GDPR Policy

Protection of personal data (rev. 1 from 07.09.2023) 

Privacy policy 

The processing of your personal data, in the context of using the website, is done in accordance with the legal provisions regarding the protection of personal data. 

Processing of personal data.

The processing of personal data is done only when it is necessary to process your requests (e.g. processing and delivery of orders, etc.). If you decide to sign up for the newsletter, you give your explicit consent to receive information about Coffee Dive’s activities and news, as well as information of potential interest to you. Withdrawal of consent can be done by unsubscribing. Withdrawal of consent will not affect the lawfulness of any processing that took place prior to its withdrawal. Personal data is obtained directly from you when you fill out the contact form or send us information through any other method of communicating with us (e.g. email, telephone). The data we collect identification data and contact data. This data is necessary to be able to communicate with you for the purpose for which you have chosen to interact with us. Social network “plugins” are highlighted. To prevent data collection by the social network operator through our website, you must log out of the social network operator’s service before visiting our website. The data usage policies of the social platforms are available on their websites. Your rights 

In accordance with the provisions of the GDPR, you have the following rights: the right of access, the right to rectification of data, the right to delete data or the right to be forgotten, the right to restrict processing, the right to data portability, the right to opposition and the automated individual decision-making process, including the creation of profiles, the right to withdraw consent in case processing for the purpose of information or promotion, the right to a judicial appeal, the right to file a complaint before an authority supervising the processing of personal data. In Romania, the competent authority is the National Supervisory Authority for Personal Data Processing, To exercise any of the above rights, we invite you to use the contact details. After receiving the request, we will verify the identity of the data subject. To the extent that the identity of the person concerned cannot be confirmed, the request will be rejected. If the data subject, in order to exercise his rights, provides additional information that allows his identification, the request will be analyzed. The deadline for submitting the answer is 30 days, under the conditions provided by the GDPR. When necessary, for reasons related to the complexity and volume of applications received simultaneously, this period may be extended. By accessing our website, you have become aware of the information on the protection of personal data. 

Methods of storage 

The data collected are stored on the servers of IT solution providers (invoicing, hosting, etc.). Data storage is done strictly for the purpose of being able to interact with you; the data is not used for any other purpose. 

Duration of retention of personal data 

Contact data processed for marketing purposes will be processed during the period for which you maintain your consent to receive such communications, upon withdrawal of consent they will be deleted. We will not retain personal data for longer than is necessary to fulfill the specific purpose of use. 

Security of personal data 

Through the technical and organizational measures implemented, personal data are protected against unauthorized access, disclosure, use, modification or destruction by any natural or legal person. Transfer of data to third parties Coffee Dive does not distribute personal data to a third party for purposes other than those described on the website and in this Policy. Personal data will not be transmitted to countries located outside the European Union. Your personal information can be provided to state authorities, based on and within the limits of legal provisions and as a result of express requests made in this regard.

Payment transactions

Payments are processed by NETOPIA PAYMENTS, and the way this partner manages the personal data necessary to process transactions initiated by users can be found here: confidentiality/.


The transport is carried out with the partner Cargus, and the way in which this partner manages the personal data necessary to deliver the products ordered by users can be found here: – physics/ .


If any of the above clauses is found to be void or invalid for any reason, this will not affect the validity of the other clauses. By using the site, users accept without objection the conditions mentioned above.