Privacy Policy

INTRODUCTION

At Stone Cold Brew Coffee, your privacy is our priority. This Privacy Policy outlines how we collect, use, disclose, and protect your personal information when you visit our website, purchase our products, or otherwise interact with our services. We are committed to safeguarding your privacy and ensuring that your personal data is handled in compliance with applicable data protection laws, including the California Consumer Privacy Act (CCPA) and the General Data Protection Regulation (GDPR).

By accessing or using our website, purchasing our products, or engaging with us, you agree to the terms of this Privacy Policy. We encourage you to read this policy carefully to understand how your information is managed and your rights concerning your personal data.

Our business is driven by a dual commitment to excellence in coffee and a dedication to social impact. Every purchase you make contributes to the 1911 Initiative, a nonprofit organization focused on providing internships and mentoring programs for college-bound students. As we work together to create a positive impact, we remain committed to protecting the privacy of our customers and site visitors.

If you have any questions or concerns regarding this Privacy Policy or how we handle your personal information, please contact us using the information provided in the Contact Information section.

INFORMATION WE COLLECT

At Stone Cold Brew Coffee, we collect various types of information to ensure we provide the best possible experience for our customers and meet legal obligations. The information we collect may be directly provided by you or automatically gathered when you interact with our website and services. The types of information we collect are outlined below:

1. Personal Information. This is information that identifies you as an individual or relates to you as an identifiable person. We may collect the following types of personal information:
   
   

1. Name, email address, mailing address, phone number.
2. Credit card details, billing address, and other payment-related information necessary to process your transactions.
3. Username, password, purchase history, and preferences when you create an account with us.
4. Recipient’s name, address, and phone number to fulfill product deliveries.
5. Information you provide when contacting us for support, such as details of your inquiry or issues with an order.
   
   

2. Non-Personal Information. This refers to data that does not identify you as an individual. We may collect the following types of non-personal information:
   
   

1. IP address, browser type, device type (e.g., mobile or desktop), operating system, and network provider.
2. Information about how you use our website, including the pages you visit, the products you view or purchase, the time and date of your interactions, and referral sources (e.g., links from other websites).
3. General location data inferred from your IP address (city, state, or country).
   
   

COOKIES AND TRACKING TECHNOLOGIES

We use cookies and other tracking technologies to collect information about your interactions with our website:

1. Small text files placed on your device to remember your preferences, help with navigation, or provide enhanced features during your visits.
2. We use third-party analytics tools (e.g., Google Analytics) to gather usage data, track user activity, and understand how visitors engage with our site.
3. Small electronic files (also known as pixel tags) that track your navigation across different pages on our website and help measure the effectiveness of campaigns.
   
   

1.  THIRD-PARTY INFORMATION

We may receive information from third parties in connection with your use of our site or services, including:

1. If you interact with us through social media (e.g., logging in via Facebook or Instagram), we may collect information available through your social media account based on your permissions.
2. We may receive demographic and interest-based data from third-party advertising partners that help us personalize our marketing efforts and enhance your experience.
3. Information provided by third parties we work with, such as payment processors or shipping partners, in connection with transactions or services performed on our behalf.
   
   

SENSITIVE PERSONAL INFORMATION

We do not intentionally collect or process sensitive personal information (e.g., health data, racial or ethnic origin, political opinions). If we do collect such information, it will only be done with your explicit consent and in compliance with applicable law.

HOW WE COLLECT INFORMATION

At Stone Cold Brew Coffee, we collect information from you through a variety of methods to provide our services, improve your experience, and fulfill legal and business obligations. The following outlines how we gather information from our customers and website visitors:

1. Information You Provide Directly. We collect personal information directly from you when you interact with us through our website or customer service channels. This includes, but is not limited to:
   
   

1. Account Creation: When you create an account, we collect your name, email address, and other relevant information required to set up your profile.
2. Purchases and Orders: During the checkout process, we collect payment information, shipping details, and any other data necessary to complete your transaction.
3. Customer Service: If you contact us for support, we collect the information you provide related to your inquiry, such as order details or issue descriptions.
4. Subscriptions: When you sign up for our newsletter or promotional emails, we collect your contact details, including email address and any preferences you share.
   
   

2. Information Collected Automatically. We automatically collect certain information about your device and usage when you interact with our website. This data helps us understand how our visitors use our site and ensures that we deliver a better online experience:
   
   

1. Device and Log Information. We collect details such as your IP address, browser type, operating system, and the date and time of your visit.
2. Browsing Data. We track pages you visit, products you view, time spent on the site, and referring URLs (the website or link that brought you to our site).
3. Cookies and Tracking Technologies. We use cookies, web beacons, and similar technologies to collect information automatically. Cookies allow us to remember your preferences, analyze usage patterns, and provide you with a personalized experience.
   
   

3. Information From Third Parties. We may receive information about you from third-party sources, such as:
   
   

1. Social Media Platforms. If you choose to interact with us or sign in via a social media account (e.g., Facebook, Instagram), we may collect data associated with your social media profile, such as your name, profile picture, and contact details.
2. Service Providers. Information collected from third-party service providers, such as payment processors or shipping companies, in connection with your transactions or service delivery.
3. Advertising and Marketing Partners. Data received from third-party advertising networks or partners that help us deliver personalized ads or track the success of marketing campaigns.
   
   

4. Cookies and Tracking Technologies. We use cookies and similar tracking technologies to collect data automatically when you visit our website. These technologies allow us to understand how you use our site and to offer personalized experiences:
   
   

1. Essential Cookies. These are necessary for the website to function properly, such as enabling shopping cart functionality and secure payment processing.
2. Analytical Cookies. These cookies collect data on how visitors use our site, such as which pages are most popular, to help us optimize our website and improve user experience.
3. Marketing Cookies: These are used to track your browsing behavior and show you targeted ads based on your interests.
   
   

5. Voluntary Surveys and Feedback. We may collect information through voluntary surveys, feedback forms, or product reviews you choose to submit. This information helps us improve our products and services.

6. User-Generated Content. If you submit any content, such as photos, reviews, or testimonials, on our website or social media channels, we collect and may use this information as part of our marketing efforts, subject to your consent.
   
   

HOW WE USE YOUR INFORMATION

At A Stone Cold Brew Coffee, we use the information we collect to provide our services, enhance your experience, and fulfill our legal obligations. Below is a detailed explanation of how we use your personal and non-personal information:

1.  To Process and Fulfill Orders
   
   

1. Transaction Completion. We use your information, such as payment details and shipping address, to process your orders, verify payment, and ensure that your products are delivered to you.

2. Order Status Updates. We use your email address or phone number to communicate order confirmations, shipping notifications, and any other relevant updates regarding your purchases.
   
   

2.  To Provide Customer Support
   
   

1. Handling Inquiries and Requests: We use your information to respond to your inquiries, process returns or exchanges, and assist you with any issues related to your orders.

2. Resolving Issues: Your data helps us investigate and resolve any complaints or disputes that may arise regarding our services.
   
   

3.  To Improve Our Website and Services
   
   

1. Website Optimization: We analyze usage data, such as browsing behavior and site performance metrics, to improve the functionality, design, and content of our website.

2. User Experience Enhancement: We use information from cookies and other tracking technologies to personalize your experience on our website, such as remembering your preferences and tailoring product recommendations.
   
   

4.  To Conduct Marketing and Promotional Activities
   
   

1. Email Marketing. With your consent, we use your contact details to send you newsletters, special offers, and promotions related to our products and services.

2. Targeted Advertising. We may use your browsing data, purchase history, and demographic information to deliver personalized advertisements, both on our website and on third-party platforms.

3. Remarketing Campaigns. We use tracking technologies to display relevant ads to you after you have visited our website, ensuring that our marketing efforts are aligned with your interests.
   
   

5. To Comply with Legal Obligations
   
   

1. Regulatory Compliance. We use your information to comply with legal and regulatory obligations, such as tax reporting, financial record-keeping, and responding to legal requests.

2. Fraud Prevention. We use your information to detect and prevent fraud, unauthorized transactions, and other illegal activities that may threaten the security of our services or customers.
   
   

6. To Facilitate Business Operations
   
   

1. Analytics and Reporting. We use aggregated, non-personal information to analyze trends, track sales performance, and make data-driven decisions that improve our business operations.

2. Service Providers. We share information with third-party service providers, such as payment processors, shipping companies, and marketing platforms, as necessary to perform essential business functions.
   
   

7. To Support the 1911 Initiative. As part of our commitment to philanthropy, we may use a portion of your purchase data to allocate proceeds to the 1911 Initiative, a nonprofit supporting internships and mentoring programs for college-bound students. This is done in accordance with your purchase and in support of our social impact mission.
   
   

8. With Your Consent. In certain cases, we may use your information for purposes that are not outlined here but will seek your explicit consent before doing so. This may include surveys, product testing, or other activities in which participation is voluntary.
   
   

9.  Retention of Data
   
   

1. Data Storage. We retain your personal data for as long as necessary to fulfill the purposes for which it was collected, including legal, accounting, or reporting obligations.

2. Retention Criteria. Retention periods are determined based on the nature of the information, our business needs, and any applicable legal requirements.
   
   

LEGAL BASIS FOR PROCESSING PERSONAL DATA

Under the General Data Protection Regulation (GDPR), we are required to establish a lawful basis for processing your personal data. At Stone Cold Brew Coffee, we rely on the following legal bases to collect, use, and process your personal information:

1. Performance of a Contract. We process your personal data where it is necessary to fulfill our contractual obligations to you, such as:
   
   

1. Order Fulfillment. Processing your orders, accepting payments, and delivering the products you have purchased.
2. Customer Service. Responding to your inquiries and providing support related to your transactions and account with us.
   
   

2. Consent. In situations where you have given us explicit consent to process your personal data, such as:
   
   

1. Marketing Communications. Sending you promotional emails, newsletters, or other forms of communication to which you have subscribed.
2. Use of Cookies. Storing non-essential cookies on your device to provide personalized website experiences and track marketing performance.

You have the right to withdraw your consent at any time by contacting us or adjusting your preferences within your account settings.

1. Legitimate Interests. We process your personal data where it is necessary for our legitimate business interests, provided that your rights and freedoms do not override these interests. Examples include:
   
   

1. Improving Our Services. Using customer feedback and usage data to enhance our website, products, and services.
2. Fraud Detection and Prevention. Protecting our business, customers, and services from fraud and other illegal activities.
3. Marketing. Conducting marketing activities such as personalized advertising and remarketing, where the use of your data is balanced with your privacy rights.
   
   

2. Compliance with Legal Obligations. We may process your personal data to comply with applicable laws, regulations, and legal processes, including:
   
   

1. Tax and Accounting. Retaining records and information as required by tax and accounting regulations.
2. Regulatory Obligations. Disclosing data to governmental authorities or complying with legal obligations when required by law or court orders.
   
   

3. Vital Interests. In rare situations, we may process your personal data to protect your vital interests or those of another individual. For example:

Processing data to ensure the safety of individuals where immediate action is necessary, such as in life-threatening situations.

DATA SHARING AND DISCLOSURE

At Stone Cold Brew Coffee, we value your privacy and are committed to handling your personal data responsibly. We do not sell your personal information to third parties. However, in certain circumstances, we may share or disclose your data to trusted third parties in accordance with this Privacy Policy and applicable data protection laws. The following outlines the circumstances in which your personal information may be shared:

1. Service Providers. We work with third-party service providers to perform various business operations on our behalf. These service providers may have access to your personal information, but only to the extent necessary to perform specific services, such as:
   
   

1. Payment Processors. To securely process payments for purchases made on our website.
2. Shipping and Fulfillment Partners. To deliver your orders to the address provided.
3. Marketing and Advertising Partners. To assist with marketing campaigns, sending emails, and delivering personalized ads based on your preferences.
4. IT and Website Support Providers. To host our website, provide technical support, and maintain data security.

We ensure that all service providers who handle your personal data are contractually obligated to maintain its confidentiality and comply with applicable privacy laws.

1. Compliance with Legal Obligations. We may disclose your personal information to government authorities, regulators, or other entities when we are legally required to do so, such as in response to:
   
   

1. Subpoenas, court orders, or other lawful requests from public authorities.
2. Obligations under tax laws, accounting rules, or other regulatory requirements.
3. To protect the rights, property, or safety of Stone Cold Brew Coffee, our customers, or others. This includes exchanging information with other companies and organizations for fraud protection and credit risk reduction.
   
   

2. Business Transfers. In the event of a corporate transaction such as a merger, acquisition, sale of assets, or reorganization, your personal data may be transferred as part of the business assets. In such cases, we will ensure that any new entity handling your data continues to respect your privacy rights and complies with this Privacy Policy. Should such a transaction occur, you will be notified via email or a prominent notice on our website.
   
   

3. Aggregated and Anonymized Data. We may share aggregated or anonymized data that does not identify you personally with third parties for various purposes, such as:
   
   

1. Business Analysis. To analyze trends, assess the performance of our services, or provide insights to third parties, such as partners or investors.
2. Marketing and Advertising. To improve our marketing strategies and advertising efforts without revealing personally identifiable information.
   
   

4. Social Media Platforms. If you choose to interact with us via social media platforms or login using your social media account, some of your personal data may be shared with or collected by the platform in accordance with its privacy policy. We recommend reviewing the privacy policies of the respective social media providers to understand their data practices.
   
   

5. Third-Party Links. Our website may contain links to third-party websites, products, or services that are not owned or controlled by Stone Cold Brew Coffee. We are not responsible for the privacy practices of these third-party sites. When you click on a link to a third-party site, we encourage you to review its privacy policy before sharing any personal information.

6. With Your Consent. In addition to the scenarios described above, we may share your personal information with third parties if you have provided explicit consent to do so. This may include participating in voluntary surveys, contests, or collaborations with partners.
   
   

USER RIGHTS UNDER GDPR

If you are located in the European Economic Area (EEA), you have specific rights regarding your personal data under the General Data Protection Regulation (GDPR). At Stone Cold Brew Coffee, we are committed to ensuring that you can exercise these rights fully and transparently. Below is a detailed explanation of your rights and how you can exercise them:

1. Right to Access. You have the right to request access to the personal data we hold about you. Upon receiving your request, we will provide you with a copy of your personal data, as well as details about:
   
   

1. The purposes of processing
2. The categories of personal data processed
3. The recipients or categories of recipients to whom your data has been or will be disclosed
4. The duration for which we plan to store your data
5. The existence of other user rights such as rectification, erasure, and the right to lodge a complaint with a supervisory authority.
   
   

2. Right to Rectification. If the personal data we hold about you is inaccurate, incomplete, or outdated, you have the right to request its correction. We will update the information as soon as possible to ensure accuracy.
   
   

3. Right to Erasure (Right to be Forgotten). You may request the deletion of your personal data where:
   
   

1. The data is no longer necessary for the purposes for which it was collected.
2. You withdraw your consent and there is no other legal basis for processing.
3. You object to the processing and there are no overriding legitimate grounds for continuing it.
4. The data was unlawfully processed or must be erased to comply with a legal obligation.

Please note that we may retain certain data if necessary to comply with legal obligations, exercise or defend legal claims, or if processing is required for a legitimate business purpose.

1. Right to Restriction of Processing. You have the right to request that we restrict the processing of your personal data in the following circumstances:
   
   

1. If you contest the accuracy of your data, we will restrict processing until the data’s accuracy is verified.
2. The processing is unlawful, and you oppose the erasure of the data, instead requesting that its use be limited.
3. We no longer need the data for the purposes of processing, but you require it for the establishment, exercise, or defense of legal claims.
4. You have objected to processing pending verification of whether our legitimate grounds override yours.

When processing is restricted, we will continue to store your data but will not use it for further processing unless you consent, or processing is necessary for legal claims or the protection of others.

1. Right to Data Portability. You have the right to receive the personal data you have provided to us in a structured, commonly used, and machine-readable format. You may also request that we transfer this data directly to another data controller where technically feasible.

This right applies where:

1. The processing is based on your consent or the performance of a contract.
2. The processing is carried out by automated means.
   
   

1. Right to Object. You have the right to object to the processing of your personal data at any time, particularly where:
   
   

1. The processing is based on our legitimate interests or for direct marketing purposes.
2. If you object, we will cease processing your data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or where processing is necessary for legal claims.
   
   

2. Right to Withdraw Consent. Where we rely on your consent to process your personal data, you have the right to withdraw that consent at any time. Withdrawal of consent will not affect the lawfulness of processing conducted prior to the withdrawal.
   
   

3. Right to Lodge a Complaint. If you believe that we have not complied with GDPR or your rights have been violated, you have the right to lodge a complaint with a supervisory authority in your country of residence or where the alleged infringement occurred.
   
   

4. Automated Decision-Making and Profiling. You have the right not to be subject to decisions based solely on automated processing, including profiling, where the decision has legal effects or similarly significant consequences for you, unless:
   
   

1. It is necessary for entering into or performing a contract.
2. It is authorized by law.
3. You have given your explicit consent.

In such cases, we will implement measures to safeguard your rights, such as the right to obtain human intervention, express your viewpoint, and contest the decision.

USER RIGHTS UNDER CCPA

If you are a resident of California, you have specific rights regarding your personal information under the California Consumer Privacy Act (CCPA). At Stone Cold Brew Coffee, we are committed to upholding these rights and ensuring transparency in how we handle your data. Below is a detailed explanation of your rights under the CCPA and how you can exercise them:

1. Right to Know. You have the right to request information about the personal data we collect, use, disclose, and sell. This includes:

1. Categories of Personal Information. The categories of personal information we have collected about you.
2. Sources of Personal Information. The sources from which we collected your personal information.
3. Business or Commercial Purpose. The business or commercial purposes for which we use your personal information.
4. Categories of Third Parties. The categories of third parties with whom we have shared or disclosed your personal information.

To request this information, you can submit a request using the contact details provided in the "Contact Information" section of this Privacy Policy.

1. Right to Access. You have the right to access the specific pieces of personal information we hold about you. This allows you to verify the information we have collected and understand how it is being used.

To access your personal data, please submit a verifiable request through the methods outlined in the "Contact Information" section.

1. Right to Delete

You have the right to request the deletion of your personal information that we have collected. We will comply with your request, subject to certain exceptions, including:

1. Legal Obligations. To comply with legal or regulatory requirements.
2. Completion of Transactions. To fulfill any contractual obligations or complete transactions for which the data was collected.
3. Exercise or Defense of Legal Claims. To exercise or defend against legal claims.

To request deletion, please submit a verifiable request through the contact methods provided in the "Contact Information" section.

1. Right to Opt-Out of Sale. You have the right to opt out of the sale of your personal information to third parties. We do not sell your personal information, but if this changes, you will be able to exercise this right by following the opt-out instructions provided in this Privacy Policy.
   
   

2. Right to Non-Discrimination. You have the right to not be discriminated against for exercising any of your rights under the CCPA. This means we will not deny you goods or services, charge you different prices, or provide a different level or quality of service because you have exercised your rights under the CCPA.
   
   

3. Right to Financial Incentives. If we offer financial incentives or benefits to you for the collection, retention, or sale of your personal information, we will provide clear information about the value of such incentives and how you can opt in or opt out of participating in these programs.
   
   

4. Verification of Requests. To ensure the security of your personal data, we will verify the identity of any person making a request to exercise their rights. This may involve requesting information to confirm that you are the person you claim to be and that we hold the information you are requesting.

Requests must be submitted by you or an authorized agent. If you wish to designate an authorized agent to make a request on your behalf, you must provide written authorization for the agent to act on your behalf.

1. Response Time. We will respond to your verifiable requests within the timeframes required by the CCPA. Typically, we will acknowledge receipt of your request within 10 business days and provide a substantive response within 45 days of receiving your request. If additional time is needed, we will inform you of the extension and the reasons for it.
   
   

DATA RETENTION

At Stone Cold Brew Coffee, we are committed to retaining your personal data only for as long as necessary to fulfill the purposes for which it was collected, to meet legal obligations, or to serve our legitimate business interests. The following outlines our data retention practices:

1. Retention Periods

We retain personal data based on the following criteria:

1. Contractual Necessity. Personal data is retained for the duration of your relationship with us and for as long as needed to fulfill contractual obligations, such as processing orders and providing customer support.
2. Legal Requirements. We retain personal data as required by applicable laws and regulations, including tax, accounting, and other legal obligations. For example, transaction records and billing information may be retained for a minimum period as mandated by law.
3. Legitimate Business Interests. Data may be retained for a reasonable period to fulfill our business interests, such as maintaining accurate records, improving our services, and ensuring compliance with our policies.
4. Consent-Based Data. Personal data collected based on your consent will be retained for as long as the consent is valid or until you withdraw your consent.
   
   

1. Data Minimization and Anonymization

To limit the risk of data exposure, we implement data minimization principles:

1. Data Minimization. We collect and retain only the data necessary to fulfill the intended purposes. Unnecessary or redundant data is not retained.
2. Anonymization and Aggregation. Where possible, we anonymize or aggregate personal data to reduce the risk of identification and to comply with data protection principles. Aggregated or anonymized data may be retained for analytical and statistical purposes without directly identifying individuals.
   
   

1. Data Deletion and Disposal

When personal data is no longer required for the purposes for which it was collected or when retention periods have expired, we ensure secure deletion or disposal of the data:

1. Physical and Electronic Records. We use secure methods to delete or destroy physical records and electronic data, including encryption and secure deletion tools.
2. Access Control. Access to personal data that is subject to deletion or disposal is restricted to authorized personnel only to prevent unauthorized access or recovery.
   
   

1. Retention of Data for Legal Claims

In certain cases, we may retain personal data beyond the usual retention periods if necessary for the establishment, exercise, or defense of legal claims. This includes retaining data for potential litigation, dispute resolution, or regulatory investigations.

1. Review and Updates

We regularly review our data retention practices to ensure compliance with applicable laws and regulations. Our retention policies are updated as needed to reflect changes in legal requirements, business practices, or data protection standards.

DATA SECURITY

At Stone Cold Brew Coffee, protecting your personal data is of utmost importance. We are committed to implementing and maintaining robust security measures to safeguard your information from unauthorized access, disclosure, alteration, and destruction. The following outlines our data security practices:

1. Security Measures

We employ a range of security measures to protect your personal data:

1. Encryption. Personal data is encrypted both in transit and at rest using industry-standard encryption protocols to ensure its confidentiality and integrity.
2. Access Controls. Access to personal data is restricted to authorized personnel only, based on their roles and responsibilities. We use strong authentication methods and role-based access controls to manage access to sensitive information.
3. Firewalls and Intrusion Detection. We deploy firewalls, intrusion detection systems, and other network security measures to protect against unauthorized access and cyber threats.
4. Secure Systems and Applications. Our IT systems, applications, and databases are regularly updated and patched to address security vulnerabilities and ensure that they are protected against known threats.
   
   

1.  Data Handling and Storage

We take steps to ensure the secure handling and storage of personal data:

1. Data Storage. Personal data is stored in secure data centers with physical and digital security controls to protect against unauthorized access.
2. Data Transfers. When transferring personal data between systems or to third parties, we use secure methods such as encryption and secure file transfer protocols.
   
   

1. Incident Response. We have established procedures for responding to data security incidents:
   
   

1. Incident Detection and Reporting. We continuously monitor our systems for signs of security breaches or incidents. Any suspected incidents are promptly reported to the appropriate internal teams.
2. Incident Management. We follow a structured incident response plan to manage and contain security incidents. This includes investigating the incident, mitigating any impacts, and notifying affected individuals if required by law.
3. Post-Incident Review. After an incident, we conduct a review to assess the impact, identify the root cause, and implement corrective actions to prevent future occurrences.
   
   

2.  Training and Awareness

We ensure that our employees and contractors are aware of and adhere to our data security policies:

1. Security Training. All employees receive regular training on data protection and security best practices to recognize and mitigate potential security threats.
2. Ongoing Awareness. We promote a culture of security awareness through periodic updates, reminders, and security awareness programs.
   
   

1. Third-Party Security. When working with third-party service providers, we ensure that they adhere to our security standards:
   
   

1. Due Diligence. We conduct thorough due diligence to assess the security practices of third-party vendors before engaging them.
2. Contractual Obligations. We include data protection and security requirements in our contracts with third parties to ensure they implement appropriate security measures.
   
   

2. Data Breach Notification. In the event of a data breach involving personal data, we will:
   
   

1. Notify Affected Individuals. Notify individuals whose data has been affected by the breach, as required by applicable laws.
2. Regulatory Reporting. Report the breach to relevant data protection authorities within the required timeframe.
   
   

3. Regular Security Reviews. We regularly review and update our security measures and practices to address evolving security threats and ensure compliance with industry standards and legal requirements.
   
   

COOKIES AND TRACKING TECHNOLOGIES

At Stone Cold Brew Coffee, we use cookies and other tracking technologies to enhance your browsing experience, analyze website traffic, and provide personalized content. This section explains what cookies and tracking technologies we use, how they work, and your options for managing them.

1. What Are Cookies and Tracking Technologies?
   
   

1. Cookies. Cookies are small text files placed on your device by websites you visit. They store information that can be retrieved by the website on subsequent visits. Cookies can be either session cookies (which expire when you close your browser) or persistent cookies (which remain on your device for a specified period).
2. Tracking Technologies. In addition to cookies, we may use other tracking technologies such as web beacons (small graphic images or scripts that track user activity), pixels (code snippets embedded in web pages), and similar technologies.
   
   

2.  Types of Cookies and Tracking Technologies We Use
   
   

1. Essential Cookies. These cookies are necessary for the website to function correctly and provide services you request, such as shopping cart functionality and secure login. They do not store personal information.
2. Performance Cookies. These cookies collect information about how you use our website, such as which pages you visit most often. This data helps us improve the performance and functionality of our website.
3. Functional Cookies. These cookies allow the website to remember choices you make, such as language preferences or the items in your shopping cart, to provide a more personalized experience.
4. Targeting and Advertising Cookies. These cookies track your browsing habits to deliver relevant advertisements based on your interests. They may also be used to limit the number of times you see an ad and measure the effectiveness of advertising campaigns. 
5. Analytics Cookies. These cookies help us understand how visitors interact with our website by collecting data on user behavior, such as time spent on the site and pages visited.
   
   

3.  How We Use Cookies and Tracking Technologies
   
   

1. Website Functionality. To ensure that our website functions correctly and efficiently.
2. Personalization. To personalize your experience by remembering your preferences and providing tailored content.
3. Performance Monitoring. To analyze website traffic and user behavior, helping us to improve our services and user experience.
4. Advertising. To deliver relevant advertisements and measure the effectiveness of our marketing efforts.
   
   

4. Managing Cookies and Tracking Technologies
   
   

1. Cookie Preferences. You can manage your cookie preferences through your browser settings. Most browsers allow you to block or delete cookies, but this may affect the functionality of our website. Instructions for managing cookies can be found in the browser's help section.
2. Opt-Out Options. For certain types of cookies, such as those used for targeted advertising, you may opt out by visiting industry opt-out tools or the Digital Advertising Alliance’s opt-out page. Please note that opting out does not mean you will no longer see ads, but rather that the ads you see may not be as relevant to your interests.
   
   

5. Third-Party Cookies
   
   

1. Third-Party Services. Our website may include content or links to third-party services that use cookies or other tracking technologies. We do not control these third-party technologies and encourage you to review their privacy policies for information on their practices.
2. Analytics Providers. We may use third-party analytics services, such as Google Analytics, to collect and analyze data on website usage. These services may use cookies to track user behavior.
   
   

6. Changes to Our Cookie Policy. We may update our cookie policy from time to time to reflect changes in technology or regulatory requirements. Any changes will be posted on our website, and your continued use of our website constitutes acceptance of the updated policy.
   
   

7. Contact Us. If you have any questions or concerns about our use of cookies and tracking technologies, please contact us using the information provided in the "Contact Information" section of this Privacy Policy.
   
   

CHILDREN'S PRIVACY

At Stone Cold Brew Coffee, we are committed to protecting the privacy of children and ensuring that our services are not directed toward individuals under the age of 16. This section outlines our policies regarding the collection and use of personal data from children:

1. Scope of Policy. Our website and services are intended for use by individuals who are 16 years of age or older. We do not knowingly collect, use, or disclose personal data from children under 16 without parental consent.
   
   

2. Data Collection. We do not intentionally collect personal data from children under 16. If we become aware that we have collected personal data from a child under 16 without appropriate consent, we will take steps to delete the information as soon as possible.
   
   

3. Parental Consent
   
   

1. Verification of Age. To ensure compliance with applicable laws and regulations, we may implement mechanisms to verify the age of users and obtain parental consent if necessary.
2. Request for Parental Consent. If we determine that a child under 16 has provided personal data, we will seek verifiable parental consent to continue processing the information. If consent is not provided, we will delete the data promptly.
   
   

4. Parental Rights
   
   

1. Access and Control. Parents or guardians of children under 16 have the right to review, correct, or delete their child’s personal data. They can also request that we cease further collection or use of their child's data.
2. How to Contact Us. To exercise these rights or for any concerns related to their child’s personal data, parents or guardians can contact us using the information provided in the "Contact Information" section of this Privacy Policy.
   
   

5. Educational Content. Our content is not specifically designed for or directed at children under 16. We strive to ensure that any content we provide is appropriate for a general audience.
   
   

6. Policy Updates. We may update our policies regarding children’s privacy to comply with changes in laws or regulations. We will post any changes to this section on our website, and continued use of our services constitutes acceptance of the updated policy.
   
   

7. Contact Us. If you have any questions or concerns regarding our policies on children’s privacy, please contact us using the contact details provided in the "Contact Information" section of this Privacy Policy.
   
   

INTERNATIONAL DATA TRANSFERS 

At Stone Cold Brew Coffee, we may transfer your personal data to recipients outside of your country, including to countries that are not within the European Economic Area (EEA). This section outlines our practices regarding international data transfers and the measures we take to ensure that your data is protected.

1. Transfers to Third Countries
   
   

1. Nature of Transfers. Personal data collected from individuals within the EEA may be transferred to, and processed in, countries outside the EEA that may not have data protection laws equivalent to those of the EEA.
2. Third Countries. This includes transfers to our affiliates, service providers, or business partners located in countries outside the EEA.
   
   

2. Safeguards for International Transfers
   
   

1. Adequacy Decisions: Where possible, we transfer personal data to countries recognized by the European Commission as providing an adequate level of data protection.
2. Standard Contractual Clauses: For transfers to countries without an adequacy decision, we use Standard Contractual Clauses (SCCs) approved by the European Commission. These contractual agreements include provisions to ensure that personal data is protected to the same standard as required under the GDPR.
3. Binding Corporate Rules. In some cases, we may use Binding Corporate Rules (BCRs) for intra-group transfers to ensure adequate protection for personal data.
   
   

3. Contractual Obligations. We have data processing agreements in place with third parties who process personal data on our behalf. These agreements include specific clauses to ensure compliance with GDPR and to safeguard your data during international transfers.
   
   

4. Security Measures. We implement appropriate technical and organizational measures to protect your personal data during international transfers, including encryption and access controls, to mitigate risks associated with data breaches or unauthorized access.
   
   

5. Your Rights. You have the right to obtain information about the safeguards in place for your personal data during international transfers. You can request details about the specific mechanisms used to protect your data by contacting us as outlined in the "Contact Information" section of this Privacy Policy.
   
   

6. Review and Updates. We regularly review and update our practices to ensure compliance with GDPR and to address any changes in international data protection laws or requirements.
   
   

7. Contact Us. If you have any questions or concerns regarding our international data transfer practices or the measures we use to protect your personal data, please contact us using the information provided in the "Contact Information" section of this Privacy Policy.
   
   

CHANGES TO THIS PRIVACY POLICY

Stone Cold Brew Coffee may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other operational factors. This section outlines how we manage and communicate changes to our Privacy Policy:

1. Notification of Changes
   
   

1. Update Posting. Any changes to this Privacy Policy will be posted on our website with an updated revision date. We encourage you to review this policy periodically to stay informed about how we are protecting your information.
2. Significant Changes. For significant changes that affect your rights or how we handle your personal data, we may provide additional notice, such as via email or prominent notice on our website.
   
   

2. Effective Date. The revised Privacy Policy will be effective as of the date specified at the top of the updated policy. Your continued use of our services after this date constitutes your acceptance of the updated policy.
   
   

3. User Responsibility. It is your responsibility to review the Privacy Policy regularly. If you do not agree with any changes, you should stop using our services and contact us to discuss any concerns.
   
   

4.  Historical Versions. Previous versions of this Privacy Policy may be archived and available upon request. You can contact us if you need access to prior versions of the policy for reference.
   
   

5. Contact Us. If you have any questions about changes to this Privacy Policy or need clarification on any aspect of it, please contact us using the information provided in the "Contact Information" section of this Privacy Policy.
   
   

EXERCISING YOUR RIGHTS AND CONTACT INFORMATION

Stone Cold Brew Coffee is committed to ensuring that you can exercise your rights concerning your personal data. This section outlines how you can exercise these rights and how to contact us for any privacy-related inquiries.

1. Exercising Your Rights

Depending on your jurisdiction, you may have certain rights regarding your personal data. These rights include:

1. Right to Access. You have the right to request access to the personal data we hold about you. This includes information on how your data is being processed and a copy of your personal data.
2. Right to Rectification. You can request that we correct or update any inaccurate or incomplete personal data we hold about you.
3. Right to Erasure. You may request the deletion of your personal data under certain circumstances, such as when the data is no longer necessary for the purposes for which it was collected.
4. Right to Restrict Processing. You can request that we restrict the processing of your personal data under specific conditions, such as if you contest the accuracy of the data or object to its processing.
5. Right to Data Portability. You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to request the transfer of this data to another data controller, where technically feasible.
6. Right to Object. You may object to the processing of your personal data based on legitimate interests or for direct marketing purposes.
7. Right to Withdraw Consent. If we process your data based on your consent, you have the right to withdraw that consent at any time. This withdrawal will not affect the legality of processing based on consent before its withdrawal.
   
   

1. How to Exercise Your Rights. To exercise any of your rights or if you have any questions regarding your personal data, please contact us using the details provided below. We will respond to your request in accordance with applicable data protection laws and regulations.
   
   

2. Contact Information
   
   

1. Email: 
2. Mailing Address: Stone Cold Brew Coffee
   Attn: Privacy Officer
   [Your Company Address]
   [City, State, ZIP Code]
   [Country]
3. Phone:
   
   

3. Response Time. We aim to respond to all requests within a reasonable timeframe, typically within one month of receipt. If your request is complex or if we receive numerous requests, we may extend this period by an additional two months. If this is the case, we will notify you within one month of receiving your request.
   
   

4. Complaints. If you believe that we have not adequately addressed your concerns or that your rights have been violated, you have the right to lodge a complaint with a supervisory authority or data protection authority in your jurisdiction.
   
   

DISPUTE RESOLUTION AND COMPLAINTS

At Stone Cold Brew Coffee, we are committed to resolving any disputes or complaints regarding our handling of personal data in a fair and efficient manner. This section outlines the steps for resolving disputes and handling complaints:

1. Internal Dispute Resolution
   
   

1. Initial Contact. If you have any concerns or complaints regarding our data practices, we encourage you to first contact us directly. Please use the contact information provided in the "Exercising Your Rights and Contact Information" section to submit your concerns.
2. Resolution Process. Upon receiving your complaint, we will investigate the matter promptly. Our aim is to resolve any issues amicably and to your satisfaction. We will respond to you with the results of our investigation and any actions we have taken or plan to take.
   
   

2. Formal Complaint Procedure
   
   

1. Submitting a Formal Complaint. If you are not satisfied with our response or resolution, you may submit a formal complaint. This complaint should be detailed and include any relevant information to assist us in addressing the issue effectively.
2. Review and Response. We will acknowledge receipt of your formal complaint within 5 business days and will conduct a thorough review. We will provide a comprehensive response within a reasonable timeframe, typically within 30 days.
   
   

3. External Dispute Resolution
   
   

1. Regulatory Authority. If you are still dissatisfied with our resolution or if we do not respond to your complaint in a timely manner, you have the right to escalate the issue to a relevant regulatory authority or data protection authority in your jurisdiction. You may contact them to lodge a formal complaint.
2. Contact Information for Regulatory Authorities/ For your convenience, you can find contact details for data protection authorities in the European Union here and in other jurisdictions as applicable.
   
   

4. Alternative Dispute Resolution. If appropriate, and if you agree, we may seek to resolve disputes through alternative dispute resolution mechanisms such as mediation or arbitration. This process involves engaging an independent third party to facilitate a resolution.
   
   

5. Legal Rights. Nothing in this section affects your legal rights or the right to seek judicial remedies. You have the right to pursue any legal action or remedies available under applicable laws and regulations.
   
   

6. Policy Updates. We may update our dispute resolution procedures from time to time. Any changes will be posted on our website, and you will be informed of significant updates.
   
   

7. Contact Us. If you need further assistance regarding dispute resolution or have questions about our procedures, please contact us using the contact details provided in the "Exercising Your Rights and Contact Information" section of this Privacy Policy.