Personal data
Last updated: October 29, 2019
Your requests for changes to your personal data
As a user of CoffeeAvenue's services, you can modify your personal data settings from your customer account.
If you wish to delete your customer account, you may do so (be warned that this action is irreversible and you will lose access to your order history, loyalty points, and promo codes ... But it will be possible to create a new customer account) from your customer account.
It is possible to export your personal data from your customer account.
For any other requests to access, obtain, correct or delete your personal data we invite you to contact our data protection service.
1. Introduction
This page describes the principles with which CoffeeAvenue collects different types of customer data. The elements described on this page are explained in detail in CoffeeAvenue's data protection policy.
In order to respect your privacy as much as possible, this page also details the commitments regarding CoffeeAvenue's security and data protection policy.
Definitions
In order to avoid an imprecise interpretation, here are some elements to help you understand the terms used:
Personal data: Any information relating to an identified or identifiable natural person is deemed to be an "identifiable natural person" an actual person who can be identified, directly or indirectly.
Processing: any operation or set of operations performed or not using automated processes and applied to personal data or data sets (collection, recording, transmission, storage, retention, extraction, consultation, use, interconnection, segmentation, etc.).
2. Data controller
Any processing of personal information communicated to CoffeeAvenue is carried out under the responsibility of Bean2me SA, Rue des Alpes 21 - CH-1201 Geneva, registered with the RC of Geneva under number CHE-208.438.335
How do we collect data about you?
Collecting personal data (such as your name and contact information) is most often based on your customer or other relevant relationship with us. For example, we collect data when you perform actions on our service, register as a site user, use CoffeeAvenue's service or provide us with other information.
When you use CoffeeAvenue's network and communications services, such as for making a call, creating your customer account or sending an email, the identifying data is stored in our systems for service use.
When you visit or load CoffeeAvenue website pages, you leave us with different types of anonymous browsing data, such as your IP address and browsing history. The operation of the service is based on the use of cookies.
We may collect data based on your consent.
We record customer service calls in order to verify the actual discussion, if necessary.
We also collect data from our potential customers when they participate in contests, raffles or customer events.
3. What kind of data do we collect?
This information includes your surname, first name, address, phone number, email address, birth date, direct marketing and consent information, information about the person contacting the company, company name, information provided by yourself, customer classification information, ordering, delivery, agreement and billing. We store what can be connected to you.
Data created and collected during communication includes information on the communicating parties, connection time, routing information, data transfer protocol, connection format and location information.
When browsing the Internet, "measurement data" is collected using cookies. This data cannot be associated with a person.
The customer information we collect helps us continually customize and improve your shopping experience on CoffeeAvenue's service. We use this information to process orders, deliver products and services, process payments and communicate with you about your orders, products, services and promotional offers, store and update our files, consequently your accounts with us, make content such as wish lists and customer reviews available to you, and recommend products and services that may be of interest to you. We also use this information to improve our shops and websites, prevent or detect fraud or abuse on our website, and allow third parties to provide technical, logistical or other functions for our behalf.
4. What type of information do we collect?
4.1 Information you provide us
We collect and record all the information you provide to us via our Website or other means. You may choose not to give us certain information, but this decision may limit the use of our service. We use the information you provide us, in particular, in order to respond to your requests, customize your future purchases, improve our service and otherwise communicate with you.
4.2 Information collected automatically
Every time you make contact with us, we receive and record certain types of information. Similiar to many other internet websites, we primarily use cookies and obtain certain types of information when your browser accesses the CoffeeAvenue website, or from advertisements and other content displayed on other internet sites by or on behalf of CoffeeAvenue.
4.3 Email information
To maximize the usefulness and interest of our emails, if your computer allows it, we frequently receive confirmation of the emails, sent by CoffeeAvenue, that you have opened. If you wish to no longer receive emails from us, just notify us via your account page.
5. How do we manage your information?
Please note that Bean2me SA staff, its subsidiaries and subcontractors act under a confidentiality agreement when processing data about you.
We maintain the confidentiality of your data and ensure that it is used for predefined purposes only.
Your data is processed for the purposes of producing and delivering agreed communication and other services, such as service development, billing, providing you with the best and most complete service possible, and informing you about our services.
We also use your data to communicate with customers, such as sending information about our services and for direct marketing purposes.
We also use the customer profile data for billing purposes, determining usage amounts, the length of the customer relationship and external classifications. We use both summary and people-specific usage data to create target marketing groups.
We process the data of our potential customers for direct marketing purposes.
We strive to ensure that customer data is up-to-date and correct.
We remove outdated and unnecessary data whenever possible.
We protect all data about you through task-based personal access rights and prevent third parties from accessing the data.
6. Where do we send your data?
We submit your data, only to the extent permitted by applicable legislation and as indicated in the file description, to authorities and other telecommunication companies.
When we use subcontractors, we will sign a security agreement with them that also covers the use of your data. We are also responsible for handling this kind of manipulation for you.
CoffeeAvenue's data protection policy
The purpose of this data protection policy is to describe the principles and practices we observe at CoffeeAvenue to ensure our client’s privacy, communication confidentiality, and legal protection.
CoffeeAvenue regularly updates this policy as operations or services change or develop. For this reason, we always encourage you to regularly review the most updated statement.
CoffeeAvenue's important core values include the confidentiality of customer data and communication, as well as the protection of customer privacy in all business operations. When handling our customers' personal data, we comply with French law, orders and instructions from the authorities, and good data processing practices.
CoffeeAvenue implements a high level of data protection. Personal and identification data, as well as location-related data, are collected only for specific legal and predefined purposes, and are not treated in a manner inconsistent with these objectives.
We protect the security of your personal information during transmission by using SSL (Secure Sockets Layer) software that encrypts the information you enter before being sent to us.
We maintain physical, electronic and backup security measures in connection with the collection, retention and disclosure of customers' personal information Our security procedures may lead us to ask you for proof of your identity before we can share your personal information with you.
We constantly train our staff on the principles of data processing and monitor data use by appropriate means.
7. The standard principles of customer data management
Personal data processing must always be justified for CoffeeAvenue's operations. CoffeeAvenue has defined the objective of collecting, manipulating and submitting personal data in the next section.
CoffeeAvenue only processes the customer data necessary for its operations, as such defined for the purpose indicated in the file description for the customer register. We strive not to process incorrect, incomplete or outdated data.
The processing of customer data is usually based on a relevant relationship, information received when using or registering for a service, or when giving your consent. We may also process your data for other reasons, such as at your request, or when required by law. Your information may be processed within CoffeeAvenue. We encourage our customers to update their contact information on a regular basis.
We record your conversations with our customer service to verify a business transaction, respond to your requests, monitor and develop the quality of service.
Please note that as a CoffeeAvenue customer, you have the right to verify what data about you has been stored in our information system, or that there is no data about you in our files. You may also refuse the use your data in accordance with the relevant legislation. An inspection may be carried out once a year at no cost. The request for a data inspection must be made with a document signed by both you and CoffeeAvenue.
Collecting, storing, extracting and processing personal data
8. Register of data collected directly via the CoffeeAvenue services
Contact form
Collected data: email and message
Purpose: Customer relationship management
Data retention: Database registration
Conservation period: 2 years
Data Access: CoffeeAvenue's customer service department
Is the data stored or processed outside of Switzerland: No
Creating a customer account
Information collected: surname, first name, address, phone number, email address, birth date, direct marketing and consent information, information furnished by the person contacting the company, company name, information provided by yourself, customer classification information, ordering, delivery, agreement and billing. We store what can be connected to you.
Desired purpose: Order / Order Tracking / Address / Returns / Credits / Loyalty management
Data retention: Database registration
Conservation period: Customer life / Customers who have been inactive for 2 years are removed
Data Access: Logistics (partially, only data related to processing and shipping your order) / Marketing / Customer service
Is the data stored or processed outside of Switzerland: No
Newsletter opt-in form
Data collected: email
Desired purpose: Email marketing
Data retention: Opt-in to the database
Conservation period: Customer's opt-in period excluding client refusal
Data Access: Marketing
Is the data stored or processed outside of Switzerland: Yes
You can exercise your right to access your data and have it corrected via the contact button at the top of this page
9. Register of data transmitted to subcontractors via CoffeeAvenue services
Provider information: https://www.facebook.com/
Provider's location:The United States
Purpose: Connect to your customer account on the website via your Facebook account
Is the data stored or processed outside the EU: Yes
Provider's RGPD Charter: https://www.facebook.com/
Google Analytics
Provider information: https://analytics.google.com/analytics
Provider's location:The United States
Purpose: Site traffic analysis + Remarketing
Is data stored or processed outside the EU: Yes
Provider's RGPD Charter: https://privacy.google.com/intl/fr_fr/businesses/compliance/
Google Adwords
Service provider: https://adwords.google.com
Provider’s location: The United States
Purpose: Advertising + Remarketing
Is the data stored or processed outside the EU: Yes
Provider's RGPD Charter: https://privacy.google.com/intl/fr_fr/businesses/compliance/
Mailchimp Service provider: https://mailchimp.com/
Provider's location:The United States
Purpose: Email marketing
Is data stored or processed outside the EU: Yes
Provider's RGPD Charter: https://kb.mailchimp.com/fr/accounts/management/about-the-general-data-protection-regulation
10. Sending and sharing data
CoffeeAvenue may only submit your data to third parties in accordance with applicable legislation. We submit information to the authorities on request, for example the police and security authorities, as well as other authorities on the grounds specified by legislation.
Customer information is an important part of our business and our job is not to trade in it. CoffeeAvenue controls the sharing of this data, which is either subject to this privacy policy, or rules apply to it that are at least as protective as those described in this privacy policy.
In addition, we may submit your data to subcontractors, in which case we will ensure that data privacy is maintained, and in this case, we will also be responsible for data management. If we process your data outside the EU region, we will protect your data by ensuring that the subcontractor safeguards that the data be processed appropriatly.
Processing of identification and location data linked to e-communication.
CoffeeAvenue treats all data and messages created during communication as confidential. Our staff is bound by a confidentiality agreement and are forbidden to make use of messages or other confidential information. When communication is done via a network, it always leaves a trace. These traces are called identification data, and can be connected to a person. These network traces are created, for example, when making telephone calls, sending electronic messages, SMS messages and surfing the Internet, and may contain information about the callers, the connection route or routing, the data transfer protocol used, the event and terminals used or their location.
CoffeeAvenue manages communication and location identification information in accordance with current law for the purpose of, for example, the implementation and use of services, billing, technical development, consent, and marketing. Data may also be used to bill other service providers as long as necessary.
CoffeeAvenue may also manage identification data in case of misuse, data breach and for repairing outages.
In all of the above situations, we only process identification and location data to the extent that it is necessary to accomplish a specific task.
11. Use of location data
A method of location in real-time, where a person can track where another person is, which requires the consent of the person to be localized. The customer may not be located at all if they refuse or turn off geolocation services.
If we submit location information to location service providers, we make sure, by appropriate means, that there is consent from the person to locate.
People authorized to manage identification and location data
Only specific people at CoffeeAvenue, whose work requires access to identification and location data, may process this data.
In practice, permission is only granted to people performing tasks related to billing, maintenance or network development or communication services, the prevention and investigation of abuse, customer service and marketing. People who have the right to manipulate the data can only manage it to the extent required to perform individual tasks.
Duration of identification, location and storage data processing
We process identification and location data for as long as necessary for billing, technical development, outage repair, marketing, misuse investigation or data security. However, manipulation only takes place to the extent required by the actions and without unduly compromising the confidentiality of a message and the protection of privacy.
We store data required for billing purposes for a minimum of one year and for no more than three years from the invoice due date, unless there is a need to keep the data for a longer period of time, related to the collection of the invoice. Otherwise, the data is stored to the extent permitted and required by relevant legislation.
12. Websites, visit tracking
We also collect data on website visits. This data includes the IP address and corresponding DNS name, the organization that registered the IP address, the name and address of the page visited, the time the page was loaded, and the type of browser.
Please note that an IP address is an identification tool required for the operation of the Internet, it is used to direct messages transmitted over the Internet to appropriate locations. As a general rule, the IP address is not connected to the person using the computer, but it may be connected to the organization that registered the IP address. The IP address connection may be established at the request of the authorities.
Cookies
As a CoffeeAvenue customer, you can visit our websites anonymously. However, like most internet websites, we use cookie technology. When you view our website, the cookie sets a random number to the browser that doesn't indicate your identity. Cookies help CoffeeAvenue determine which sections of its websites are most popular, where visitors go, and how long they stay. The data is used to implement and develop services and target advertisements on Internet websites.
You can prevent cookie storage by modifying your browser settings. In some cases, prevention may slow down or make it impossible to navigate pages or websites.
13. Data security
We ensure the security of our services' data by using methods that are proportionate to the severity and sophistication of the threats and the cost.
CoffeeAvenue takes care to carry out actions to prevent data security breaches or eliminate data security disruptions. In addition, we use all means to ensure that the confidentiality of messages or privacy protection is not unduly compromised when performing the above actions.
We provide information on the data security actions of our services and other data security issues through appropriate channels, such as our website or customer newsletters.
In order to prevent data security breaches and eliminate data security disruptions, we may, among other things, prevent the receipt of electronic messages, remove viruses and other malware from messages and take other comparable technical measures necessary within the specified limits permitted and required in relevant legislation. We use physical, administrative and technical safeguards to keep messages and identification data from being transmitted over the communication network. These actions reduce the risk of data about you being disclosed to third parties and prevent misuse or any other unauthorized access. Some of our services also use standardized encryption methods.
Please note that as a user of CoffeeAvenue services, you should use the most appropriate methods to ensure your own data security. We encourage you to store and use our services and your electronic devices carefully and monitor their use, for example by using secure codes and unique passwords, and to use sufficient antivirus and firewall services, keeping them and the operating system as up-to-date.
14. Customer communication and direct marketing
CoffeeAvenue sends customer messages about its products and services to its customers via permissions available in the customer account.
CoffeeAvenue also sends direct marketing messages electronically. You have the right to block CoffeeAvenue from sending direct marketing messages. You can ban any marketing by following the instructions included in the direct marketing message or via your customer account page available on our website.