• Your shopping cart is empty!

Privacy Policy

Welcome to Coffee Hysteria and our website at www.coffeehysteria.com (our “website”). At Coffee Hysteria, we respect your privacy and are committed to being transparent about what data we collect when you visit and use our website and shop and how it is used.

 

GENERAL INFORMATION

a)      What is Personal Data?

Personal Data is any information relating to personal or material circumstances that relates to an identified or identifiable individual. This includes, for example, your name, date of birth, e-mail address, postal address, or telephone number as well as online identifiers such as your IP address. In contrast, information of a general nature that cannot be used to determine your identity is not Personal Data. This includes, for example, the number of users of a website.

 

b)      What is processing?

"Processing" means any operation or set of operations which is performed upon Personal Data, whether or not by automatic means. The term is broad and covers virtually any handling of data.

 

c)       What law applies?

In principle, we will only use your Personal Data in accordance with the applicable data protection laws, in particular the UK’s Data Protection Act (“DPA”) and the EU's General Data Protection Regulation (“GDPR”).

 

d)      Who is responsible for data processing?

The responsible party for data processing is ENNOVIA LTD of 37 Caledonian Wharf, London, England, E14 3EN (“Coffee Hysteria”, “we”, “us”, “our”). If you want to contact us or if you have any questions, you can reach us by email using [email protected].

 

e)       What are the legal bases of processing?

We only process your Personal Data if we at least one of the following applies:

 

        you have given your consent,

        the data is necessary for the fulfillment of a contract/pre-contractual measures,

        the data is necessary for the fulfillment of a legal obligation or

        the data is necessary to protect our legitimate interests, provided that your interests are not overridden.

 

DATA WE COLLECT AUTOMATICALLY

a)      Log data

When you access and use our website, we collect the Personal Data that your browser automatically transmits to our server. This is technically necessary for us to display our website and to ensure its stability and security. In this sense, we collect the following data: i) IP address of the requesting computer, ii) Date and time of access, iii) name and URL of the file accessed, iv) website from which the access was made (referrer URL), v) browser used and, if applicable, the operating system of your computer as well as the name of your access provider. The legal basis is our legitimate interest.

 

b)      Hosting

To provide our website, we use the services of Digital Ocean who process all data to be processed in connection with the operation of our website on our behalf. The legal basis for the data processing is our legitimate interest in providing our website.

 

c)       Content Management System

We use the Content Management System (CMS) and e-commerce system of OpenCart to publish and maintain the created and edited content and texts on our website. Also, OpenCart provides us with their online e-commerce platform, through which we can offer our goods for sale to you. This means both all content and texts submitted to us by users for publication and your inventory data and your usage data are stored on our Digital Ocean Server in an OpenCart database. The legal basis for this processing is our legitimate interest.

 

d)      Fonts

We use Google Fonts by Google and Font Awesome of Fonticons on our website to display external fonts. To enable the display of certain fonts on our website, a connection to a Google/Font Awesome server is established when our website is accessed. The connection to Google/Font Awesome established when you call up our website enables Google/Font Awesome to determine which website sent your request and to which IP address the display of the font is to be transmitted. This represents a legitimate interest.

 

e)       Economic analyses and market research

For business reasons, we analyse the data we have on web and server traffic patterns, website interactions, browsing behaviour, etc. The analyses serve us alone and are not disclosed externally and are processed using anonymous analyses with summarised and/or anonymised values. For this purpose we use OpenCart usage statistics. The legal basis is our legitimate interest and your consent. For further information on our use of analytics, please refer to our Cookie Policy.

 

f)        Cookies

For the processing of Personal Data using cookies and similar technologies on our website, please refer to our Cookie Policy. The legal basis for the use of cookies is our legitimate interest or your consent when you agree to the use of technically non-essential cookies, as further explained in our Cookie Policy.

 

DATA WE COLLECT DIRECTLY

a)      General

We may ask you for Personal Data when you:

        use our website, shop and services,

        request services, support, or information,

        participate online or otherwise in marketing and advertising activities,

        subscribe to our marketing and promotional emails or other materials,

        interact with us on third-party social networking sites (subject to the terms of use and privacy policies of said third parties), or

        Contact us.

 

In order to provide you with a more consistent and personalized user experience in your interactions with Coffee Hysteria, data collected through one source may also be linked to other data collected by Coffee Hysteria through other sources. This may include data that helps us identify you when you access our website through several different devices.

 

b)      Contacting us

You can contact us in various ways and data is always collected in the process. You provide us with most of the data that we process when you contact us such as your name, and email address. This data is collected and processed exclusively for the purpose of contacting you and processing your request and then deleted again, provided that there is no legal obligation to retain it.

 

c)       Account Registration

It is also possible for you to register for an account. For this purpose, you can choose a password together with your email address, both of which will enable you to log in more easily without having to enter your data again when you make a future purchase or access our other content such as the blog or forum. We will hold your data as long as you have your account with us. The legal basis for processing is the provision or initiation of a contractual service and your consent.

 

d)      Shopping with us

We process your first name, last name, e-mail address, billing and shipping address for the delivery of your order and the data related to your contract with us to handle the contractual relationship. The legal basis for processing is the provision of a contractual service.

 

e)       When making a purchase

If you make a purchase your payment will be processed via our payment service provider. Payment data will solely be processed through our payment service provider and we have no access to any Payment Data you may submit. The legal basis for the provision of a payment system is the establishment and implementation of the contract.

 

f)        Customer Relationship Management System

For support, we may store the data related to our customers (for example, your name, address, e-mail address or telephone number) in our customer relationship management system (CRM). This data processing is based on our legitimate interest in providing our customer service.

 

g)      Administration, financial accounting, office organization, contact management

We process data in the context of administrative tasks as well as organization of our business, and compliance with legal obligations, such as archiving. In this regard, we process the same data that we process in the course of providing our services. The processing bases are our legal obligations and our legitimate interest.

 

h)      Aggregated Data

We also collect, use and share Aggregated Data such as statistical or demographic data for any purpose including improving our website and services. Aggregated Data could be derived from your Personal Data but is not considered Personal Data in law as this data will not directly or indirectly reveal your identity. However, if we combine or connect Aggregated Data with your Personal Data so that it can directly or indirectly identify you, we treat the combined data as Personal Data which will be used in accordance with this privacy policy.

 

i)        Promotional use of your data

We use your data (email address) within the legally permissible scope for marketing purposes, e.g., to draw your attention to special promotions and discount offers using the services of . In addition, we may draw your attention to comparable offers by email, e.g., we may inform you about exclusive sales, promotions, or special events. The legal basis for processing is our legitimate interest.

 

j)        Social Media

We have a presence on social media based on our legitimate interests. If you contact or interact with us via social media websites, we and the respective social media website are jointly responsible for the processing of your data and enter into a so-called joint-controller agreement. The legal basis is our legitimate interest, your consent or, in some cases, the initiation of a contractual performance, if any.

 

MARKETING

Insofar as you have given us your consent to process your Personal Data for marketing and advertising purposes, we are entitled to contact you for these purposes via the communication channels you have given your consent to.

 

You may give us your consent in a number of ways, including by selecting a box on a form where we seek your permission, or sometimes your consent is implied from your interactions or contractual relationship. Where your consent is implied, it is on the basis that you would have a reasonable expectation of receiving marketing communication based on your interactions or contractual relationship with us.

 

Direct marketing generally takes the form of email but may also include other less traditional or emerging channels. These forms of contact will be managed by us or by our contracted service provider. Every directly addressed marketing sent or made by us or on our behalf will include a means by which you may unsubscribe or opt out. The legal basis for processing is the initiation of a contract, our legitimate interest and your consent.

 

PRINCIPLES OF PROCESSING PERSONAL DATA

a)      Storage and Retention

We will retain your Personal Data as necessary in connection with the purposes described in this Privacy Policy, and in accordance with the UK`s retention periods for up to 6 years.

 

b)      Security

Our website uses SSL or TLS encryption to ensure the security of data processing and to protect the transmission of confidential content, such as orders, login data or contact requests that you send to us. We have also implemented numerous security measures (“technical and organisational measures”), for example, encryption or need-to-know access, to ensure the most complete protection of Personal Data processed through this website.

 

Nevertheless, internet-based data transmissions can always have security gaps, so that absolute protection cannot be guaranteed. And databases or data sets that include Personal Data may be breached inadvertently or through wrongful intrusion. Upon becoming aware of a data breach, we will notify all affected individuals whose Personal Data may have been compromised as expeditiously as possible after which the breach was discovered.

 

c)       Sharing and Disclosure

We will not disclose or otherwise distribute your Personal Data to third parties unless this is i) necessary for the performance of our services and the processing of your order, including with our shipping companies; ii) you have consented to the disclosure, iii) or if we are legally obliged to do so e.g., by court order or if this is necessary to support criminal or legal investigations or other legal investigations or other legal proceedings; or proceedings at home or abroad or to fulfill our legitimate interests.

 

d)      International Transfer

In the course of my website operation, we process data. We usually do not transfer Personal Data to countries outside the UK and the EEA. However, if we do, we will make sure that processing of your Personal Data is governed by processing agreements that include standard contractual clauses for a high level of data protection.

 

e)        What we do not do

        We do not request Personal Data from minors and children;

        We do not use Automated decision-making including profiling; and

        We do not sell your Personal Data.

 

YOUR RIGHTS AND PRIVILEGES

You can exercise the following rights:

        Right to information

        Right to rectification

        Right to object to processing

        Right to deletion

        Right to data portability

        Right to withdraw consent

        Right to complain to a supervisory authority

        Right not to be subject to a decision based solely on automated processing.

 

If you have any questions about the nature of the Personal Data we hold about you, or if you wish to exercise any of your rights, please contact us.

 

a)      Updating your information and withdrawing your consent

If you believe that the information we hold about you is inaccurate or that we are no longer entitled to use it and want to request its rectification, deletion, or object (including withdrawing of consents you have given us) to its processing, please do so in your account or by contacting us.

 

b)      Access Request

In the event that you wish to make a Data Subject Access Request, you may inform us in writing of the same. We will respond to requests regarding access and correction as soon as reasonably possible. Should we not be able to respond to your request within thirty (30) days after receiving your request, we will inform you in writing within thirty (30) days of the time by which we will be able to respond to your request. If we are unable to provide you with any Personal Data or to make a correction requested by you, we shall generally inform you of the reasons why we are unable to do so (except where we are not required to do so under the respective legal regulations mentioned above).

 

c)       Complaint to a supervisory authority

The supervisory authority for Data Protection in the UK is the Information Commissioner's Office (ICO) (www.ico.org.uk). However, we would appreciate the opportunity to address your concerns before you contact the ICO.

 

HELP AND COMPLAINTS

If you have any questions about this policy or the information we hold about you, please contact us by email using [email protected].

 

CHANGES

The first version of this policy was issued on Wednesday, 21st of May, 2025, and is the current version. Any prior versions are invalid, and if we make changes to this policy, we will revise the effective date.

TOP