Privacy Policy

At Crematica, we take your privacy seriously and are committed to protecting your personal information. This Privacy Policy explains how we collect, use, store and protect data gathered through our website, showroom visits and customer interactions. We comply with the General Data Protection Regulation and all applicable UK data protection legislation. By using our services, you consent to the data practices described in this policy.

Information We Collect

We collect various types of information depending on how you interact with our business. When you make a purchase through our website or in our Renfrew showroom, we collect personal details including your full name, billing address, delivery address, telephone number and payment information. This data is essential for processing your order, arranging delivery and providing customer support. For registered accounts, we also store your purchase history and product preferences to enhance your shopping experience.

Our website automatically collects technical information through cookies and similar technologies. This includes your IP address, browser type, operating system, referring website addresses and pages visited on our site. We use this data to analyze traffic patterns, improve website functionality and understand how customers navigate our online store. Additionally, when you communicate with us via telephone or written correspondence, we may retain records of those interactions for quality assurance and training purposes.

If you choose to subscribe to our newsletter or promotional communications, we collect your email address and communication preferences. You can modify these preferences or unsubscribe at any time. For warranty registration and service requests, we collect equipment serial numbers, purchase dates and details about the issue requiring attention. This information helps us provide efficient technical support and maintain accurate service records.

How We Use Your Information

The primary purpose of collecting your personal data is to fulfill our contractual obligations when you purchase coffee equipment from us. We use your information to process orders, coordinate delivery and installation services, handle payment transactions and provide post-purchase support. Your contact details enable us to communicate about order status, delivery schedules and any issues that may arise during the transaction process.

We also use your data to improve our services and understand customer preferences. Analysis of purchase patterns helps us stock appropriate inventory, identify popular products and develop new service offerings. Technical data collected through our website allows us to optimize page loading times, fix broken links and enhance the overall user experience. Understanding which products generate the most interest helps us create more relevant content and product recommendations.

With your explicit consent, we may send marketing communications about new product arrivals, special promotions, educational content about coffee preparation and invitations to showroom events. You have complete control over these communications and can opt out at any time without affecting your ability to make purchases or receive order-related messages. We never sell or rent your personal information to third parties for their marketing purposes.

Data Sharing and Third Parties

Crematica works with carefully selected third-party service providers to operate our business effectively. Payment processing is handled by secure payment gateway providers who process credit card and bank transfer transactions on our behalf. These providers maintain PCI DSS compliance and use industry-standard encryption to protect financial data. We do not store complete credit card numbers on our systems.

Shipping and logistics companies receive the information necessary to deliver your orders, including your name, delivery address and contact telephone number. For installation services, our technicians access this information along with product details to ensure proper setup. Cloud hosting providers store website data and customer records in secure data centers located within the United Kingdom or European Economic Area.

When processing warranty claims, we share relevant information with manufacturers including equipment serial numbers, purchase dates and descriptions of technical issues. This is necessary to validate warranty coverage and arrange repairs or replacements. We may also disclose personal information if required by law, court order or governmental authority, or when necessary to protect our legal rights and safety.

Data Security Measures

We implement comprehensive security measures to protect your personal information from unauthorized access, alteration, disclosure or destruction. Our website uses SSL encryption technology to secure data transmission between your browser and our servers. Customer databases are protected by firewalls, access controls and regular security audits. Only authorized personnel have access to personal data, and they are bound by confidentiality obligations.

Physical security measures protect information stored at our Renfrew location. Paper records containing personal data are kept in locked filing cabinets with restricted access. Computer systems require strong passwords and multi-factor authentication for administrative access. We maintain regular backup procedures to prevent data loss and ensure business continuity in the event of technical failures.

Despite our best efforts, no method of electronic storage or internet transmission is completely secure. While we strive to protect your personal information, we cannot guarantee absolute security. In the unlikely event of a data breach affecting your information, we will notify you promptly and take appropriate steps to minimize any potential harm, as required by law.

Your Rights and Choices

Under UK data protection law, you have several important rights regarding your personal information. You have the right to access the personal data we hold about you and receive a copy in a portable format. If any information is inaccurate or incomplete, you can request corrections. In certain circumstances, you may request deletion of your data, though we may need to retain some records for legal or accounting purposes.

You can object to processing of your personal data for marketing purposes at any time. This includes opting out of promotional emails, postal mailings and telephone marketing. You also have the right to restrict processing in specific situations, such as while we verify data accuracy following a correction request. If you have concerns about how we handle your information, you have the right to lodge a complaint with the Information Commissioner's Office, the UK's data protection authority.

To exercise any of these rights, contact us using the details on our contact page. We will respond to your request within one month, though complex requests may require additional time. We may ask you to verify your identity before processing requests involving personal data access or deletion.

Data Retention

We retain personal information only for as long as necessary to fulfill the purposes outlined in this policy. Transaction records and order histories are typically maintained for seven years to comply with accounting and tax regulations. Warranty information is kept for the duration of the warranty period plus an additional year. Marketing consent records are retained until you withdraw consent or the data becomes outdated.

When personal data is no longer needed, we securely delete or anonymize it according to established data disposal procedures. This ensures that your information cannot be reconstructed or accessed after deletion. Anonymous statistical data may be retained indefinitely for business analysis purposes, as it cannot identify individual customers.