Privacy Policy for Meander Mug

At Meander Mug, we are committed to protecting your privacy and handling your personal data responsibly. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, use our services, or interact with us.

1. Information We Collect

We may collect various types of information, including personal data, to provide and improve our services to you.

• Personal Identification Information: This includes your name, email address, phone number, and billing address when you make a purchase, subscribe to our coffee subscription service, or sign up for event catering.
• Payment Data: We collect information necessary to process your payments, such as payment card details. This information is processed by secure third-party payment processors, and we do not store sensitive payment card details on our servers.
• Usage Data: Information about how you access and use our online platform, including your IP address, browser type, operating system, referral sources, pages viewed, and the duration of your visit. This helps us understand how our site is used and how we can improve it.
• Communication Data: Records of your communications with us, including emails and customer service interactions.
• Subscription Preferences: Details regarding your preferences for our coffee subscription service, including coffee type, delivery frequency, and quantity.

2. How We Use Your Information

We use the information we collect for various purposes, including:

• Providing and Managing Services: To process your orders for freshly brewed coffee, artisanal pastries, light lunches, specialty teas, and regional coffee beans. To manage your coffee subscription, catering requests, and co-working space bookings.
• Communication: To communicate with you about your orders, subscriptions, service updates, and to respond to your inquiries.
• Marketing and Promotions: To send you newsletters, special offers, and information about new products or services that may be of interest to you, based on your preferences. You can opt out of marketing communications at any time.
• Improvement of Services: To analyze usage patterns, troubleshoot problems, and improve the user experience of our online platform and the quality of our offerings.
• Security and Fraud Prevention: To protect our legitimate business interests, prevent fraud, and ensure the security of our services and data.
• Legal Compliance: To comply with applicable laws, regulations, and legal processes.

3. Legal Basis for Processing Personal Data

We process your personal data based on the following legal grounds under the General Data Protection Regulation (GDPR):

• Performance of a Contract: When processing is necessary for the performance of a contract to which you are a party (e.g., fulfilling your coffee order or subscription).
• Legitimate Interests: When processing is necessary for our legitimate interests or those of a third party, and your interests and fundamental rights do not override those interests (e.g., improving our services, preventing fraud, direct marketing where consent is not required).
• Consent: When you have given us explicit consent for specific processing activities (e.g., sending you marketing communications, where required). You have the right to withdraw your consent at any time.
• Legal Obligation: When processing is necessary for compliance with a legal obligation to which we are subject.

4. Sharing Your Information

We do not sell your personal data. We may share your information with:

• Service Providers: Third-party vendors who perform services on our behalf, such as payment processing, website hosting, email delivery, and analytics. These providers are obligated to protect your information and use it only for the purposes for which it was provided.
• Legal Requirements: If required to do so by law, in response to a subpoena or similar legal process, or to protect our rights, property, or safety, and the rights, property, or safety of others.
• Business Transfers: In connection with any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.

5. Data Retention

We retain your personal data for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements. When we no longer need your data, we will securely delete or anonymize it.

6. Your Data Protection Rights (GDPR)

Under GDPR, you have the following rights regarding your personal data:

• The right to access: You have the right to request copies of your personal data.
• The right to rectification: You have the right to request that we correct any information you believe is inaccurate or complete information you believe is incomplete.
• The right to erasure: You have the right to request that we erase your personal data, under certain conditions.
• The right to restrict processing: You have the right to request that we restrict the processing of your personal data, under certain conditions.
• The right to object to processing: You have the right to object to our processing of your personal data, under certain conditions.
• The right to data portability: You have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions.
• The right to withdraw consent: Where we rely on your consent to process your personal data, you have the right to withdraw that consent at any time.

To exercise any of these rights, please contact us using the details provided below. We will respond to your request within one month.

7. Cookies and Tracking Technologies

Our online platform uses cookies and similar tracking technologies to enhance your browsing experience, analyze site traffic, and personalize content. You can manage your cookie preferences through your browser settings.

8. Security Measures

We implement appropriate technical and organizational measures to protect your personal data from unauthorized access, loss, misuse, alteration, or destruction. However, no internet transmission is entirely secure, and we cannot guarantee absolute security.

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. We will notify you of any significant changes by posting the new Privacy Policy on this page and updating the "last updated" date.

10. Contact Us

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us:

Meander Mug

17 Weir Lane,

Isle of Dogs,

London, E14 8LG,

United Kingdom