The Flat White Society

Privacy Policy

Last updated: 24 August 2025

1. Introduction

The Flat White Society ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and protect your personal information when you use our website theflatwhitesociety.com.

We are committed to complying with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

2. Information We Collect

2.1 Information You Provide

  • Account Information: Email address, name, and profile preferences when you create an account
  • User Content: Reviews, comments, ratings, and other content you submit
  • Communication: Messages you send to us or other users
  • Newsletter: Email address when you subscribe to our newsletter

2.2 Information We Collect Automatically

  • Usage Data: Pages visited, time spent, features used, and interactions
  • Technical Data: IP address, browser type, device information, and operating system
  • Location Data: General location information (city/country level) for coffee shop recommendations
  • Cookies: Small text files stored on your device to improve your experience

3. How We Use Your Information

We use your information to:

  • Provide and improve our coffee discovery services
  • Personalize your experience and recommendations
  • Process and display your reviews and comments
  • Send you important updates and newsletters (with your consent)
  • Analyze website usage and improve functionality
  • Ensure security and prevent fraud
  • Comply with legal obligations

4. Legal Basis for Processing (GDPR)

Under GDPR, we process your data based on:

  • Consent: For newsletters and optional features
  • Contract: To provide our services when you create an account
  • Legitimate Interest: To improve our services and ensure security
  • Legal Obligation: To comply with applicable laws

5. Information Sharing and Disclosure

We do not sell, trade, or rent your personal information. We may share your information in these limited circumstances:

  • Public Content: Your reviews and comments are publicly visible to other users
  • Service Providers: With trusted third-party services that help us operate our website
  • Legal Requirements: When required by law or to protect our rights and safety
  • Business Transfers: In connection with a merger, acquisition, or sale of assets

6. Third-Party Services

We use these third-party services:

  • Supabase: Database and authentication services
  • Google Maps: Location and mapping services
  • Analytics: Website performance and usage analytics
  • Email Services: Newsletter and communication delivery

Each service has its own privacy policy. We recommend reviewing their policies for more information.

7. Data Security

We implement appropriate security measures to protect your information:

  • Encryption of data in transit and at rest
  • Secure authentication and access controls
  • Regular security assessments and updates
  • Limited access to personal data by authorized personnel only

However, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security.

8. Data Retention

We retain your information for as long as necessary to:

  • Provide our services
  • Comply with legal obligations
  • Resolve disputes and enforce agreements
  • Improve our services

Account data is retained while your account is active. You can request deletion of your account and data at any time.

9. Your Rights (GDPR)

Under GDPR, you have the right to:

  • Access: Request a copy of your personal data
  • Rectification: Correct inaccurate or incomplete data
  • Erasure: Request deletion of your personal data
  • Portability: Receive your data in a structured format
  • Restriction: Limit how we process your data
  • Objection: Object to certain types of processing
  • Withdraw Consent: Withdraw consent for optional features

10. Cookies and Tracking

We use cookies and similar technologies to:

  • Remember your preferences and settings
  • Analyze website usage and performance
  • Provide personalized content and recommendations
  • Ensure security and prevent fraud

You can control cookies through your browser settings. Disabling cookies may affect website functionality.

11. Children's Privacy

Our website is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us.

12. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place for international data transfers, including standard contractual clauses approved by the European Commission.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by:

  • Posting the updated policy on our website
  • Updating the "Last updated" date
  • Sending email notifications for major changes

Your continued use of our website after changes constitutes acceptance of the updated policy.

14. Contact Information

If you have questions about this Privacy Policy or want to exercise your rights, please contact us:

Website: theflatwhitesociety.com

Email: [Your contact email]

Address: [Your business address]

You also have the right to lodge a complaint with your local data protection authority if you believe we have not addressed your concerns adequately.

We are committed to protecting your privacy and being transparent about how we handle your information. Thank you for trusting The Flat White Society with your data.