Privacy Policy

1. Preamble

The purpose of this Privacy Policy is to inform users of the website https://tanat.coffee (hereinafter the “Website”) about the collection, use, sharing, and protection of their personal data by VAYGA SAS, in accordance with the General Data Protection Regulation (GDPR) and French law.

2. Data Controller

Personal data is collected by: VAYGA SAS
189 Rue d’Aubervilliers – A20, 75018 Paris, France
SIREN: 820 918 407
Data Protection Officer: rgpd@tanat.coffee

3. Data Collected

We collect various categories of data:

  • Personal information: last name, first name, email address, mailing address, phone number

  • Browsing data: IP address, browser type, connection logs, cookies

  • Order data: purchase history, viewed products, payment information (via payment processor)

  • Marketing data: interactions with our campaigns, website behavior, email open rates

4. Purpose of data collection

The data is used for:

  • Fulfillment of the sales contract (orders, deliveries, invoices)

  • Customer Relationship Management and Support

  • Sending marketing and promotional emails (with consent)

  • Continuous improvement of the Site, statistical analysis, fraud prevention

  • Compliance with our legal and tax obligations

5. Legal basis for processing

The treatments are based on:

  • Performance of a contract (order)

  • Consent (newsletters, cookies, advertising targeting)

  • Legitimate interest (improving our services, performance analysis)

  • A legal requirement (accounting, retention of invoices)

6. Recipients of the data

Personal data may be disclosed to the following recipients:

  • Service providers: logistics, payment processing, web hosting (e.g., Kinsta)

  • Marketing partners: Google (Analytics, Ads), Klaviyo (email marketing, customer segmentation)

  • Statistics and performance tools: Google Tag Manager, Meta Pixel

  • Competent authorities: in accordance with our legal obligations or upon a court order

Each partner is bound by contractual confidentiality obligations and agrees to comply with applicable regulations.

7. Transfers outside the EU

Some of our subcontractors (e.g., Google, Klaviyo) may transfer data outside the European Union. These transfers are governed by standard contractual clauses approved by the European Commission or any other recognized mechanism.

8. Shelf life

  • Customer data: 5 years after the end of the business relationship

  • Billing data: 10 years (legal requirement)

  • Marketing data: 3 years from the last contact

  • Cookies: up to 13 months

9. User Rights

You have the following rights:

  • Right of access

  • Right to rectification

  • Right to erasure

  • Right to restriction of processing

  • Right to object

  • Right to data portability

You may exercise your rights at any time by writing to: rgpd@tanat.coffee

10. Safety

We implement appropriate technical and organizational measures to protect your data from loss, misuse, or unauthorized access.

11. Cookies

The Site uses cookies to:

  • Improve your browsing experience

  • Generate statistics (Google Analytics)

  • Measuring ad performance (Google Ads, Meta Pixel)

  • Personalize our content and emails (Klaviyo)

You can configure your preferences from the cookie banner or through your browser settings.

12. Changes

This policy may be updated at any time. The applicable version is the one published on the Site.