Privacy

This Privacy Policy describes how best-tea-box.com (the “Site” or “we”) collects, uses, and discloses your Personal Information when you visit or make a purchase from the Site.

1. Collecting Personal Information

When you visit the Site, we collect certain information about your device, your interaction with the Site, and information necessary to process your purchases. We may also collect additional information if you contact us for customer support. In this Privacy Policy, we refer to any information that can uniquely identify an individual (including the information below) as “Personal Information”. See the list below for more information about what Personal Information we collect and why.

1.1 Device information

  • Examples of Personal Information collected: version of web browser, IP address, time zone, cookie information, what sites or products you view, search terms, and how you interact with the Site.
  • Purpose of collection: to load the Site accurately for you, and to perform analytics on Site usage to optimize our Site.
  • Source of collection: Collected automatically when you access our Site using cookies, log files, web beacons, tags, or pixels.

1.2 Order information

  • Examples of Personal Information collected: name, billing address, shipping address, payment information (including credit card numbers, PayPal addresses), email address, and phone number.
  • Purpose of collection: to provide products or services to you to fulfill our contract, to process your payment information, arrange for shipping, and provide you with invoices and/or order confirmations, communicate with you, screen our orders for potential risk or fraud, and when in line with the preferences you have shared with us, provide you with information or advertising relating to our products or services.
  • Source of collection: collected from you.

1.3 Customer support information

  • Examples of Personal Information collected: email addresses, order IDs, shipping addresses, or phone numbers.
  • Purpose of collection: to provide customer support.
  • Source of collection: collected from you.

1.4 Minors

The Site is not intended for individuals under the age of 18. We do not intentionally collect Personal Information from children. If you are the parent or guardian and believe your child has provided us with Personal Information, please contact us at the address below to request deletion.

2. Using Personal Information

We use your Personal Information to provide our services to you, which includes: offering products for sale, processing payments, shipping and fulfillment of your order, and keeping you up to date on new products, services, and offers.

3. Sharing Personal Information

We may share your Personal Information to comply with applicable laws and regulations, to respond to a subpoena, search warrant, or another lawful request for information we receive, or to otherwise protect our rights.

3.1 Essential services

We share your Personal Information with service providers to help us provide essential services (as receiving payments or shipping) and fulfill our contracts with you, as described above. For example:

  • We accept payments through Stripe. When processing payments, some of your data will be passed to PayPal, including information required to process or support the payment, such as the purchase total and billing information. Please see the Stripe Privacy Policy for more details.
  • We accept payments through PayPal. When processing payments, some of your data will be passed to PayPal, including information required to process or support the payment, such as the purchase total and billing information. Please see the PayPal Privacy Policy for more details.
  • To fulfill your order we share your shipping address with Deutsche Post DHL Group. Please see https://www.dpdhl.com/en/data-protection.html for more details.

3.2 Behavioural Advertising

As described above, we use your Personal Information to provide you with targeted advertisements or marketing communications we believe may be of interest to you. For example:

  • We use Google Analytics to help us understand how our customers use the Site. You can read more about how Google uses your Personal Information here: https://policies.google.com/privacy?hl=en.You can also opt-out of Google Analytics here: https://tools.google.com/dlpage/gaoptout.
  • We share information about your use of the Site, your purchases, and your interaction with our ads on other websites with our advertising partners. We collect and share some of this information directly with our advertising partners, and in some cases through the use of cookies or other similar technologies (which you may consent to, depending on your location).

For more information about how targeted advertising works, you can visit the Network Advertising Initiative’s (“NAI”) educational page at http://www.networkadvertising.org/understanding-online-advertising/how-does-it-work.

You can opt-out of targeted advertising by:

Additionally, you can opt-out of some of these services by visiting the Digital Advertising Alliance’s opt-out portal at: http://optout.aboutads.info/.

3.3 Newsletter & emails

If you have subscribed to our newsletter or if you are a member of our website (you can log in) or if you have purchased on our website, there is a good chance you will receive emails from us.

  • We will only send you emails that you have signed up to receive or which pertain to the services we provided to you.
  • To send you emails, we use the name and email address you provide us. Our site also logs the IP address you used when you signed up for the service to prevent system abuse.
  • No identifiable information is otherwise tracked outside this website except for the email address.

3.3.1 Newsletter delivery via Amazon Web Services (AWS)

Our newsletter, incl. subscription confirmation, is sent via the Amazon Simple Email Service (Amazon SES), an offer of the technical service provider Amazon Web Services Inc, 410 Terry Avenue North, Seattle, WA 98109, United States (https://aws.amazon.com/). 

During the newsletter dispatch, we temporarily forward your e-mail address and the e-mail content to an AWS server within the EU. This transfer takes place in accordance with GDPR and serves our legitimate interest in the use of an effective, secure, and user-friendly e-mail transmission.

To protect your personal data (specifically just your e-mail address), some of which may be stored in the United States, we have entered into a Data Processing Agreement with Amazon Web Services Inc. based on the standard contractual clauses of the European Commission to enable the transfer of your personal data to Amazon Web Services Inc. This data processing agreement can be viewed at the following link: https://d1.awsstatic.com/legal/aws-gdpr/AWS_GDPR_DPA.pdf.

Amazon Web Services Inc. is also certified under the EU-US Privacy Shield and is committed to fully complying with EU data protection regulations. The certification can be viewed at the following link: https://www.privacyshield.gov/participant?id=a2zt0000000TOWQAA4

More information about Amazon Simple Email Service and the use and processing of data by Amazon Web Services Inc. can be found at http://aws.amazon.com/de/ses/ and http://aws.amazon.com/de/privacy/

3.4 Device-based Privacy Consent 

This website uses the Privacy Suite for WordPress by Complianz to collect and record Browser and Device-based Consent. For this functionality, your IP address is anonymized and stored in our database. This service does not process any personally identifiable information and does not share any data with the service provider. For more information, see the Complianz Privacy Statement.

4. Access to Personal Information

Members of our team have access to the information you provide us. For example, both Administrators and Shop Managers can access:

Order information like what was purchased, when it was purchased and where it should be sent, and

Customer information like your name, email address, and billing and shipping information.

Our team members have access to this information to help fulfill orders, process refunds and support you. They are not allowed to share this information with third parties.

5. Lawful basis

Pursuant to the General Data Protection Regulation (“GDPR”), if you are a resident of the European Economic Area (“EEA”), we process your personal information under the following lawful bases:

  • Your consent;
  • The performance of the contract between you and the Site;
  • Compliance with our legal obligations;
  • To protect your vital interests;
  • To perform a task carried out in the public interest;
  • For our legitimate interests, which do not override your fundamental rights and freedoms.

6. Retention

When you place an order through the Site, we will retain your Personal Information for our records for two years unless you ask us to erase this information. For more information on your right of erasure, please see the ‘Your rights’ section below.

7. Automatic decision-making

If you are a resident of the EEA, you have the right to object to processing based solely on automated decision-making (which includes profiling), when that decision-making has a legal effect on you or otherwise significantly affects you.

We do not engage in fully automated decision-making that has a legal or otherwise significant effect using customer data.

However, our payment service providers may use services that include elements of automated decision-making, for example:

  • Temporary denylist of IP addresses associated with repeated failed transactions. This denylist persists for a small number of hours.
  • Temporary denylist of credit cards associated with denylisted IP addresses. This denylist persists for a small number of days.

8. Selling Personal Information

Our Site doesn’t sell any Personal Information.

9. Your rights

If you are a resident of the EEA, you have the right to access the Personal Information we hold about you, to port it to a new service, and to ask that your Personal Information be corrected, updated, or erased. If you would like to exercise these rights, please contact us through the contact information below.

Your Personal Information will be processed and stored in Germany. It may be transferred outside of Europe for storage and further processing, including to Canada and the United States.

10. Changes

We may update this Privacy Policy from time to time to reflect, for example, changes to our practices or for other operational, legal, or regulatory reasons.

11. Contact

For more information about our privacy practices, if you have questions, or if you would like to make a complaint, please get in touch with us by e-mail at hello@best-tea-box.com or by mail using the details provided below:

Best Tea Box, c/o Dr. Peter Koval, Brunnenstr. 164, 10119 Berlin, Germany

Last updated: Jan 8th, 2022

If you are not satisfied with our response to your complaint, you have the right to lodge your complaint with the relevant data protection authority. You can contact your local data protection authority or our supervisory authority here: https://www.datenschutz-berlin.de/

Shopping Cart