Privacy Policy for High Point Coffee Oxford
High Point Coffee Oxford (“we,” “our,” or “us”) is committed to safeguarding the privacy and personal data of every individual who interacts with our website, highpointcoffeeoxford.com. We recognize and respect the importance of privacy and data protection, and we adhere to strict standards to ensure your personal data is handled responsibly in accordance with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
1. Introduction
We understand that your personal data is confidential and that you expect it to be treated with care and respect. This Privacy Policy explains how we collect, use, disclose, and protect your personal data when you use our website, communicate with us, or otherwise engage with our services.
2. Scope and Data Controller
This Privacy Policy applies to personal data collected through our website, highpointcoffeeoxford.com, and related services. High Point Coffee Oxford is the data “controller” as defined under applicable data protection laws, which means we determine the purposes and means of processing your personal data.
If you have any questions about our data processing practices, you may contact us at [email protected].
3. Categories of Personal Data We Process
We may collect and process the following categories of personal data:
a. Usage Data
Data related to your visit to highpointcoffeeoxford.com including your browser type, IP address, geographical location, device type, operating system, referring URL, visited pages, session duration, and interaction data.
b. Account Data
Information you provide when creating an account, subscribing to communications, or placing orders. This includes your full name, billing and shipping addresses, email address, and telephone number.
c. Profile Data
Preferences, interests, purchase history, product selections, frequency of visits, and demographic data where applicable.
d. Communication Data
Records of correspondence with us, including support requests, inquiries, feedback forms, and chat conversations.
e. Technical Data
Device identifiers, operating system versions, screen resolution, browser settings, and configuration data collected through cookies or system logs.
f. Transaction Data
Payment details (processed securely via third parties), order history, shipping details, and confirmation records.
g. Preference Data
Your stated or inferred marketing preferences, product interest areas, and opt-in or opt-out status for promotional messaging.
4. Legal Bases for Processing
We rely on the following lawful bases to process your personal data:
– Consent: When you explicitly agree to our processing activities, such as subscribing to newsletters or opting into cookies.
– Contractual Necessity: To fulfill a contract with you, such as processing orders or managing your account.
– Legitimate Interests: For the provision, improvement, and security of our services, maintaining customer relationships, and promoting our products—balanced with your rights and freedoms.
– Legal Obligation: Where processing is necessary to comply with legal or regulatory requirements.
5. Your Rights Under Data Protection Law
Depending on your jurisdiction, you have the right to:
– Access: Request a copy of the personal data we hold about you.
– Rectify: Request correction of inaccurate or incomplete personal data.
– Erasure: Request deletion of your personal data, subject to legal obligations.
– Restriction: Request limitations on the processing of your personal data.
– Portability: Receive your personal data in a structured, commonly used format for portability.
– Objection: Object to processing based on legitimate interests, direct marketing, or profiling.
– Withdraw Consent: Where consent is the basis, you may withdraw it at any time.
To exercise any of these rights, please contact us at [email protected]. We may require verification of identity before responding to your request.
6. Security Measures
We maintain industry-standard administrative, technical, and physical safeguards designed to protect your personal data. These include but are not limited to:
– SSL/TLS encryption for data transmission
– Role-based access restrictions
– Routine security audits and monitoring
– Secure cloud infrastructure and encrypted backups
– Staff training in data protection protocols
Despite our efforts, no method of transmission or storage is fully secure. We encourage users to take precautionary measures to protect their data.
7. International Data Transfers
Where your personal data is transferred outside your country of residence, we ensure appropriate safeguards are in place, including the use of Standard Contractual Clauses approved by the European Commission or adequacy decisions where relevant.
By using highpointcoffeeoxford.com, you acknowledge that your data may be stored and processed in jurisdictions outside your own, where privacy laws may differ.
8. Data Retention
We retain personal data only as long as necessary for the purposes set out in this Policy:
– Usage and Technical Data: up to 24 months
– Account and Profile Data: for the duration of your account and up to 6 years thereafter, as required by applicable finance and tax laws
– Communication Data: for a minimum of 36 months for service monitoring
– Transaction Data: retained for 6 years unless otherwise required
– Preference Data: until withdrawn or updated by you
Upon expiration of these periods, we will securely delete or anonymize your data, unless legal obligations require extended retention.
9. Cookie Policy
Our website uses various types of cookies and tracking technologies to enhance user experience and collect aggregate data about usage:
– Essential Cookies: Required for basic site functionality and security (e.g., session management, login experience)
– Functional Cookies: Remember your preferences and choices on the website
– Analytics Cookies: Help measure site performance and user engagement (e.g., Google Analytics)
– Performance Cookies: Collect anonymous data on how users interact with the site for optimization purposes
10. Cookie Management & User Consent
In compliance with GDPR and CCPA, users can manage their cookie preferences via the cookie consent banner. You may also change preferences or withdraw consent at any time through browser settings or by contacting us.
Do Not Track (DNT) signals are honored where supported by browser technology.
11. Children’s Privacy
Our website and services are not directed to children under the age of 13. We do not knowingly collect personal data from children without parental consent. If we become aware that we have collected such data, we will take steps to delete it immediately. Parents or guardians may contact us at [email protected] to request deletion.
12. Policy Updates
We may update this Privacy Policy from time to time to reflect legal, technological, or business changes. Any material modifications will be communicated by notice on highpointcoffeeoxford.com. Continued use of the site after any updates constitutes your acceptance of the revised Policy.
13. Contact Information
If you have questions or concerns regarding this Privacy Policy or your personal data, please contact:
High Point Coffee Oxford
Email: [email protected]
Website: https://highpointcoffeeoxford.com
We are committed to full compliance with all applicable privacy laws and welcome any inquiries related to the handling of your personal information.