At Cup O' Joes we take your privacy extremely seriously and we will never sell or share your Personal Information with anyone outside of Cup O' Joes. We use your Personal Information – information which you consent to give us – only and exactly as we need to in order to fill your orders and stay in communication with you. You have the right to review and manage this information at any time, with complete control over updating, deleting, or otherwise changing any of it.
Cup O' Joes
Attn: Privacy Officer
600 Perdue Ave
Richmond, VA 23224
1. Information that can be used to identify you.
We collect information that can be used to identify you in these ways: 1) if you create an account, even if you don't purchase anything; 2) if you create an account on checkout during purchase; 3) if you check out as a guest; and 4), if you subscribe to receive our promotional emails.
Created Accounts. When you create an account, whether or not you purchase anything, we collect your name, email address, regular address, and birth date (necessary to prove that you can legally buy tobacco). If you make a purchase, you also create an order history. You can access this order history along with your personal details at any time. All you have to do is log into your account.
Guest Checkouts. When you check out as a guest, we collect your name, email address, regular address, and birth date (necessary to prove that you can legally buy tobacco). Checking out as a guest is different from creating an account only in that you don't have access to an order history, and no one can use your account fraudulently because you do not have an account. Your personal information however, is the same, whether guest or account, and we do hold onto this information on our customer service backend. We need this information in order to process and ship your orders to you. You can of course ask us to remove this information by emailing us at email@example.com.
Email Subscription. We use the services of Mailchimp to send email, whether for general communications, or for our Get Our Specials emails. Mailchimp is one of the leading providers of email software and participates in the EU-US and Swiss-US Privacy Shield Framework, which is a framework agreement between the United States and member countries to ensure Privacy accountability on the part of member organizations. To learn more about the EU-US Privacy Shield program, and to view Mailchimp’s certification, please visit the U.S. Department of Commerce site at Privacy Shield. Mailchimp is firmly committed to your privacy.
When you subscribe to receive our Get Our Specials emails – that is, when you opt-in – we collect your name and email address, and a little about your smoking preferences. Note that only first name and email address are required. Note as well that we use what's called a double-opt in when you are subscribing to this email. That means that it's not enough to submit the subscription form. You will also get an email asking you to confirm that you have submitted this form. You are added to the email list only after you confirm. This ensures that no one is making a false subscription using your email address. For more on how you can manage your Get Our Specials List, see "How to manage your personal information on Cup O' Joes" below.
When you create an account, whether or not you make a purchase, or if you check out as a guest, you are also automatically added to our Communication List so that we can keep in touch with you. This is important because from time to time it may be necessary to inform all our customers, as a group, of changes or other critical activities at Cup O' Joes, including updates to this Privacy statement. Occasionally, if we feel you may be happy to hear about some important special, we may also use this list to communicate with you. We'd rather risk your displeasure by sending the communication than have you be outright angry because we had an awesome sale and no one bothered to tell you. For more on how you can manage your Communication List, see "How to manage your personal information on Cup O' Joes" below.
Finally, with respect to email communications in general, whether it is the Communications List or the Get Our Specials List, note that we also may collect information regarding your interaction with e-mails we send, such as whether you opened, clicked on, or forwarded a message. This data adds nothing to your privacy information and in no way has an impact on it, nor can it be used on its own to identify you, but only helps us to better understand if you did receive our email and if it was in some sense useful to you.
Beyond the above, we DO NOT collect any other information that can be used to identify you.
2. Information that CANNOT be used to identify you.
Information that cannot be used to identify you is information that we collect automatically, as part of the normal operation of our servers and of the “Internet” in general, which requires that certain information be logged. None of this information can be used to identify you personally.
Analytics. When you visit Cup O' Joes, we use a third party service, Google analytics, to collect standard internet log information and details of visitor behavior. We do this to find out things such as the number of visitors to the website, what pages they visit, where they're coming from, and if they're looking at the website on their phones or a desktop computer. This helps us make decisions about how to make the website better for those same visitors. At no point is personal information about you collected. Or to put it another way, there is no hope of identifying who you are on the basis of this information, not by Cup O’ Joes, and not by Google.
System Info. When you place an order, create an account, or contact us, in addition to your personal information, we also collect some anonymous data. This data includes your IP Address, and information about how you interacted with Cup O' Joes – whether you reached us with a phone call or by visiting our storefront, and whether you used a desktop or a mobile device (for the storefront). This information is completely anonymous. It, and your personal information, are not "automatically" tied together beyond your order details. Nor is this information included in your personal store account but is instead kept in server logs. Servers logs do not contain personally identifying data but only machine performance data. In other words, this anonymous data cannot be used to identify you in any way. Nor can we delete it, because it is part of the system logs, not part of your order history or customer profile. To give you an example: we collect IP Addresses. IP Addresses are used to identify where you connected to the Internet. But they don’t tell us anything about who did the connecting. Every time you log into a public WiFi, or into your home Network, that WiFi and that Network have an IP Address. So we know where you’re coming from. What we don’t know is who is coming from there – i.e., John Smith at such and such an IP Address. IPs are simply how machines communicate with each other.
Cookies are small text files placed on your computer to collect standard internet log information and visitor behaviour information. This information is used to track visitor use of the website and to compile statistical reports on website activity as well as to help us improve our service. It is also used to make your shopping experience better by, for example, remembering you in our loyalty program after you log in, or remembering what you put in your shopping cart.
Some cookies are necessary for you to be able to actually shop – cookies, for example, remember who you are as you go from page to page, log in, proceed to checkout. Without these cookies, you wouldn’t be able to buy anything, not just from Cup O’ Joes, but from Amazon or anywhere else.
Some cookies, called third-party cookies, while not necessary as just described above, are set by our Analytics program. These are used to get statistical data about how the website is doing and we use that data to improve the site. Ultimately, it helps us help you shop more easily.
Cookies do NOT install program code in your browser; they’re just bits of text. And in general, cookies also do not carry or extract personally identifiable information – they won’t carry your name, for example; just browser data. Allowing cookies is also fully under your control. You may change your cookie settings at any time in your browser, including choosing not to accept any cookies from any website at all. Note however, that if you disallow all cookies, you won’t be able to checkout on Cup O’ Joes, and your experience on other websites will also suffer.
4. Your Credit Card/Payment Information
Regular Payment Processing. Note that we do NOT store credit cards in any way, nor directly handle credit card transaction information during your regular checkout, nor can we ever see your credit card details during these checkouts. Your payment is processed by our credit card processing vendor, Paypal, in conjunction with your credit card issuer or bank.
Paypal itself uses the strongest possible security measures to protect your information both during the transaction and after it is complete. Paypal is certified as fully PCI DSS compliant, as well as compliant with all card association security initiatives, including the Visa Cardholder Information Security and Compliance (CISP), MasterCard® (SDP), and Discovery Information Security and Compliance (DISC).
Call-In Orders. Sometimes you may prefer to call in an order instead of going through the checkout process. In this case we are happy to complete the order for you and will do so by logging into your account from our customer service backend in order to complete the transaction. To complete the order, we will need your credit card information, which we will take over the phone. Please note that we do not write this information down or store it in any way. Beyond completing the transaction at your request, your purchase is subject to exactly the same terms described in the four preceding paragraphs.
IMPORTANT: Note that we do not accept credit card information submitted by email, text, or any other written method, and that if we do receive such, we will not use it and will delete or destroy it right away.
We collect the Personal Information listed above to help us fill your orders, to bring you sales at Cup O' Joes that you might find of interest, to communicate with you about your order or account, or to let you know what's happening at Cup O' Joes. We collect the Information that CANNOT be Used to Identify You to make our technology systems better, and to make our product catalog and customer service better, so that we might serve you better. Beyond that, we have no other purpose for the information, nor do we collect any information that is not related to the aforementioned.
There are only two ways in which we use the personal information we collect about you. One, to fill your orders – at which time we have no choice but to share your delivery information with the shipping service. Two, to communicate with you, either to notify you personally about something concerning your order, your account, or changes at Cup O' Joes; or to send you our specials, if you have signed up to hear about these.
Beyond using your personal information as just described, note that we do hold onto that information and do not delete it for good unless you ask us to. This information is part of your store account if you have created one, or if you have completed checkout during purchase, and it consists of your personal details including your name, email, and address, along with your order history. What we do not keep – and never have access to – are your financial details, including credit or bank cards, social security number or other legal identifier that the payment processor might request.
Please note that if a law enforcement agency requests it, we may be required to share your information with the requesting agency. This is not voluntary; we don't have a choice in this.
Securing your Personal Information and keeping it safe, of course, is everything. To this end, we have certain security protocols in place. Some of these have to do with physical systems like servers and software, and some concern our personnel – the human beings that work at Cup O’ Joes. We take every precaution possible to ensure that we protect your information on both counts.
Hardware, software, transport protocols, and general systems security. The entire Cup O’ Joes site – not just checkout – is protected with our private SSL (this is different from and much more powerful than shared SSL). SSL ensures that the transport of information across the site and back and forth between payment systems or when submitting personal information is encrypted and stays secure. You may view our certificate at any time by clicking the green lock or bar in your browser, which is to the left of the URL field (where you see our domain name at the top of your browser). The specific type of SSL we use is the GeoTrust True BusinessID with Extended Validation (EV), which is the strongest form of SSL available.
The Cup O’ Joes shopping system is comprised of software, this software sits on servers. The software we use is delivered SaaS (Software as a Service) by BigCommerce and it sits on their servers. BigCommerce is one of the leading shopping systems anywhere and takes security exceptionally seriously. BigCommerce is Certified LEVEL 1 PCI DSS compliant. LEVEL 1 is the highest form of compliance available. BigCommerce in turn does not share your personal information (where you are considered our customer) with any third parties.
Additionally, BigCommerce participates in the EU-US and Swiss-US Privacy Shield Framework, which is a framework agreement between the United States and member countries to ensure Privacy accountability on the part of member organizations. To learn more about the EU-US Privacy Shield program, and to view BigCommerce’s certification, please visit the U.S. Department of Commerce site at Privacy Shield.
Personnel. Our people are required to conduct themselves in a manner consistent with the company’s guidelines regarding confidentiality, business ethics, appropriate usage, and professional standards. Before we hire someone who may come in contact with your information, we conduct reasonably appropriate background checks to the extent legally permissible and in accordance with applicable local labor law and statutory regulations.
Our people also have to sign a confidentiality agreement and must acknowledge receipt of, and compliance with, Cup O' Joes' confidentiality and privacy policies. We provide them with security training, and with handling our customer's personal data if and when they have to. Note that only a few of our personnel will ever come into contact with your personal data – those concerned with filling your order; all others cannot access it without specific authorization.
First, Your General Privacy Rights
You have the right to ask us if we hold any Personal Information about you and if so, to request a copy of that information. You also have the right to ask us to remove or correct any Personal Information which you consider inaccurate. You may also remove or update most of this information yourself. Below, we will show you where this information can be found and what you can do with it. If you have created an account at any point, you can request that we remove the entire account and all its associated information – in short, everything. It is your right to be forgotten. To do so, please send your request and any comments you may have regarding your privacy to firstname.lastname@example.org.
Manage Your Store Account
Your store account contains all information you submit to us, including name, email, delivery and/or billing address, and birth date (necessary to prove that you can legally buy tobacco). It also contains your purchase history if you've made purchases. To change submitted information, sign in to Cup O' Joes , go to "Account Settings" to update personal data, or go to "Addresses" to update address information.
If you would like to delete your entire account, which will also delete your purchase history and any or all data we have on you right across our system, please email us at email@example.com. Note that this cannot be undone.
Manage Your Information as a Guest Checkout
If you check out as a guest, note that we have your information, which includes your order history, on our customer service backend. What doesn’t exist, is an account on the frontend (the website) for you to log into. We can of course remove this backend information for good. If you’d like to see it go, please email us with your request at firstname.lastname@example.org. Again, this cannot be undone.
Manage Your Loyalty Program
When you create an account on Cup O' Joes you are automatically enrolled in our Loyalty program. This is an extension of your store account and uses no additional information beyond what you have already given us in that store account. You can choose not to participate in the Loyalty program yet continue to have an account at Cup O' Joes. To end participation, sign in to Cup O' Joes, click on "Kathy's Cash," click "Account," and next to where it says "Account Status: Active" click "Withdraw."
Manage Your Get Our Specials Emails
The Get Our Specials list is a double-opt-in email list in which you agreed to receive emails on our specials whenever we send them. You may opt out of this list at any time by using the UNSUBSCRIBE link in any of the Get Our Specials emails you have received. If you opt out, and later change your mind, you can subscribe again at any time.
You may also contact us at email@example.com to request complete removal from the list, not just unsubscribe (which means we’ll never communicate with you again). At this time we will delete all your information from the list. Note that this cannot be undone.
Product Review Emails
If you have purchased from us, shortly after you receive your merchandise you will get an email asking you to review the products you purchased. If you don't want to receive these on future purchases all you have to do is unsubscribe at the bottom of the review email and you will never receive one of these emails again.
Bear in mind that this email is not part of any mailing "list" but part of the normal operation of our shopping system. We cannot delete this information without deleting your entire account at Cup O' Joes (which we will be happy to do if you request this – see "Manage Your Store Account" above). Instead, what happens is that a new piece of information is added to your account, and this information says, "do not email me with product review requests."
Our Communications List - AKA, All other Cup O' Joes Emails
We may occasionally send customers an email with updates about our shopping system, new features, updates to terms or privacy, and, occasionally, sales or specials. This email affects all customers who have an account with us and it is a "list" email we maintain on Mailchimp. It is part of the normal and necessary operation of our shopping system and your addition to this list is therefore automatic if you have created an account with us, or if you have purchased from us, even if you check out as a guest. That’s because your purchase action or account creation action automatically creates a business relationship between you and Cup O’ Joes, and such a relationship will likely require communication.
You may opt out from receiving these emails by using the UNSUBSCRIBE link in any of the emails we send, and we will never contact you again. The only exception would be an emergency – and this is not something we can currently foresee. You may also request that we delete you from the list entirely, but to do so we have to delete your entire account and/or order history on Cup O' Joes. If this is your wish, email us with your request at firstname.lastname@example.org. Note that this cannot be undone.
For Any of the Above
If you'd prefer to have us handle any of the above on your behalf, or if you have additional concerns, please email us at email@example.com.
We do not knowingly collect Personal Information from anyone under 21, and any such information, if submitted, has been submitted fraudulently. If we learn that we have collected Personal Information from someone under 21, we will delete that information at once, and if at all possible, report the fraudulent activity to the proper authorities. If you believe that we may have collected any such Personal Information on Cup O' Joes, please notify us right away at firstname.lastname@example.org.