Administration: To enroll you in coffee courses, send course materials, communicate important updates, and issue certificates upon completion
Communication: To send transactional emails about orders, shipping updates, account changes, and respond to your inquiries and support requests
Marketing: To send promotional emails, newsletters, special offers, and personalized recommendations based on your interests and purchase history (only with your explicit consent)
Website Improvement: To analyze how visitors use our website, identify popular products and content, optimize user experience, and fix technical issues
Personalization: To provide customized content, product recommendations, and targeted advertising based on your preferences and browsing history
Fraud Prevention: To detect and prevent fraudulent transactions, unauthorized access, and other illegal activities
Legal Compliance: To comply with applicable laws, regulations, legal processes, and government requests
Business Operations: To manage our inventory, analyze sales trends, conduct market research, and improve our product offerings

Legal Basis for Processing

We process your personal data based on one or more of the following legal grounds:

Contract Performance: Processing is necessary to fulfill our contractual obligations when you purchase products or services
Consent: You have given explicit consent for specific processing activities, such as marketing communications
Legitimate Interests: Processing is necessary for our legitimate business interests, such as fraud prevention and website optimization
Legal Obligation: Processing is required to comply with legal and regulatory requirements

Data Sharing and Disclosure

We value your trust and do not sell, rent, or trade your personal information to third parties for their marketing purposes. However, we may share your data with trusted partners and service providers in the following circumstances:

Service Providers: We work with carefully selected third-party companies that help us operate our business, including payment processors (Stripe, PayPal), shipping carriers (DHL, UPS, local courier services), email marketing platforms (Mailchimp), website hosting providers, analytics services (Google Analytics), and customer support tools
Business Partners: Coffee roasters, equipment manufacturers, and course instructors who help us deliver our products and educational services
Legal Requirements: When required by law, court order, subpoena, or government regulation, or when necessary to protect our legal rights, prevent fraud, or ensure the safety of our customers and employees
Business Transfers: In the event of a merger, acquisition, reorganization, bankruptcy, or sale of assets, your information may be transferred to the successor entity
With Your Consent: We may share information with other third parties when you explicitly authorize us to do so

All third parties with whom we share data are contractually obligated to protect your information and use it only for the specific purposes we authorize.

Data Security

We take the security of your personal information very seriously and implement comprehensive technical and organizational measures to protect it against unauthorized access, alteration, disclosure, or destruction. Our security practices include:

SSL/TLS encryption for all data transmission between your browser and our servers
Secure payment processing through PCI DSS compliant payment gateways
Password encryption using industry-standard hashing algorithms
Regular security audits and vulnerability assessments
Access controls limiting employee access to personal data on a need-to-know basis
Firewall protection and intrusion detection systems
Regular data backups stored in secure, encrypted environments

While we strive to protect your personal information, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security, but we continuously work to maintain the highest security standards possible.

Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this privacy policy, unless a longer retention period is required by law. Specifically:

Order Data: Retained for 7 years to comply with tax and accounting regulations
Account Information: Kept until you request account deletion or the account remains inactive for 5 years
Marketing Data: Retained until you unsubscribe or withdraw consent
Website Analytics: Typically retained for 26 months

Your Rights

Under data protection laws, including GDPR, you have extensive rights regarding your personal data. You can exercise these rights at any time by contacting us:

Right to Access: Request a copy of all personal data we hold about you
Right to Rectification: Request correction of inaccurate or incomplete data
Right to Erasure: Request deletion of your personal data ("right to be forgotten")
Right to Restriction: Request limitation on how we process your data
Right to Object: Object to processing of your personal data for specific purposes
Right to Data Portability: Request transfer of your data to another service provider in a machine-readable format
Right to Withdraw Consent: Withdraw consent for marketing communications or other processing based on consent
Right to Lodge a Complaint: File a complaint with your local data protection authority if you believe your rights have been violated

International Data Transfers

Coffee Inn Nomad operates primarily in the European Union, but we may transfer your personal data to service providers located in other countries. When we do, we ensure appropriate safeguards are in place, such as standard contractual clauses approved by the European Commission, to protect your information in accordance with EU data protection standards.

Cookies

We use cookies and similar technologies to enhance your experience on our website. You can control cookie preferences through your browser settings. For detailed information about the types of cookies we use and how to manage them, please see our comprehensive Cookie Policy.

Third-Party Links

Our website may contain links to third-party websites, social media platforms, and partner sites. We are not responsible for the privacy practices or content of these external sites. We encourage you to review their privacy policies before providing any personal information.

Children's Privacy

Our services are not intended for children under 13 years of age (or 16 in some jurisdictions). We do not knowingly collect personal information from children. If we become aware that we have collected data from a child without parental consent, we will take immediate steps to delete that information.

Changes to This Privacy Policy

We may update this privacy policy from time to time to reflect changes in our practices, technology, legal requirements, or business operations. We will notify you of any significant changes by posting the new policy on this page, updating the "Last updated" date, and sending an email notification if the changes materially affect how we handle your personal data. We encourage you to review this policy periodically.

Contact Us

If you have any questions, concerns, or requests regarding this privacy policy or our data practices, please don't hesitate to contact us:

Email: [email protected]
Data Protection Officer: [email protected]
Visit our Contact Page