Last updated: 15 June 2026

This Privacy Policy explains how Coffeist ("Coffeist", "we", "us" or "our") collects, uses, stores and protects your personal data when you visit our website at coffeist.top (the "Website") or otherwise interact with us. We are committed to handling your information responsibly and in line with the EU General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG).

1. Who we are

The data controller responsible for your personal data is:

2. What data we collect

We collect only the data we need to provide and improve our services. This may include:

  • Contact data you provide voluntarily through our contact form, such as your name, email address, subject and message.
  • Technical data automatically collected when you visit the Website, such as your IP address, browser type, device information and pages viewed.
  • Cookie and consent data, including the preferences you set through our cookie banner.

3. How we use your data

We process your personal data for the following purposes:

  • To respond to enquiries you send us through the contact form or by email.
  • To operate, maintain and secure the Website.
  • To analyse how the Website is used so we can improve it (only where you have consented).
  • To comply with our legal obligations.

4. Legal bases for processing

We rely on the following legal bases under Article 6 of the GDPR: your consent (Art. 6(1)(a)); the performance of a contract or pre-contractual steps at your request (Art. 6(1)(b)); compliance with a legal obligation (Art. 6(1)(c)); and our legitimate interests in operating and improving the Website (Art. 6(1)(f)).

5. Cookies

The Website uses cookies and similar technologies. Strictly necessary cookies are always active because the site cannot function without them. Analytics and marketing cookies are only set with your consent. You can review and change your choices at any time. For full details, please read our Cookie Policy.

6. Sharing your data

We do not sell your personal data. We may share it with trusted service providers who help us operate the Website (such as hosting and analytics providers), who act only on our instructions and under appropriate data-processing agreements. We may also disclose data where required by law.

7. International transfers

Where data is transferred outside the European Economic Area, we ensure appropriate safeguards are in place, such as the European Commission's Standard Contractual Clauses, to protect your information.

8. How long we keep your data

We retain personal data only for as long as necessary for the purposes described above or as required by law. Contact enquiries are typically retained for up to 24 months, after which they are deleted or anonymised.

9. Your rights

Under the GDPR you have the right to access your data, to request correction or deletion, to restrict or object to processing, to data portability, and to withdraw consent at any time. You also have the right to lodge a complaint with a supervisory authority, such as the data protection authority of North Rhine-Westphalia. To exercise any of these rights, contact us at [email protected].

10. Data security

We use appropriate technical and organisational measures to protect your personal data against unauthorised access, loss or misuse. However, no method of transmission over the internet is completely secure, and we cannot guarantee absolute security.

11. Changes to this policy

We may update this Privacy Policy from time to time. The latest version will always be available on this page, with the "last updated" date shown above.

12. Contact us

If you have any questions about this Privacy Policy or how we handle your data, please contact us at [email protected] or by post at Schildergasse 33, 50667 Köln, Germany.