Privacy Policy
Your privacy and the protection of your personal information is important to us. Personal information is information that identifies, describes, or is reasonably capable of being associated with or linked to, directly or indirectly, an individual.
This Privacy Policy explains the types of personal information collected about you by Gregorys Coffee Management, Inc., its parents, subsidiaries and/or affiliated companies (collectively, “Gregorys,” “we,” “our,” or “us”), as well as how we use the information we collect; how we may share the information we collect; the security we employ to protect the information we collect; and how you may contact us and opt out of certain uses or sharing of your personal information in connection with our website, our mobile application (“App”), and/or other services that we provide for the provision of coffee products, baked goods, merchandise, giveaways, or experience-related products or services (collectively hereinafter, “Services”).
TABLE OF CONTENTS
This table of contents provides a summary of this Privacy Policy in connection with our Services. It is for your convenience only, and intended only to help guide you. It should not be read as a complete presentation of all of the terms and conditions contained herein. We encourage you to review the entire Privacy Policy.
Scope of this Privacy Policy. This Privacy Policy applies to our collection, use, disclosure, and security of personal information in connection with our Services.
International Transfers of Data. We process data in the U.S. only. If you are located outside of the U.S., and you access or use our Services, you acknowledge that your personal information will be processed in (and sent to) the U.S.
Your Rights. Depending on where you live, you may have certain rights with respect to your personal information.
Children’s Privacy. Our Services are not designed or intended for children under thirteen (13) years old. Users under eighteen (18) years old must obtain parent or guardian consent.
Modification. We reserve the right to modify this Privacy Policy at any time.
Information We Collect. We may collect certain personal information about you.
How We Use Your Information. How we may use personal information we collect about you.
How We May Share Your Information. How we may share personal information about you.
How We Protect Your Information. We use reasonable physical, technical, and administrative safeguards designed to protect the security of personal information we collect.
Cookies. How we use cookies and web beacons.
Communications with You. How we may communicate with you and your right to opt-out of such communications.
Linked Sites. Our Services may be accessed through certain websites.
How to Contact Us. You may contact us regarding the collection, use, disclosure, or security of your personal information by one of the means provided below. In contacting us, we may ask you to provide additional information.
SCOPE OF THIS PRIVACY POLICY
This Privacy Policy applies to our collection of personal information in connection with our Services, whether collected directly from you or shared with us by another person or organization.
Please review this Privacy Policy carefully. By accessing and using our Services (including our Website and/or App), or by otherwise submitting information to us – for instance, when you create an account with us – you signal your consent to the terms of this Privacy Policy. If you do not agree with any part of this Privacy Policy, please do not provide us with any information and do not use our Services. Please review our Terms of Use, posted here [https://gregoryscoffee.com/pages/terms]. The Terms of Use describes the terms and conditions for use of our Website, App, and other Services.
INTERNATIONAL TRANSFERS OF DATA
Gregorys is located and operates solely in the United States. Our Services, including our App and Website, are governed by and operated in accordance with the laws of the United States, its territories, possessions, and protectorates (“U.S.”). We process all personal data in the U.S.
If you are located outside of the U.S. and you access or use our Services, you do so at your own risk. You acknowledge and consent that it is necessary to transfer your personal information to and process in the U.S., where our central databases operate, in order to use our Services. By using our Services, you (a) acknowledge that the data protection and other laws of the U.S. may provide a less comprehensive or protective standard of protection than those in your country, and (b) you expressly consent to your personal information being collected, processed, and transferred as set forth in this Privacy Policy and under U.S. law.
CHILDREN’S PRIVACY
Our Website and App are not designed to attract children aged thirteen (13) and under. You must be eighteen (18) years old or older to create an account with us, to use our App, to make purchases on our Website or otherwise submit personal information to us without the express permission of a parent or guardian. By creating an account with us, either by using our Website or App, you represent that you are at least 18, or that you have provided affirmative and verifiable consent from your parent or legal guardian.
If we learn we have collected or received personal information from a child under 18 without verification of parental consent, we will delete that information, including any associated account, and prohibit use of our App or Website-related Services. If you believe we might have any information from or about a child under 18 without parental consent, please contact us via the contact methods below.
MODIFICATION
We reserve the right to modify this Privacy Policy at any time to reflect changes to our practices or applicable law. We will make the revised Privacy Policy accessible through access to our Websites and App. Please check this Policy periodically for updates. The date at the top of the Privacy Policy tells you when it was last updated.
If we make material changes to the way we collect or use your information, you will be provided with appropriate notice, including by, but not limited to, posting the updated Privacy Policy on our Websites and App, providing notice when you access our Websites or App, and/or providing notice in accordance with applicable legal requirements. Any changes to this Privacy Policy will become effective when the revised Privacy Policy is posted. By continuing to use our Services following notice of any changes to this Privacy Policy, you acknowledge you have read and understand the updated Privacy Policy, and you understand that we will collect, use, and share information as stated therein.
INFORMATION WE COLLECT
Information You Provide to Us or Which We Automatically Collect From You. We collect personal information you choose to share with us when you establish an account with us through our App or make a purchase or order through our Website. By creating an account on our App, we collect personal information like your name, email address, phone number, transactional history, geo-location, birthday, and gender. You also may provide us with some payment or billing information, and a password when you create an account. When you make a purchase or order through our Website, we may collect your name, email address, mailing address, payment and billing information, such as a credit card, and telephone number. If you seek employment with us, we collect data from you for hiring-related purposes.
We also automatically collect certain information when you use our Website or App, like your IP address, browser and device characteristics, geo-location, and information about how and when you use our App. For instance, we may request access or permission to track your location based on your mobile device, or access use of your device’s camera to scan items. We may request permission to send you push notifications. If you wish to change our access or permissions for collecting your geo-location or information about your device through our App, you may do so in your device’s settings. We also collect information through cookies and similar technologies (see our Cookie Section below).
Information We Collect From Third Parties. We may collect information about you from third-parties whom you authorize to share information in connection with our Services, such as joint marketing partners, or social media platforms (like Yelp, Instagram or Facebook). Examples of information we receive from other sources include social media profile information (like your name, gender, birthday, email, current city, state and country, and profile picture); content that you post; and marketing leads and search results and links, including paid listings (such as sponsored links). We may receive information from other App users, who chose to send you a digital gift card, including your name, email address, and the content of any message they include. We may collect data about you from Wi-Fi providers at our store locations, which you provide when you sign up for our guest Wi-Fi, or from vendors who operate our loyalty reward program.
Our App offers you the ability to register and login using your third-party social media account details (like your Facebook or Twitter logins). Where you choose to do this, we will receive certain profile information about you from your social media provider. The profile Information we receive may vary depending on the social media provider concerned, but will often include your name, e-mail address, followers/friends list, profile picture as well as other information you choose to make public. We may collect your information from our service providers to better render our Services for you, to help with our operations, and/or for fraud prevention. Please note that we do not control, and are not responsible for, other uses of your personal information by your third party social media provider. You should review their privacy policies to understand how they collect, use and share your personal information. If you seek employment with us, we collect data about you from a third-party service for hiring-related purposes.
We may aggregate data to help improve our platform, applications and/or Website experience for our users.
HOW WE USE YOUR INFORMATION
We use the personal information we collect about you in connection with our Services, including the operation of our Services and to provide or deliver our Services to you, like coffee, baked goods, merchandise, or other. If you request Services from us, we will use your information to fulfill your request or any other purpose for which you provide it. We may use your information to respond to inquiries made by you, or for other customer service-related reasons. We may use your information to provide you with information about our products and Services, or to better understand your needs, or to give you notice of and/or resolve any problems that may arise in connection with our Services.
We may use your information for our marketing purposes. If you choose to link your account with us to a third-party account (like Twitter or Facebook), we use the information to facilitate account creation and logon process. We may use your information to deliver information to you to participate in any interactive features of our Services, to enable user-to-user communications, such as delivery of digital gift cards or to invite friends through our App. We may use your information to administer prize draws and competitions when you elect to participate in such competitions.
We may use your information to enforce our rights, including for billing and collection, or to comply with applicable law; to detect or prevent fraud (financial or otherwise), intellectual property infringement, potential misuse of our Services, or breach of our Terms of Use. We may use your information to manage third-party risks or other risks to our business, or to protect the reputation of our businesses. We may use your information to request feedback and to contact you about your use of our Services. We may use your information to improve the quality and/or your personal experience on our Website, our App, or other aspects of our Services, and/or to analyze the success of our Services. If you apply for employment with us, we will use your information for hiring-related purposes.
We may anonymize, aggregate or combine information we collect online or elsewhere for the above purposes or other purposes, to improve our Services, to develop new services, and/or to analyze statistics on usage and trends. Please note that aggregated or de-identified data may not constitute personal information.
HOW WE MAY SHARE YOUR INFORMATION
We share the information we collect about you for business operations, including with third-party vendors in order to perform our Services. We may share information with third parties to market their products or services to you. If so, we contractually require these third parties to keep personal information confidential and use it only for the purposes for which we disclose it to them. We may share your information with service providers to improve our Services and/or for operational purposes, promotion of administration, and fraud prevention. Examples include payment processing, email delivery, and hosting services. We may allow selected third parties to use tracking technology collected from our App to enable them to collect data about how you interact with the App over time. This information may be used to, among other things, analyze and track data, determine the popularity of certain content and better understand online activity. If you interact with other users of our App or other Services through social media, your contacts on the social network may see your name, profile photo, and descriptions of your activity.
We do not collect your credit card information; instead, that information is handled by third-party processors. For instance, our online store is hosted on Shopify Inc., which provides us with the online e-commerce platform that allows us to sell our products and services to you through our Website. When you make a payment, your credit card information is collected and stored by the third-party processor. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS).
We may share information we collect, as appropriate, with law enforcement or otherwise to protect and enforce the legal and contractual rights, privacy, and safety of us or others; to protect against possible fraud or other illegal activity; to respond to requests from government and other authorities; and/or to comply with legal processes. In the event that Gregorys and/or an affiliate is involved in a merger, acquisition, transfer of control, bankruptcy, reorganization or sale of assets, or diligence associated with such matters, we may sell or transfer the information described in this Privacy Policy as part of that transaction.
HOW WE PROTECT YOUR INFORMATION
We employ reasonable physical, technical, and administrative safeguards designed to protect the security of personal information that we collect in connection with our Services. These safeguards vary depending upon a variety of factors including the sensitivity of the information we collect and use. Despite all reasonable practices, no security method is infallible. We cannot guarantee the security of the networks, systems, servers, devices, and databases we operate, that are operated on our behalf, or which you employ to access our Services. Nor can we guarantee the security of third-party networks, including cellular networks and storage servers, used in connection with our Services.
COOKIES
Our Websites use cookies and similar tracking technologies (like web beacons and pixels) to access or store information. Cookies are small data files sent to your computer on the basis of the information that we have collected about your visit. You may refuse to accept browser cookies by activating the appropriate setting on your browser. However, if you select this setting you may be unable to access certain parts of our Website. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you direct your browser to our Website. Here is a list of cookies that we use. We’ve listed them here so that you can choose if you want to opt-out of cookies or not.
- _session_id , unique token, sessional, Allows Shopify to store information about your session (referrer, landing page, etc).
- _shopify_visit , no data held, Persistent for 30 minutes from the last visit, Used by our website provider’s internal stats tracker to record the number of visits
- _shopify_uniq , no data held, expires midnight (relative to the visitor) of the next day, Counts the number of visits to a store by a single customer.
- cart , unique token, persistent for 2 weeks, Stores information about the contents of your cart.
- _secure_session_id , unique token, sessional
- storefront_digest , unique token, indefinite If the shop has a password, this is used to determine if the current visitor has access.
Your web browser will have an option you may select that will block cookies. Below are links to information about popular web browsers and how to block cookies using them.
https://support.google.com/chrome/answer/95647?hl=en&p=cpn_cookies
https://support.microsoft.com/en-gb/help/4027947/microsoft-edge-delete-cookies
https://support.apple.com/en-gb/guide/safari/sfri11471/mac
Our Website and emails that we send to you also may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit us, for example, to count users who have visited those pages or opened an email and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity).
We also may use cookies and web beacons to collect information about your online activities over time and across third-party websites or other online services (behavioral tracking). The information we collect automatically may include personal information or we may maintain it or associate it with personal information we collect in other ways or receive from third parties. It helps us to improve our Websites and to deliver a better and more personalized service, including to recognize you when you return to our Websites and/or to improve the experiences of users of our Websites.
GOOGLE MAPS
Our App uses Google Maps APIs for the purpose of providing better Services and tracking your location in connection with Gregorys locations. By using our Google Maps API implementation, you agree to be bound by Google’s Terms of Service. You agree to allow us to obtain or cache your location. You may revoke your consent at any time. We use information about location in conjunction with data from other data providers.
DO NOT TRACK SIGNALS
Certain web browsers provide users with an option by which you may have your browser send a “Do Not Track” signal to websites that you are visiting, advising the recipient websites that you do not want to have your online activity tracked. However, the way browsers communicate such “Do Not Track” signals is not yet uniform and, accordingly, our Websites do not take any action in response to such signals.
COMMUNICATIONS WITH YOU & HOW TO OPT-OUT
We may use your personal information to contact you via phone, texting, email, or by other means to the extent such activity is permitted by law. This information may be used to help us and our commercial partners, co-sponsors and services providers deliver information to you, and for other purposes as are reasonably necessary to provide the services requested by you. We may contact you to enable us to respond to an inquiry or comment from you, and/or to help us provide our Services to you.
By providing use with your mobile phone number and/or email address, and clicking the box allowing us to contact you, you authorize us to contact you by texting, phone, or other specified means. You may opt-out of receiving future communications from us by changing your account settings and preferences. You may opt-out of communications by following the instructions provided with our communications, for instance in the email message we send if we communicate with you by email.
We may request to send you push notifications regarding your account or for the App. If you wish to opt-out from receiving these types of communications, you may turn them off in your device’s settings.
You also may opt-out or change your preferences by providing opt-out instructions – e.g. sending an email or postal mail as provided below:
- Postal Mail: Gregorys Coffee, Re: Privacy Compliance Officer, 874 6th Avenue New York, New York US 10001
- Email Privacy: info@gregoryscoffee.com
Be sure to include the contact information we are using to communicate with you, such as your email address, and let us know the specific types of communications you no longer wish to receive.
YOUR RIGHTS
You have the right to access and correct your personal information that you submit to us when you create an account by accessing and changing your account profile information. Depending on where you live, you may have certain additional rights with respect to your information. Please note that you may be located in a jurisdiction where we are not obligated, or are unable, to fulfill a request. In such a case, your request may not be fulfilled.
If you prefer that we do not share personal information about you with our affiliates, or to nonaffiliated third parties, for marketing purposes, except as otherwise permitted or required by law, you may direct us not to do so by contacting us in the manners provided below. If you prefer that we do not direct market to you via our affiliates and nonaffiliated third parties through e-mail, postal mail, and/or telemarketing, you may direct us not to do so by contacting us in the manners provided below, or by sending a request by mail to the address above.
- Postal Mail: Gregorys Coffee, Re: Privacy Compliance Officer, 874 6th Avenue New York, New York US 10001
- Email Privacy: info@gregoryscoffee.com
Rights of California Residents. We do not operate in California and are not subject to the California Consumer Privacy Act (“CCPA”). However, California residents can request a list of all the third parties to which we have disclosed certain personal information (as defined by California’s Shine the Light law) during the preceding year for those third parties’ direct marketing purposes. California residents may contact us at Gregorys Coffee, Re: Privacy Compliance Officer, 263 West 38th Street New York New York US 10001.
In the body of your request, you must include: “California Shine the Light Request”, your name, a current California address including, street address, city, state, and zip code, as well as sufficient information for us to determine if the law applies to you. You will need to attest to the fact that you are a California resident. We will not accept requests by telephone, email, or facsimile, and we are not responsible for notices that are not labeled or sent properly, or that do not have complete information.
LINKED WEBSITES
You may access our Website from a third-party website (i.e., a website owned or operated by another entity) (“Linked Sites”). Any such linking should not be construed as an endorsement by us. Linked Sites are not controlled by Gregorys; nor are they governed by this Privacy Policy. This Privacy Policy governs only personal information we collect in connection with our Services. When visiting third-party websites, including Linked Sites, we encourage users to review the privacy policy governing such site.
CONTACT US
For questions or complaints about our Privacy Policy or privacy practices, please contact us at:
- Postal Mail: Gregorys Coffee, Re: Privacy Compliance Officer, 874 6th Avenue New York, New York US 10001
- Email Privacy: info@gregoryscoffee.com
EFFECTIVE DATE NOVEMBER 13TH, 2020