Data protection
Our processing of our users’ personal data is limited to the data required to provide a functioning website and our content and services. The processing of personal data of our users only takes place for the purposes listed below and if there is a legal basis (in the sense of the GDPR). Only such personal data are collected that are actually necessary for the implementation and processing of our tasks and services or that you have made available to us voluntarily.
I. Name and address of the responsible
Café Umoja SRL
ICAFE Registration number: 1926
Turrialba, Costa Rica
[email protected]
+506 8328 0191
II. Description and scope of data processing
1. Delivery of website
Each time our website is accessed, our system automatically collects data and information from the computer system of the accessing computer.
The following data is collected here:
- Date and time of access
- The IP address of the user
- Information about the browser type and version used
We store this information for a maximum period of 30 days. The storage takes place for reasons of data security in order to guarantee the stability and operational security of our system.
2. Web anlysis
We analyze the use of our website with the web analysis tool Matomo (data protection declaration can be found at https://matomo.org/privacy-policy/). For this purpose, however, the automatically collected IP addresses are anonymized before the evaluation. All analyzes created are therefore based on anonymized data sets and there is no personal evaluation. The web analysis serves exclusively to optimize the website in terms of user-friendliness and the provision of useful information about our services. This data is not merged with other personal data sources or passed on to third parties.
In addition to the data mentioned, Matomo also uses so-called “cookies” (see below).
The legal basis for the temporary storage of the data and the log files is Article 6 (1) (f) GDPR.
There is no personal evaluation. The analyzes are based on anonymized data sets.
3. Cookies
We use cookies on our website to make our offer user-friendly. Cookies are small files that your browser creates automatically and that are stored on your end device (laptop, tablet, smartphone, etc.) when you visit our site. The cookies remain stored until you delete them. This enables us to recognize your browser again on your next visit.
If you do not want this, you can set up your browser so that it informs you about the setting of cookies and you allow them in individual cases. However, we would like to point out that deactivation means that you cannot use all the functions of our website.
The legal basis for the data processed by cookies is Article 6 (1) (f) GDPR.
4. Real cookie banner
To manage the cookies and similar technologies used (tracking pixels, web beacons, etc.) and related consents, we use the consent tool “Real Cookie Banner”. Details on how “Real Cookie Banner” works can be found at https://devowl.io/knowledge-base/real-cookie-banner-data-processing/.
The legal basis for the processing of personal data in this context are Art. 6 (1) lit. c GDPR and Art. 6 (1) lit. f GDPR. Our legitimate interest is the management of the cookies and similar technologies used and the related consents.
The provision of personal data is neither contractually required nor necessary for the conclusion of a contract. You are not obliged to provide the personal data. If you do not provide the personal data, we will not be able to manage your consents.
5. Google web fonts
This site uses so-called web fonts provided by Google for the uniform display of fonts. The Google Fonts are installed locally. There is no connection to Google servers.
6. Google Ads
We use Google Ads, a service provided by Google LLC (“Google”), to help us promote our products and services. Google Ads allows us to display advertisements to you when you visit other websites and perform certain actions on our website, such as completing a contact form or making a purchase.
To measure the effectiveness of our advertising campaigns, we use Google Ads conversion tracking. When you click on one of our ads and perform an action that we consider a conversion (e.g., submitting a contact form), Google Ads stores a cookie on your device. This cookie helps us track the success of our advertising efforts and understand which advertisements are most effective.
You can control how Google Ads tracks your interactions with our website by adjusting your browser settings to block cookies or by opting out of personalized advertising through Google’s Ad Settings.
7. Use of Google reCAPTCHA
We use Google reCAPTCHA on our website to prevent spam and abuse by automated software. reCAPTCHA checks if the data entered on our website (e.g., in a contact form) has been entered by a human or by an automated program.
Data Processing and Privacy
reCAPTCHA analyzes the behavior of the website visitor based on various characteristics. This analysis starts automatically as soon as the website visitor enters the site. For this analysis, reCAPTCHA evaluates various information (e.g., IP address, duration of the visitor’s stay on the website, or mouse movements made by the user). The data collected during the analysis will be forwarded to Google.
The reCAPTCHA analyses run entirely in the background, and website visitors are not advised that such an analysis is taking place unless a challenge is presented.
Legal Basis
The use of reCAPTCHA is necessary to ensure the security of our website and to protect us from automated entries (attacks). It represents a legitimate interest as defined in Article 6(1)(f) of the GDPR.
Data Storage and Sharing
The data processed by reCAPTCHA is subject to Google’s privacy policy and terms of use. For more information about Google reCAPTCHA and Google’s privacy policy, please visit: Google’s Privacy Policy and Terms of Use for reCAPTCHA.
8. Contact via online form & email
If you fill out a contact, voucher order or registration form or send us an e-mail or other electronic message, your details will only be used to process the request and any further questions related to it, and will only be used as part of the request.
The legal basis for processing your request is Article 6 (1) (a) or (b) GDPR.
We will delete your personal data after completing your request.
9. Members area
TAG Systems AG clients may have access to the password-protected member area. For this purpose, the e-mail, the user name and a password are recorded and saved.
10. Wordfense
This site uses the WordPress plugin WordFence for security purposes. The provider is Defiant, Inc., 800 5th Ave Ste 4100, Seattle, WA 98104, USA. The plugin protects the website from attempts by third parties to gain unauthorized access to the website and thereby access personal data, to embed malware on the website or to carry out other illegal activities.
In order to use the WordFence security plugin, it is necessary to save your IP address. However, for your protection and according to our configuration, this information is not transmitted to the Defiant server in the USA.
Defiant has applied for EU-US Privacy Shield certification (as of June 6, 2018). The “Privacy Shield” is an agreement between the European Union (EU) and the USA, which is intended to ensure compliance with European data protection standards in the USA.
WordFence is used to increase the security of this website and thus also to ensure the safety of website users. This represents a legitimate interest within the meaning of Article 6 (1) (f) GDPR.
More information on handling user data can be found at https://www.wordfence.com/blog/2018/05/wordfence-is-gdpr-compliant/ and in Defiant’s privacy policy: https://www.wordfence.com/privacy-policy/
11. Hosting
This website is hosted by TAG Systems AG. The personal data collected on this website is stored on the host’s servers. This can be v. a. IP addresses, contact requests, meta and communication data, contract data, contact data, names, website access and other data generated via a website.
TAG Systems AG is used for the purpose of fulfilling the contract with our potential and existing customers (Art. 6 Para. 1 lit. b DSGVO) and in the interest of a secure, fast and efficient provision of our online offer by a professional provider (Art. 6 Para 1 lit. f GDPR).
TAG Systems AG will only process your data to the extent that this is necessary to fulfill its performance obligations and will follow our instructions in relation to this data.
III. Data security
Within the website visit, we use the widespread TLS procedure in connection with the highest level of encryption supported by your browser. You can tell whether an individual page of our website is transmitted in encrypted form by the closed representation of the key or lock symbol in the address bar of your browser.
In addition, we use other suitable technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.
IV. Your rights (data subject rights)
You have the right to request information about your personal data processed by us. In particular, you can obtain information about the processing purposes, the categories of personal data, the categories of recipients to whom your data was or will be disclosed, the planned storage period, the existence of a right to correction, deletion, restriction of processing or objection, data transfer, the origin of your data, if they were not collected from us, and about the existence of automated decision-making including profiling.
You also have the right to revoke any consent you may have given to the use of your personal data at any time.
You can assert your stated rights with us at any time using the contact address provided.
If you believe that the processing of your personal data by us contradicts the applicable data protection regulations, you have the option of complaining to the data protection authority of the Principality of Liechtenstein.