coffee.co.uk - Privacy Policy

Privacy Policy - coffee.co.uk

The domain name coffee.co.uk is owned and operated by a private UK individual for non-commercial purposes only.

Unsolicited commercial email sent to any address at coffee.co.uk will be reported as abuse to the originating ISP / mail provider.

The owner of coffee.co.uk may seek compensation for the unlawful use of personal data collected or processed which contravenes
provisions of the Data Protection Act 2018 or The Privacy and Electronic Communications (EC Directive) Regulations 2003.

The privacy policy below will explain how the personal data collected from you when you visit this website is used.

The type of personal information collected

This web server and the firewall which protect it may collect and process the following information:

Technical information including your IP address, browser type, version and operating system.
Details of what your browser requests from the web server, including unsuccessful requests for files which are not found.
If you followed an external link to navigate to this web site, details of that referrer's URL may be logged.
Usernames used to obtain authenticated access to a restricted area of the web site.

How we get the personal information and why we have it

This web server and firewall may collect information when you visit the following sites and the IP adresses associated with them;

coffee.co.uk
www.coffee.co.uk
other active hosts and subdomains of coffee.co.uk

Your data is used to provide you with the web pages, images and other files which you have requested or to provide
error messages when the resources you have requested either don't exist or you are not authorized to access them.

What are the lawful bases for processing your data?

Under Article 6 of the UK General Data Protection Regulation (GDPR), the lawful basis relied on for processing this information is:

(f) Legitimate interests:

Fraud prevention, network and information systems security:

Your data is also used to detect, research and prevent fraudulent activity as well as attempts to gain unauthorized access or cause
disruption to the proper function of the web server and associated infrastructure, and any other forms of network abuse.

As part of this process your data may be shared with;

Organizations providing realtime blacklists, IP reputation and geolocation services.
Organizations providing direct support to the security infrastructure used to protect the web server.

Abuse

In the event that clear abuse is identified your information may be shared with;

Your internet service provider.
The WHOIS abuse contact for your IP addresses.
Law enforcement and regulatory authorities.
Cybersecurity researchers.

It may also be published online on this or any other website or in any printed publication, email or written form as a documented
public interest example of abusive activity.

Cookies

This web server only sets strictly necessary session cookies for password protected sections of the web site. No cookies are set
for any other locations on this web site and no third party cookies are used.

How your data is stored

The web server and associated infrastructure operate from private domestic premises in the UK with strong physical and
technical security measures in place.

The web server's access, error and web application firewall logs, and the hardware firewall logs are kept for two years to enable
the identification and investigation of persistent and long-term threats. Automatic log file rotation occurs weekly and log files
more than two years old are deleted.

Your data rights

Under data protection law, you have rights including:

Your right of access - You have the right to ask us for copies of your personal information.

Your right to rectification - You have the right to ask us to rectify personal information you think is inaccurate. You also have
the right to ask us to complete information you think is incomplete.

Your right to erasure - You have the right to ask us to erase your personal information in certain circumstances.

Your right to restriction of processing - You have the right to ask us to restrict the processing of your personal information
in certain circumstances.

Your right to object to processing - You have the the right to object to the processing of your personal information in certain
circumstances. There are legitimate reasons why we may refuse your objection.

Your right to data portability - You have the right to ask that we transfer the personal information you gave us to another
organisation, or to you, in certain circumstances.

You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.

Please contact us via email at privacy dot admin at domain if you wish to make a request.

How to complain

If you have any concerns about our use of your personal information, you can make a complaint to us via email at the privacy
admin address.

You can also complain to the ICO if you are unhappy with how we have used your data.

The ICO’s address:

Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF

Helpline number: 0303 123 1113

ICO website: https://www.ico.org.uk

V1.1 8 April 2023

Home