Privacy Policy

Puca Coffee (Puca Italian Essence Ltd.)

Last updated: [Insert Date]

1. Who We Are

Puca Coffee is operated by:

Puca Italian Essence Ltd.
Trading as: Puca Coffee
Registered in Ireland
VAT Number: IE4416111PH
Email:customerservice@pucacoffee.ie
Website: www.pucacoffee.ie

For the purposes of data protection law, we are the Data Controller of your personal data.

We are committed to protecting your privacy and handling your personal information transparently and securely in accordance with the General Data Protection Regulation (GDPR) and Irish data protection law.

2. What Personal Data We Collect

Depending on how you interact with our website, we may collect:

A. When You Place an Order (WooCommerce)

• Full name
• Billing and shipping address
• Email address
• Phone number
• Order details
• Payment information (processed securely via WooPayments or Square, we do not store full card details)

B. When You Contact Us (Contact Form 7 / Email)

• Name
• Email address
• Phone number (if provided)
• Message content

C. Live Chat (3CX)

If you use our live chat:

• Name (if provided)
• Email address (if provided)
• Phone number (if provided)
• Chat transcripts

Chat conversations may be stored for customer service and quality purposes.

D. Newsletter (Brevo)

If you subscribe to our newsletter:

• Name
• Email address
• Marketing preferences
• Interaction data (opens, clicks)

You can unsubscribe at any time.

E. CRM (Jetpack CRM)

We store customer details in our CRM system for:

• Order management
• Customer support
• Business communications
• Warranty and service records

F. Technical Data (Automatic)

When you visit our website:

• IP address
• Browser type
• Device information
• Cookies and usage data

3. How We Use Your Data

We use your personal data for:

• Processing and delivering orders
• Customer service and support
• Managing warranties
• Sending order confirmations
• Sending newsletters (with consent)
• Preventing fraud
• Improving website performance
• Legal compliance (VAT and accounting records)

We only process your data where we have a lawful basis.

4. Lawful Basis for Processing

Under GDPR, we rely on:

Contractual necessity
To process your order and deliver products.

Legal obligation
To comply with tax and accounting regulations.

Legitimate interest
To improve our services and prevent fraud.

Consent
For marketing communications and newsletters.

5. Payment Processing

Payments are processed securely by:

• WooPayments
• Square

We do not store full credit or debit card details.

These providers process data in accordance with their own privacy policies.

6. Email and Communications

Emails sent via our website may be processed using:

• WP Mail SMTP
• Our hosting provider

We retain email communications for business and legal purposes.

7. Cookies

Our website uses cookies for:

• Essential site functionality
• Shopping cart functionality
• Performance and analytics
• Marketing (if enabled)

You can manage cookie preferences through our cookie banner.

A full Cookie Policy should be provided separately.

8. Data Retention

We retain personal data:

• Order data: 6–7 years (Irish tax law requirement)
• Marketing data: Until you unsubscribe
• Contact enquiries: Up to 24 months
• Chat transcripts: As required for support records

We do not keep personal data longer than necessary.

9. Data Sharing

We may share your data with:

• Payment processors (WooPayments, Square)
• Hosting providers
• Shipping and courier services
• Email marketing provider (Brevo)
• IT and website service providers

We do not sell your personal data.

10. International Transfers

Some third party providers may process data outside the European Economic Area.

Where this occurs, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission.

11. Your Rights Under GDPR

You have the right to:

• Access your personal data
• Correct inaccurate data
• Request erasure
• Restrict processing
• Object to processing
• Withdraw consent
• Data portability
• Lodge a complaint with the Data Protection Commission (Ireland)

12. Security

We implement appropriate technical and organisational measures including:

• SSL encryption
• Secure hosting
• Limited staff access
• Password protection
• Secure payment gateways

However, no internet transmission is completely secure.

13. Children

Our products are not directed at children under 16. We do not knowingly collect personal data from minors.

14. Changes to This Policy

We may update this policy periodically. Updates will be posted on this page.

GDPR NOTICE (Short Version for Footer / Checkout)

Puca Coffee processes your personal data to fulfil orders, manage customer service, and comply with legal obligations. We only use your data where legally permitted and never sell your information. You have rights under GDPR including access, correction, and deletion. Contact customerservice@pucacoffee.ie for any data requests.