Privacy Policy

Electric Coffee Co is committed to ensuring the ways in which we collect, store and process data is transparent.

We take your data seriously, and as such undertake a number of administrative and technical procedures to ensure your data remains secure.

With regard to the Data Protection Act 1998, and the General Data Protection Regulation (EU) 2016/679, Electric Coffee Co is the data controller, registered at 40 Haven Green, Ealing. London. W5 2NX.

This privacy policy outlines how your personal information is collected, processed and shared.

By continuing to navigate this website or by submitting data via the forms you are agreeing to accept our terms as outlined in the policy below.


Your rights

Under current legislation you have the following rights regarding your data:

  1. The right to be informed
  2. The right of access
  3. The rights of rectification, erasure, restriction of processing and objecting
  4. The right to data portability
  5. Rights in relation to automated decision making and profiling

With respect to these rights we have provided the following information:

 
The right to be informed

Below is a summary of the data we collect:

What data is collected How it is collected Legal basis Retention period Why we collect it Who it may be shared with
IP Address, browser and operating system information Automatically Legitimate interests 3 months Investigating activities in breach of the Computer Misuse Act (1990). Law enforcement services and other 3rd parties for the purposes of investigation.
Anonymous website usage statistics and demographic information Automatically Legitimate interests Determined by Google and potentially other 3rd party providers To allow us to monitor and improve the features and services offered by the website. Google and potentially other 3rd parties for the purposes of improving the website.
Personal data entered via the contact form(s) Website form(s) Consent Until deletion request To reply to your enquiry and provide subsequent assistance. Data will never be shared without your prior consent.
Personal data entered via the newsletter signup form(s) Website form(s) Consent Until removal request To keep you up to date with relevant information about our products or services. Data will never be shared without your prior consent.
Personal data entered via the registration form(s) Website form(s) Consent Until removal request To allow you to login to the website and access your account. Data will never be shared without your prior consent.
Personal data entered via the purchasing form(s) Website form(s) Contractual, legitimate interests In line with the laws for accounting records To fulfil your order and for our accounting records. Card details are never stored locally, and are passed directly onto the payment provider. 3rd parties who are involved in the completion of the purchase, such as payment handlers and shipping companies. In addition data may be shared with 3rd parties for the purposes of accounts auditing.

Sharing of information

In order to provide our services and complete our contractual obligations we may need to share your data with specific 3rd party organisations. These include contractors who are involved in the provision of this website and those involved in the fulfilment of orders. Where this sharing of data occurs we will ensure that the data will be communicated securely.

Where data may need to be shared to countries outside the European Union, we will ensure additional precautions are taken.


Transmission of information

Where sensitive data is transmitted between your browser and the web servers we will ensure adequate precautions are taken, for example encryption in transit where applicable.


Storage of information

We will endeavour to keep any information we store about you secure by taking necessary technical and administrative precautions including, but not limited to:

  • Access control restrictions
  • Firewalls
  • Malware scanning
  • Encryption of sensitive information

Do not track

Please note that we do not alter the website's data collection practices when a 'Do Not Track' signal is passed from your browser.


3rd party links

On this site we may include links to 3rd party websites. Please be aware we have no control over the data you share with the 3rd party sites or the way they handle data. We would recommend that you review the privacy policy on each site.

 
The right of access

Any subject access requests must be made in writing via email or to our registered business address. These requests will be dealt with in accordance of the General Data Protection Regulation (EU) 2016/679.

We will respond within one month of receiving the request.

 
The rights of rectification, erasure, restriction of processing and objecting

Where there is a desire to exercise these rights, please make your request in writing via email or to our registered business address.

In some cases there may be relevant legal obligations which mean we are unable to comply, for example the deletion of financial records, but where this occurs we will provide clear and concise reasoning.

 
The right to data portability

Where you require your data to be ported to another system, please make a data subject request as outlined in the 'Right of access' section above.

With this request we will provide all data we hold about you, however we may be unable to accommodate requests for data to be in a specific format. We will not pass this information directly to a 3rd party, but to you to provide to whichever 3rd party you wish to share it with.

 
Rights in relation to automated decision making and profiling

Your information will not be used for automatic decision making, with the exception of the completion of financial transactions.

 

Complaints

If you have any complaints regarding our handling of your data, please contact us in writing by email or to our registered business address. In addition you can lodge an official complaint with the Information Commissioner's office - https://www.ico.org.uk.


Revisions

We may update this policy from time to time in order to reflect changes to our practices or for other operational, legal or regulatory reasons.


Date revised: 23/05/2018