We will keep your Personal Information accurate, complete and up-to-date with the information that you provide to us. If you request access to your Personal Information, we will inform you of the existence, use and disclosure of your Personal Information as allowed by law, and provide you access to that information.
What information is collected by GPL Coffee?
We collect certain personal information about visitors and users of GPL Coffee. The most common types of information we collect are things like: user names, email addresses, other contact details, payment information such as payment agent details, transaction details, support queries and web analytics data. If you choose to subscribe to our free electronic newsletter we collect your email address, and, if you choose to provide it, a zip or postal code. We use this information to service your account, verify your identity, process transactions, enhance our Services, manage our legal and operational affairs and answer any questions you may have.
When do we collect this information?
We collect this information when you visit our website or engage with us either by email, web form, instant message, phone, or post content on our website (including forums & blogs). We also collect any additional information that you might provide to us.
When you provide personal information to us via GPL Coffee you’re consenting to us collecting and using that information in line with this policy and the terms of service. You are likely to provide personal information when you complete membership registration and buy a subscription, subscribe to a newsletter, email list, submit feedback, enter a contest, fill out a survey, or send us a communication.
What is a cookie?
While you visit our site, we’ll track:
- Products you’ve viewed: we’ll use this to, for example, show you products you’ve recently viewed
- Location, IP address and browser type: we’ll use this for purposes like estimating taxes and shipping
When you purchase from us, we’ll ask you to provide information including your name, email address, credit card/payment details and optional account information like username and password. We’ll use this information for purposes, such as, to:
- Send you information about your account and order
- Respond to your requests, including refunds and complaints
- Process payments and prevent fraud
- Set up your account for our store
- Comply with any legal obligations we have, such as calculating taxes
- Improve our store offerings
- Send you marketing messages, if you choose to opt in receive them
If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you create an account, we will store your name and email address which will be used to populate the checkout for future orders. We do NOT store your credit or debit card information nor do we have sight of this information since the transaction is entirely between you and the gateway provider and this transaction is concluded on the site of the gateway provider.
We generally store information about you for as long as we need the information for the purposes for which we collect and use it, and we are not legally required to continue to keep it. For example, we will store order information for six (6) years for tax and accounting purposes. This includes your name and email address.
Our website uses Google Analytics, a service which transmits website traffic data to Google servers in Ireland. Google Analytics does not identify individual users or associate your IP address with any other data held by Google. We use reports provided by Google Analytics to help us understand website traffic and web page usage.
We use the “visitor action pixels” from Facebook Inc (1 Hacker Way, Menlo Park, CA 94025, USA, or, if you are based in the EU, Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook”)) on our website.
This allows user behavior to be tracked after they have been redirected to our website by clicking on a Facebook ad. This enables us to measure the effectiveness of Facebook ads for statistical and market research purposes. The data collected in this way is anonymous to us, i.e. we do not see the personal data of individual users. However, this data is stored and processed by Facebook, which is why we are informing you, based on our knowledge of the situation. Facebook may link this information to your Facebook account and also use it for its own promotional purposes, in accordance with Facebook’s Data Usage Policy https://www.facebook.com/about/privacy/. You can allow Facebook and its partners to place ads on and off Facebook. A cookie may also be stored on your computer for these purposes.
The legal basis for the use of this service is Art. 6 paragraph 1 sentence 1 letter f GDPR. You can object to the collection of your data by Facebook pixel, or to the use of your data for the purpose of displaying Facebook ads by contacting the following address: https://www.facebook.com/settings?tab=ads.
Facebook is certified under the Privacy Shield Agreement and thus guarantees compliance with European data protection legislation (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active).
Who on our team has access
Members of our team have access to the information you provide us. For example, Administrators and Shop Managers can access:
- Order information like what was purchased, when it was purchased and;
- Customer information like your name, email address, and billing information.
Our team members have access to this information to help fulfill orders, process refunds and support you.
When and why do we share Personal Information with third parties?
We may use the following third-party service providers named below to process and store your data:
You may remove your name from our mailing list at any time by clicking the “unsubscribe from this list” link at the bottom of any email that you receive.
Cloudflare, which is a traffic optimisation and distribution service provided by CloudFlare Inc.
The way CloudFlare is integrated means that it filters all the traffic via it’s own servers, i.e., communication between this website and the User’s browser, while also allowing analytical data from this site to be collected.
European Commission – if you are a business customer in Europe with a VAT number then we use the EC customs tool to check that the number is valid. You can see the tool here: http://ec.europa.eu/taxation_customs/vies/
We also may share your details due to the following legal exceptions:
Personal information may be shared with third parties to prevent, investigate, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of our Terms of Service or any other agreement related to the Services, or as otherwise required by law.
Personal information may also be shared with a company that acquires our business, whether through merger, acquisition, bankruptcy, dissolution, re-organisation, or other similar transaction or proceeding. It may also be shared with our professional advisers (lawyers, accountants etc) or with regulators and government authorities.
If you have emailed or written to us then we retain that email or letter to allow sufficient time for your query to be dealt with. Once the matter has been concluded the email or letter is securely deleted. We usually do this straight away but in any event within a one hundred and eighty (180) day time frame.
We do NOT use any information submitted to us by email or letter for marketing purposes.
What do we do with your Personal Information when you terminate your relationship with us?
If an account remains inactive for one hundred and eighty (180) days then it is deleted from our system unless you contact us to request otherwise. You may also close the account you have with us at any time. To make an access, correction or closure request, please contact us using the contact details at the end of this policy.
We also keep ninety (90) day rolling backups of our systems after which time they are securely deleted and we keep log files (server logs and download logs) for one hundred and eighty (180) days after which time they are securely deleted.
We will continue to store archived copies of your previous financial transactions for legitimate business purposes only and for a period of six (6) years to comply with our legal and financial requirements.
Note that any pending, failed or cancelled orders are automatically deleted after a thirty (30) day period. Copies of these orders, because they have failed to be processed are not stored beyond this thirty (30) day period.
What we don’t do with your Personal Information
We do not and will never share, disclose, sell, rent, or otherwise provide Personal Information to other companies for the marketing of their own products or services.
We do not use the Personal Information we collect from you or your customers to contact or market to your customers or directly compete with you. However, GPL Coffee may contact or market to your customers if we obtain their information from another source, such as from the customers themselves.
How do we keep your Personal Information secure?
We follow industry standards on information security management to safeguard sensitive information, such as financial information, intellectual property and any other Personal Information entrusted to us. All personal information is fully encrypted and stored in secure off site ‘zero knowledge’ locations. Our information security systems apply to people, processes and information technology systems on a risk management basis.
We do NOT store your credit or debit card information nor do we have sight of this information since the transaction is entirely between you and the gateway provider and this transaction is concluded on the site of the gateway provider.
In the event of a data breach we shall inform you the customer and the relevant authorities as soon as we become aware of it but in any event no later than 72 hours.
Access to your personal information
You retain all rights to your Personal Information and can access it anytime. In addition, GPL Coffee takes reasonable steps to allow you to correct or amend personal information that is shown to be inaccurate or incomplete. If you have an account on this site you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us.
You also have the right to be forgotten. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes. We automatically delete expired accounts in line with our policies detailed above but if you wish for your account to be deleted sooner then contact us using the details below and we will expedite your request within thirty (30) days.
If you have any questions about your Personal Information or this policy, please contact us.
Alternatively, you can also write to us by snail mail at: GPL Coffee, 304 S. Jones Blvd Suite 5005 Las Vegas NV 89107.
Updated: October 22, 2021