Privacy policy
PRIVACY AND COOKIE POLICY
CAFELIER LIMITED respects your privacy and is committed to protecting your personal information.
This Privacy and Cookie Policy explains how we collect, use, store and share personal information when you:
-
visit or use our website;
-
create a customer account;
-
place or attempt to place an order;
-
contact our customer support team;
-
subscribe to marketing communications;
-
submit a product review;
-
participate in a promotion; or
-
otherwise interact with our online store.
This policy also explains how we use cookies and similar technologies.
1. WHO WE ARE
CAFELIER LIMITED is the controller responsible for the personal information described in this policy.
Trade name: CAFELIER LIMITED
Email: sale@cafeliershop.com
Registered business address: 17 City North Place, London N4 3FU, United Kingdom
Company number: 17311499
For privacy-related questions or requests, contact us at:
Please include “Privacy Request” in the subject line where possible.
2. DATA PROTECTION LEGISLATION
We process personal information in accordance with applicable data protection and electronic communications legislation, including:
-
the UK General Data Protection Regulation;
-
the Data Protection Act 2018;
-
the Privacy and Electronic Communications Regulations 2003; and
-
other applicable privacy, consumer protection and electronic marketing laws.
Nothing in this policy limits any rights available to you under applicable law.
3. PERSONAL INFORMATION WE COLLECT
The personal information we collect depends on how you interact with our website and services.
3.1 Identity and contact information
We may collect:
-
your full name;
-
billing address;
-
delivery address;
-
email address;
-
telephone number;
-
account username;
-
account identification information; and
-
recipient details where an order is sent to another person.
3.2 Order and transaction information
We may collect:
-
products viewed, added to a basket or purchased;
-
order number;
-
order date;
-
order value;
-
billing and delivery information;
-
discount codes;
-
delivery method;
-
order status;
-
tracking information;
-
returns, refunds and replacement information;
-
customer service history; and
-
information relating to disputes or payment reversals.
3.3 Payment information
Payments are normally processed by independent payment service providers.
Depending on the payment method used, we may receive limited payment-related information, such as:
-
payment confirmation;
-
payment status;
-
payment method type;
-
transaction reference;
-
billing name and address;
-
card type;
-
the last digits of a payment card; and
-
fraud or risk assessment information.
We do not normally receive or store full payment card numbers, card security codes or complete banking credentials.
Payment providers process payment information under their own privacy policies and security procedures.
3.4 Account information
If you create a customer account, we may collect:
-
your login details;
-
account preferences;
-
saved addresses;
-
saved products;
-
order history; and
-
account activity.
You are responsible for keeping your account credentials confidential.
3.5 Customer service and communications information
When you contact us, we may collect:
-
correspondence by email or through contact forms;
-
questions and complaints;
-
return and refund requests;
-
product photographs or videos;
-
delivery-related information;
-
call records, where applicable;
-
survey responses; and
-
any other information you choose to provide.
Please avoid sending sensitive personal information unless it is necessary for us to assist you.
3.6 Technical and device information
When you use our website, we and our service providers may automatically collect:
-
Internet Protocol address;
-
browser type and version;
-
device type;
-
operating system;
-
approximate location derived from an IP address;
-
time zone;
-
language settings;
-
referring website;
-
pages visited;
-
links selected;
-
session information;
-
error reports;
-
website interaction data;
-
cookie identifiers; and
-
similar technical information.
3.7 Marketing and preference information
We may collect:
-
email marketing preferences;
-
cookie preferences;
-
product interests;
-
communication preferences;
-
responses to promotional campaigns; and
-
information about interactions with marketing messages.
3.8 Reviews and user-generated content
If you submit a product review or other public content, we may collect:
-
your name or chosen display name;
-
review text;
-
rating;
-
photographs or videos;
-
product information; and
-
information about the submission.
Reviews may be displayed publicly on our website. Do not include information in a review that you do not want to make public.
3.9 Fraud prevention and security information
We may collect or generate information relating to:
-
suspected fraudulent transactions;
-
unusual account activity;
-
payment risk;
-
delivery risk;
-
account security;
-
attempted unauthorised access;
-
chargebacks; and
-
breaches of our terms.
We do not normally seek to collect special category personal data, such as information concerning health, ethnicity, religion, political opinions or sexual orientation.
4. HOW WE COLLECT PERSONAL INFORMATION
We collect personal information from several sources.
4.1 Information provided directly by you
We collect information when you:
-
place an order;
-
create or update an account;
-
contact us;
-
request a return or refund;
-
subscribe to marketing;
-
complete a form;
-
submit a review; or
-
otherwise provide information to us.
4.2 Information collected automatically
We may collect technical and usage information through:
-
cookies;
-
pixels;
-
tags;
-
local storage;
-
scripts;
-
server logs; and
-
similar technologies.
Non-essential technologies are used only after any consent required by law has been obtained, unless a legal exception applies.
4.3 Information received from service providers
We may receive information from:
-
website and hosting providers;
-
payment processors;
-
fraud prevention providers;
-
fulfilment providers;
-
product suppliers;
-
warehouse operators;
-
delivery companies;
-
customs agents;
-
customer support platforms;
-
analytics providers;
-
advertising platforms; and
-
other business service providers.
For example, a delivery company may provide tracking updates, delivery confirmation or information about an unsuccessful delivery attempt.
5. HOW WE USE PERSONAL INFORMATION
We may use personal information for the following purposes.
5.1 Processing and delivering orders
We use information to:
-
accept and process orders;
-
verify order details;
-
take and confirm payment;
-
send order confirmations;
-
arrange packing and dispatch;
-
provide delivery information;
-
process customs documentation where required;
-
communicate about an order;
-
manage returns, repairs, replacements and refunds; and
-
fulfil our contractual obligations.
5.2 Operating a fulfilment-based retail service
Some orders may be prepared, packed or dispatched by fulfilment providers, product suppliers, warehouse operators or logistics partners acting on our behalf.
To process and deliver an order, we may provide these partners with information such as:
-
customer or recipient name;
-
delivery address;
-
telephone number;
-
email address where required for delivery;
-
products ordered;
-
order reference;
-
selected delivery service; and
-
customs information where applicable.
These partners should use the information only as necessary to prepare, dispatch, deliver or support the relevant order, subject to their legal and contractual obligations.
An order may be dispatched in more than one parcel or from more than one location.
5.3 Customer service
We use information to:
-
respond to questions;
-
investigate complaints;
-
provide product and delivery support;
-
resolve payment or order issues;
-
communicate about returns and refunds; and
-
maintain records of customer correspondence.
5.4 Website operation and improvement
We may use information to:
-
operate and maintain our website;
-
remember customer preferences;
-
improve navigation and performance;
-
identify technical errors;
-
understand how customers use the website;
-
improve products and services;
-
develop new website features; and
-
measure the effectiveness of content and campaigns.
5.5 Security and fraud prevention
We may use information to:
-
verify transactions;
-
protect customer accounts;
-
prevent fraudulent orders;
-
identify suspicious activity;
-
protect our website and systems;
-
enforce our terms;
-
investigate security incidents; and
-
establish, exercise or defend legal claims.
5.6 Legal and regulatory compliance
We may use and retain information to:
-
maintain accounting and tax records;
-
comply with company law;
-
respond to lawful requests from authorities;
-
comply with court orders;
-
meet consumer protection obligations;
-
manage product safety matters;
-
prevent unlawful activity; and
-
comply with other legal obligations.
5.7 Marketing
Where legally permitted, we may use contact and preference information to send:
-
product announcements;
-
special offers;
-
store news;
-
promotional messages;
-
abandoned basket reminders; and
-
information about products that may be of interest.
You may unsubscribe from marketing emails at any time by using the unsubscribe link included in the message or by contacting us at sale@cafeliershop.com.
Unsubscribing from marketing does not stop service communications concerning an order, account, return, refund or other transaction.
6. LAWFUL BASES FOR PROCESSING
We process personal information only where we have an appropriate lawful basis.
6.1 Contract
We process information where necessary to:
-
take steps at your request before entering into a contract;
-
process an order;
-
collect payment;
-
deliver products;
-
provide customer support connected with a purchase; or
-
manage a return, replacement or refund.
Without certain information, such as your name, delivery address and contact details, we may be unable to process an order.
6.2 Legal obligation
We process information where necessary to comply with legal obligations, including:
-
accounting and tax requirements;
-
consumer protection requirements;
-
product safety obligations;
-
fraud prevention requirements;
-
legal disclosure requirements; and
-
regulatory investigations.
6.3 Legitimate interests
We may process information where necessary for our legitimate business interests, provided those interests are not overridden by your rights.
These interests may include:
-
operating and improving our business;
-
providing customer support;
-
maintaining website and account security;
-
preventing fraud;
-
understanding store performance;
-
protecting legal rights;
-
managing disputes;
-
keeping appropriate business records; and
-
communicating with existing customers about related products where legally permitted.
We consider the nature of the information, the purpose of processing and the potential effect on individuals before relying on legitimate interests.
6.4 Consent
We rely on consent where required, including for:
-
certain marketing communications;
-
advertising cookies;
-
non-exempt analytics technologies;
-
personalisation technologies; and
-
other non-essential cookies or similar technologies.
You may withdraw consent at any time. Withdrawal does not affect processing that took place before consent was withdrawn.
6.5 Legal claims
Where necessary, we may process information to establish, exercise or defend legal claims or protect the rights of CAFELIER LIMITED, our customers or other parties.
7. WHEN WE SHARE PERSONAL INFORMATION
We do not disclose personal information to third parties except as described in this policy or where otherwise permitted or required by law.
We may share information with the following categories of recipients.
7.1 Website, e-commerce and hosting providers
These providers help us:
-
host and operate the store;
-
manage customer accounts;
-
process orders;
-
maintain website security;
-
store data;
-
manage store functionality; and
-
provide technical support.
7.2 Payment processors
Payment providers process transactions and may conduct fraud, identity and payment verification checks.
Their processing may be subject to separate privacy policies.
7.3 Fulfilment providers and product suppliers
We may share order information with fulfilment providers, suppliers and warehouse operators that prepare, package or dispatch products.
Information is limited to what is reasonably necessary to process the order and provide related support.
7.4 Delivery and logistics providers
We may share information with:
-
postal services;
-
couriers;
-
freight providers;
-
customs agents;
-
import and export service providers;
-
delivery tracking services; and
-
local delivery partners.
This may include the recipient’s name, address, telephone number, email address, order reference and customs information.
7.5 Customer support and communications providers
We may use providers that help us operate:
-
email services;
-
contact forms;
-
help desks;
-
customer relationship management systems;
-
review systems;
-
survey tools; and
-
transactional messaging.
7.6 Analytics and advertising providers
Subject to applicable consent requirements, we may share or allow the collection of technical and usage information by:
-
analytics providers;
-
search engines;
-
advertising networks;
-
social media platforms;
-
conversion measurement providers; and
-
marketing technology providers.
These providers may use cookies or similar technologies to measure website use or deliver relevant advertising.
7.7 Professional advisers
We may share information with:
-
accountants;
-
auditors;
-
insurers;
-
banks;
-
legal advisers;
-
tax advisers; and
-
other professional consultants.
7.8 Authorities and legal recipients
We may disclose information where reasonably necessary to:
-
comply with law;
-
respond to a court order;
-
cooperate with law enforcement;
-
respond to tax or regulatory authorities;
-
protect against fraud;
-
investigate unlawful conduct;
-
protect rights or safety; or
-
establish, exercise or defend legal claims.
7.9 Business transactions
If CAFELIER LIMITED is involved in a merger, acquisition, restructuring, sale of assets, financing or insolvency process, personal information may be disclosed to relevant advisers, prospective purchasers, lenders or other parties.
Any recipient will be expected to protect the information and use it only for appropriate purposes.
8. INTERNATIONAL DATA TRANSFERS
Some service providers, fulfilment partners, suppliers or technology providers may operate outside the United Kingdom.
As a result, personal information may be transferred to or accessed from countries outside the United Kingdom.
Where a restricted international transfer is made, we will take steps required by applicable law. Depending on the destination and recipient, these steps may include:
-
relying on UK adequacy regulations;
-
using the UK International Data Transfer Agreement;
-
using the UK Addendum to approved contractual clauses;
-
implementing other legally recognised safeguards;
-
completing an appropriate transfer risk assessment or data protection test; or
-
relying on a permitted legal exception where appropriate.
No transfer method can remove every risk associated with international processing, but we require appropriate protection where the law requires it.
You may contact us for further information about the safeguards relevant to your personal information.
9. DATA SECURITY
We use reasonable technical and organisational measures designed to protect personal information against:
-
unauthorised access;
-
accidental loss;
-
alteration;
-
disclosure;
-
misuse;
-
destruction; and
-
unlawful processing.
Measures may include:
-
access controls;
-
account authentication;
-
encrypted communications;
-
secure hosting;
-
payment security controls;
-
staff and contractor confidentiality requirements;
-
monitoring and logging;
-
service provider assessments; and
-
incident response procedures.
However, no website, internet transmission or electronic storage system can be guaranteed to be completely secure.
You should use a strong and unique password for your customer account and should not share your login credentials with others.
10. HOW LONG WE KEEP PERSONAL INFORMATION
We retain personal information only for as long as reasonably necessary for the purposes described in this policy, including legal, accounting, tax, fraud prevention and dispute-resolution purposes.
Retention periods depend on:
-
the type of information;
-
the purpose for which it was collected;
-
legal requirements;
-
the existence of an ongoing customer relationship;
-
limitation periods for legal claims;
-
security and fraud risks; and
-
whether a dispute, complaint or investigation is ongoing.
We generally apply the following criteria:
10.1 Order and transaction records
Order, invoice, payment confirmation, refund and accounting records may normally be retained for up to six years from the end of the relevant financial period, or longer where required by law, an investigation or a legal claim.
10.2 Customer accounts
Account information may be retained while the account remains active and for a reasonable period after closure, unless earlier deletion is appropriate or longer retention is required.
10.3 Customer service records
Customer correspondence may be retained for a reasonable period after the enquiry is resolved. Records linked to a transaction, complaint, refund, chargeback or legal matter may be kept for longer.
10.4 Marketing information
Marketing information is retained until you unsubscribe, withdraw consent or we determine that the information is no longer necessary.
We may retain limited suppression information after an unsubscribe request to ensure that we do not send further marketing to the relevant address.
10.5 Fraud and security information
Fraud prevention and security records may be retained for as long as reasonably necessary to protect our services, customers and legal interests.
10.6 Cookie information
Cookie and similar technology retention periods vary depending on the purpose and provider.
Some cookies expire when the browser is closed. Others remain for a defined period or until deleted.
Further information about current categories and available controls should be displayed through our cookie consent or cookie settings tool.
When information is no longer required, we may delete, anonymise or securely restrict it.
11. YOUR DATA PROTECTION RIGHTS
Depending on the circumstances, you may have the following rights.
11.1 Right to be informed
You have the right to receive clear information about how your personal information is collected and used.
11.2 Right of access
You may request confirmation of whether we process your personal information and request a copy of that information.
11.3 Right to rectification
You may request correction of inaccurate personal information or completion of incomplete information.
11.4 Right to erasure
You may request deletion of personal information in certain circumstances.
This right is not absolute. We may need to retain information where required for legal compliance, fraud prevention, contractual obligations or legal claims.
11.5 Right to restrict processing
You may request that we restrict the use of personal information in certain circumstances.
11.6 Right to data portability
Where applicable, you may request certain information in a structured, commonly used and machine-readable format or ask for it to be transferred to another controller.
11.7 Right to object
You may object to processing based on legitimate interests in certain circumstances.
You have an absolute right to object to processing for direct marketing purposes.
11.8 Right to withdraw consent
Where processing is based on consent, you may withdraw that consent at any time.
11.9 Rights concerning automated decisions
Where applicable, you may have rights concerning decisions made solely through automated processing that produce legal or similarly significant effects.
We may use automated tools to assist with fraud screening, payment risk assessment or security. Where applicable law provides additional rights, we will respect those rights.
12. HOW TO EXERCISE YOUR RIGHTS
To exercise a data protection right, contact:
Please include:
-
your full name;
-
the email address connected with your account or order;
-
your order number, where relevant;
-
the right you wish to exercise; and
-
sufficient information to help us locate the relevant records.
We may request reasonable proof of identity to protect personal information from unauthorised disclosure.
We will respond without undue delay and normally within one month of receiving a valid request. The response period may be extended where permitted by law, including where a request is complex or multiple requests have been submitted.
There is normally no charge for exercising a data protection right. A reasonable fee may be charged, or a request may be refused, where permitted by law, such as where a request is manifestly unfounded or excessive.
13. COMPLAINTS
Please contact us first if you have concerns about how we process personal information.
You also have the right to complain to the Information Commissioner’s Office, the United Kingdom’s data protection supervisory authority.
You can obtain current complaint and contact information through the official Information Commissioner’s Office website.
If you live outside the United Kingdom, you may also have the right to contact the data protection authority in your country of residence.
14. MARKETING COMMUNICATIONS
We may send marketing communications where:
-
you have provided consent;
-
the law permits us to contact existing customers about similar products; or
-
another lawful electronic marketing exception applies.
Every marketing email should include a method of unsubscribing.
You can also unsubscribe by contacting sale@cafeliershop.com.
We may continue sending non-marketing communications, including:
-
order confirmations;
-
payment information;
-
delivery notifications;
-
account security messages;
-
responses to customer service requests;
-
return and refund updates; and
-
legally required notices.
We do not use an unsubscribe request as a reason to delete transaction records that we are legally permitted or required to retain.
COOKIE POLICY
15. WHAT ARE COOKIES?
Cookies are small data files stored on a computer, smartphone, tablet or other device when a website is visited.
Cookies can help a website:
-
function correctly;
-
remember customer preferences;
-
keep products in a shopping basket;
-
maintain secure sessions;
-
understand website use;
-
measure marketing performance; and
-
personalise content or advertising.
We may also use technologies that operate in a similar way, including:
-
pixels;
-
tags;
-
scripts;
-
web beacons;
-
local storage;
-
software development kits;
-
device identifiers; and
-
server-side tracking technologies.
References to cookies in this policy include these similar storage and access technologies where appropriate.
16. FIRST-PARTY AND THIRD-PARTY COOKIES
16.1 First-party cookies
First-party cookies are placed directly through our website.
They may be used to:
-
operate the shopping basket;
-
maintain account sessions;
-
remember cookie preferences;
-
process checkout;
-
improve website security; and
-
understand website performance.
16.2 Third-party cookies
Third-party cookies are placed or accessed by external service providers integrated with our website.
These may include providers of:
-
payment services;
-
analytics;
-
advertising;
-
social media features;
-
product reviews;
-
fraud prevention;
-
customer support;
-
embedded content; and
-
website functionality.
Third parties may process information under their own privacy and cookie policies.
17. SESSION AND PERSISTENT COOKIES
17.1 Session cookies
Session cookies are temporary and normally expire when the browser is closed.
They may be used for:
-
checkout navigation;
-
shopping basket functionality;
-
account sessions; and
-
website security.
17.2 Persistent cookies
Persistent cookies remain on a device for a defined period or until deleted.
They may be used to:
-
remember preferences;
-
recognise returning visitors;
-
measure website use;
-
remember marketing choices; and
-
support advertising.
18. CATEGORIES OF COOKIES WE MAY USE
18.1 Strictly necessary cookies
These cookies are required for essential website functions.
They may be used to:
-
keep the website secure;
-
maintain a shopping basket;
-
process checkout;
-
authenticate customer accounts;
-
prevent fraud;
-
balance website traffic;
-
remember cookie choices; and
-
provide services specifically requested by the user.
Because these cookies are necessary for the requested service or fall within another applicable legal exception, consent may not be required.
Blocking strictly necessary cookies through browser settings may prevent parts of the website from working correctly.
18.2 Functional and preference cookies
These cookies may remember choices such as:
-
language;
-
region;
-
currency;
-
display settings;
-
account preferences; and
-
previously selected website options.
Where consent is legally required, these cookies will not be activated until consent is provided.
Some preference technologies may be exempt from consent requirements where they are used only to implement a setting specifically requested by the user.
18.3 Analytics and performance cookies
These technologies help us understand:
-
how visitors reach the website;
-
which pages are visited;
-
how visitors move through the store;
-
whether errors occur;
-
how long pages take to load;
-
which products receive interest; and
-
whether website changes improve performance.
We will request consent before using analytics technologies unless their use meets an applicable legal exception.
Where a statistical purposes exception is relied upon, the technology will be used only within the limits of that exception, and an appropriate means of objecting will be provided where required.
18.4 Advertising and targeting cookies
These technologies may be used to:
-
measure advertising performance;
-
limit how often an advertisement is shown;
-
understand whether an advertisement led to a purchase;
-
create audience groups;
-
personalise advertising;
-
track activity across websites or services; and
-
support social media advertising.
Advertising and targeting technologies will not be activated until any consent required by law has been obtained.
18.5 Social media and embedded content technologies
Some pages may contain:
-
social media buttons;
-
videos;
-
maps;
-
product review tools;
-
chat features; or
-
other embedded third-party content.
These features may allow third parties to collect information about a device or interaction.
Where legally required, the relevant technologies will not be loaded until consent has been provided or the user activates the requested feature after receiving appropriate information.
19. COOKIE CONSENT
When you first visit our website, a cookie consent tool may allow you to:
-
accept non-essential cookies;
-
reject non-essential cookies;
-
select individual cookie categories; and
-
review additional information.
Non-essential cookies should remain disabled until you provide a valid choice, unless a legal exception applies.
Continuing to browse the website without taking a positive action will not, by itself, be treated as consent where consent is legally required.
Rejecting non-essential cookies should not prevent access to the main shopping functions of the website. However, certain optional features may be unavailable or function differently.
20. CHANGING COOKIE PREFERENCES
You may change or withdraw cookie consent at any time through the cookie settings control made available on the website.
Withdrawing consent does not affect the lawfulness of processing that took place before consent was withdrawn.
Changing preferences may not automatically delete cookies already stored on a device. Existing cookies can also be removed through browser or device settings.
21. BROWSER CONTROLS
Most browsers allow users to:
-
view stored cookies;
-
delete cookies;
-
block all cookies;
-
block third-party cookies;
-
receive a warning before a cookie is stored; and
-
manage site-specific permissions.
The steps differ between browsers and devices. Refer to the privacy or security settings in your browser for current instructions.
Blocking all cookies may affect:
-
shopping basket functionality;
-
account login;
-
checkout;
-
saved preferences;
-
payment processing; and
-
other website features.
22. COOKIE RETENTION
The duration of a cookie depends on its purpose and the provider setting it.
Cookies may last:
-
only for the browser session;
-
for several hours or days;
-
for several months; or
-
until they are manually deleted.
The current cookie settings tool should provide more detailed information about available categories, providers and durations where this functionality is supported.
We may periodically review and update our use of cookies.
23. THIRD-PARTY SERVICES
Third-party services may set or access cookies when their features are used or consent is provided.
Their use of information is governed by their own policies. We do not control the content or operation of third-party privacy policies.
Customers should review the relevant provider’s information where they wish to understand how that provider processes data.
24. CHILDREN’S PRIVACY
Our online store is intended for individuals who can lawfully enter into a purchase contract or who are using the store with the involvement of a parent or legal guardian.
We do not knowingly seek to collect personal information from children for behavioural advertising.
A parent or guardian who believes that a child has provided personal information without appropriate authorisation may contact us at sale@cafeliershop.com.
25. EXTERNAL LINKS
Our website may contain links to third-party websites.
We are not responsible for the privacy, security or content practices of websites operated by other organisations.
Customers should review the privacy and cookie policies of external websites before providing personal information.
26. CHANGES TO THIS POLICY
We may update this Privacy and Cookie Policy to reflect:
-
changes to our business;
-
new service providers;
-
website changes;
-
new technologies;
-
legal or regulatory developments; or
-
changes to how we process personal information.
The updated version will be published on our website with a revised “Last updated” date.
Where required by law, we will provide additional notice or request renewed consent.
27. CONTACT US
For questions, requests or complaints concerning this Privacy and Cookie Policy, contact:
CAFELIER LIMITED
17 City North Place
London N4 3FU
United Kingdom
Email: sale@cafeliershop.com
Company number: 17311499
Please include “Privacy Request” in the email subject line where possible.