Corporate Privacy and Data Security Policy

Data Controller: Fresh Coffee (BRS) Ltd (Registered in England and Wales, Company No. 16769635)
Registered Office: 38 Over Lane, Almondsbury, Bristol, BS32 4BP, United Kingdom
Effective Date: June 2026 (Updated for Cross-Border UK/ROI Compliance)
Digital Queries: hello@coffeeb.co.uk

Welcome to CoffeeB UK. This Privacy Policy details how Fresh Coffee (BRS) Ltd ("we", "us", or "our") collects, utilises, stores, and protects personal data obtained from visitors, registered users, and consumers executing transactions or establishing subscriptions on our digital platform, www.coffeeb.co.uk (the "Website").

We are fully committed to protecting your privacy and ensuring the absolute security of your financial and personal data. In strict adherence to UK legal requirements and statutory data rights, all personal information is processed in accordance with the UK

General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and relevant cross-border data transfer regulations.

1. Information We Collect

To efficiently process commercial transactions, manage recurring subscription profiles, and deliver an optimised browsing experience, we collect the following categories of information:

• Identity and Contact Data: Your full name, delivery address, billing address, email address, and telephone number. This includes data provided when finalising checkout transactions, creating user credentials, or registering for alerts and newsletters.
• Subscription and Account Data: Automated digital dashboard login credentials, recurring billing preferences, transaction histories, and specific active subscription parameters managed via our integrated industry-standard software frameworks.
• Financial Data: Secure credit card or payment account tokens. To guarantee that your payment data remains completely confidential, hidden, and protected from unauthorized access, all online payments leverage premium, industry-standard cryptographic architectures, encryption procedures, and tokenization via platforms such as Shopify, ReCharge, PayPal, Visa, Mastercard, Amazon Pay, American Express, Google Pay, and Apple Pay.
  
  We do not store raw credit card numbers on our local systems.
• Technical and Usage Data: Internet protocol (IP) addresses, browser specifications, operating system data, session paths, cookies, and related digital tracking indicators gathered as you access and navigate our Website platform.

2. How We Use Your Personal Data

We leverage personal information strictly for lawful corporate purposes, including the following operations:

• Order Fulfilment and Contract Performance: Processing, packing, and dispatching commercial orders from our UK warehouse. This includes sharing necessary data with our designated fulfilment partners (such as Royal Mail for smaller packages or our courier network for larger shipments requiring a physical signature).
• Cross-Border Regulatory Management: For orders delivering to the Republic of Ireland, your information is used to compute local Irish VAT, verify applicable EU customs duties, and generate necessary transit documentation to ensure parcels pass seamlessly through border controls.
• Subscription Administration: Deploying recurring billing sequences, managing automatic account profiles, and facilitating user-driven modifications, updates, or cancellations via digital dashboards.
• Contextualised Digital Marketing: We securely utilise contextualised customer profile parameters to present the most relevant coffee products and exclusive consumer updates to users via digital marketing methodologies, both on and off our core web domain.
  

Strict Anti-Spam Commitment The coffeeb.co.uk platform enforces a strict anti-spam policy. We do not transmit unsolicited electronic correspondence. Email addresses are safely compiled exclusively from opted-in alerts, marketing registrations, and newsletters. These channels are utilized strictly to communicate vital platform updates, product releases, and exclusive consumer offers. All users retain the absolute right to opt-out or unsubscribe at any given time via the links provided at the footer of our electronic communications.

 

3. Data Sharing and Third Parties

We do not sell, lease, or rent customer email lists, demographic profiles, or identifying customer information to external third parties for independent commercial exploitation. Your personal data is disclosed to third parties exclusively when required to fulfill our direct sales contract with you, under the following circumstances:

1. Fulfilment and Courier Partners: Disclosing identity and physical delivery addresses to logistics organisations (e.g., Royal Mail and contracted courier agencies) to execute local UK and cross- border Republic of Ireland deliveries.

2. Financial Services Providers: Transmitting transactional variables through highly secure, tokenised payment gateways to authorise funds and process authorised refunds.

3. Regulatory and Legal Authorities: Disclosing relevant system logs or customer identities to law enforcement authorities where a material breach of contract or criminal abuse occurs (such as cyber attacks, DoS, or DDoS interventions under the Computer Misuse Act 1990), or where explicitly required by statutory UK legal frameworks.

4. Data Retention and Security:

Data protection and financial security are integrated at the highest operational level across our infrastructure:

• Retention Limits: Personal data is preserved only for the duration necessary to satisfy the commercial purposes for which it was gathered, including legal, accounting, subscription billing cycles, or formal regulatory reporting constraints.
• Security Infrastructure: We maintain robust technical, organisational, and physical safeguards to prevent accidental loss, unauthorised access, alteration, or disclosure of information. While we make every effort to maintain a secure platform, access is permitted on a temporary basis, and consumers are strongly advised to deploy their own robust virus protection software when interacting with online networks.
• Account Accountability: Where users are allocated secure user identification codes,
  subscription login details, or passwords, they must treat such credentials as strictly confidential.

The user remains solely and exclusively responsible for protecting these credentials and modifying subscription preferences through their personal digital dashboard.

5. Your Statutory Legal Rights

Pursuant to UK data protection legislation, consumers possess clear legal safeguards regarding their personal records. These rights include:

• The right to request access to and obtain copies of the personal data held by us.
• The right to demand immediate rectification of any inaccurate, incomplete, or out-of-date information.
• The right to request the erasure of personal records (" right to be forgotten"), subject to overriding legal, tax, or active subscription billing constraints.
• The right to withdraw explicit marketing consent or opt-out of contextualised advertising profiles at any point without cost.

6. Policy Adjustments and Amendments

We reserve the right to amend or update this Privacy Policy at any time without prior notice to reflect operational adjustments, platform inventory updates, or legal changes under English law. Any modifications will take effect immediately upon being formally posted on the Website. It remains the user's responsibility to review this page periodically to remain informed of our data security practices.

 

7. Contact and Administrative Queries

If you wish to exercise any of your statutory data rights, submit a privacy query, report suspicious account activity, or require technical assistance regarding your data profile, please reach out to our dedicated administration team:
Fresh Coffee (BRS) Ltd
Administration and Data Compliance Team
38 Over Lane, Almondsbury, Bristol, BS32 4BP, United Kingdom
Operational Point of Contact for Digital Queries: hello@coffeeb.co.uk