Privacy Policy
This Privacy Policy explains how Coffee Cruise LTD (“we”, “us”, or “our”) collects, uses and protects your personal information when you use our website, place orders, sign up to receive marketing or otherwise interact with us. By using our website and services in the United Kingdom you accept the practices described in this policy.
1. Company information
2. What information we collect
We may collect and process the following personal data when you interact with us or use our website:
- Contact information: name, billing & delivery address, email address and telephone number;
- Payment information: card or payment details (processed and stored by our payment providers – we do not store full card details on our servers);
- Account data: username and password where you create an account;
- Technical data: IP address, browser type & version, device identifiers, operating system and pages visited (automatically collected);
- Marketing preferences and any communications you send to us;
- Order history and transactional information (products purchased, returns, refunds).
3. How we use your information
We use personal data for the following purposes and on lawful bases including performance of a contract, legitimate interests and where you have given consent:
- Order fulfilment: process and deliver your orders, manage payments, refunds and returns;
- Customer service: respond to enquiries, complaints and provide support;
- Service operation: administer and improve our website, detect and prevent fraud, and ensure security;
- Marketing: where you have opted in, send news, offers and product information by email or SMS;
- Legal & compliance: comply with legal obligations, resolve disputes and enforce our terms.
4. Consent & withdrawing consent
When you provide personal information to complete a transaction, verify your payment method, arrange delivery or return a purchase, we will assume you consent to us using the data for those purposes. If we ask for data for a secondary purpose (e.g. marketing) we will request your explicit consent where required.
You can withdraw consent at any time. To withdraw consent for marketing or to request that we stop processing your personal data for a specific purpose, contact us at info@coffeecruise.co.uk or call +44 7308 478120. Withdrawing consent will not affect the lawfulness of processing based on consent before its withdrawal.
5. Disclosure and third parties
We may share personal information with trusted third parties where necessary to provide services to you. These include:
- Payment processors and gateways (for example, those used by Shopify or other checkout providers);
- Delivery & courier partners for order fulfilment;
- IT and hosting providers (including our e-commerce platform);
- Marketing and analytics providers (only when you have consented to marketing cookies or communications);
- Professional advisers and regulators where required by law (for example, to comply with a court order or law enforcement request).
We do not sell personal data to third parties.
6. E-commerce platform & payments
Our website is built on and hosted using third-party e-commerce platforms and services. Payment processing is handled by authorised payment providers who comply with the Payment Card Industry Data Security Standard (PCI-DSS). Card details are encrypted and processed by the payment provider — we do not retain full card details on our systems beyond what is necessary to complete the transaction.
7. International transfers
Some service providers we use may process or store data outside the UK. Where personal data is transferred outside the UK/EU we will ensure appropriate safeguards are in place (for example standard contractual clauses or equivalent protections) in line with applicable data protection law.
8. Security
We use reasonable technical and organisational measures to protect personal data against unauthorised or unlawful processing and against accidental loss, destruction or damage. These measures include encryption (SSL/TLS), access controls and regular security reviews. However, no system is completely secure; please contact us immediately if you suspect any unauthorised use or breach of your personal data.
9. Cookies & tracking
We use cookies and similar technologies to provide core website functionality, remember your preferences and to collect analytics data for improving the site. You can manage or disable cookies in your browser settings; some cookies are strictly necessary for the site to operate.
Common cookies we may use:
-
_session_id– session identifier (used by the platform); -
_shopify_visit/_shopify_uniq– basic visit counters (platform analytics); -
cart– retains cart contents between visits; - Analytics cookies (e.g. Google Analytics) – aggregate traffic and usage reporting (no personally identifiable data stored by Google Analytics unless you explicitly send it).
For more about cookies and how to manage them, see aboutcookies.org.
10. Your rights
Under the UK GDPR and Data Protection Act 2018 you have certain rights in relation to your personal data. These include the right to:
- Request access to the personal data we hold about you (subject access request);
- Request correction of inaccurate or incomplete data;
- Request erasure of your personal data (where we no longer have a lawful basis to process it);
- Request restriction of processing in certain circumstances;
- Object to processing based on legitimate interests or for direct marketing;
- Request portability of the personal data you have provided to us (in a structured, commonly used format);
- Withdraw consent at any time where processing is based on consent.
To exercise any of these rights please contact us at info@coffeecruise.co.uk or write to: Coffee Cruise LTD, 12 Maple Wood, Rushden, Northamptonshire, NN10 0UN, United Kingdom. We may ask for proof of identity before fulfilling some requests.
11. Complaints
If you are unhappy with how we use your personal data you can raise a complaint with us by contacting info@coffeecruise.co.uk. You also have the right to lodge a complaint with the UK Information Commissioner's Office (ICO): ico.org.uk.
12. Data retention
We retain personal data for as long as necessary to fulfil the purposes set out in this policy, to comply with legal obligations (for example tax and accounting requirements) and to resolve disputes. When personal data is no longer required it will be securely deleted or anonymised.
13. Changes to this policy
We may update this Privacy Policy from time to time. Any material changes will be communicated by posting an updated policy on our website with an updated “Last updated” date. We recommend you review this page periodically.
14. Contact us
If you have any questions about this policy or how we handle your personal data, please contact:
