Privacy Policy

1. Preamble

This Privacy Policy aims to inform users of the website https://tanat.coffee (hereinafter referred to as the "Site") about the collection, use, sharing, and protection of their personal data by VAYGA SAS, in compliance with the General Data Protection Regulation (GDPR) and French law.

2. Data Controller

Personal data is collected by: VAYGA SAS
189 Rue d’Aubervilliers – A20, 75018 Paris, France
SIREN: 820 918 407
Data Protection Officer: rgpd@tanat.coffee

3. Data Collected

We collect various categories of data:

  • Identification data: name, first name, email address, postal address, phone number

  • Navigation data: IP address, browser type, connection logs, cookies

  • order data: purchase history, products consulted, payment information (via service provider)

  • Marketing data: interactions with our campaigns, website behavior, email open rates

4. Purposes of Data Collection

The data is used for:

  • Sales contract execution (orders, deliveries, invoices)

  • Customer relationship and support management

  • Sending marketing and promotional emails (with consent)

  • Continuous improvement of the Site, statistical analysis, fraud prevention

  • Compliance with our legal and tax obligations

5. Legal Basis for Processing

Processing is based on:

  • Execution of a contract (order)

  • Consent (newsletters, cookies, advertising segmentation)

  • Legitimate interest (improvement of our services, performance analysis)

  • A legal obligation (accounting, invoice retention)

6. Data Recipients

Personal data may be transmitted to the following recipients:

  • Service Providers: logistics, payment processing, hosting (e.g., Kinsta)

  • Marketing Partners: Google (Analytics, Ads), Klaviyo (email marketing, customer segmentation)

  • Statistics and Performance Tools: Google Tag Manager, Meta Pixel

  • Competent Authorities: as part of our legal obligations or upon judicial request

Each partner is subject to contractual confidentiality obligations and commits to complying with current regulations.

7. Transfers Outside the EU

Some of our subprocessors (e.g., Google, Klaviyo) may transfer data outside the European Union. These transfers are governed by standard contractual clauses approved by the European Commission or any other recognized mechanism.

8. Retention Period

  • Customer data: 5 years after the end of the commercial relationship

  • Billing data: 10 years (legal obligation)

  • Marketing data: 3 years from the last contact

  • Cookies: 13 months maximum

9. User Rights

You have the following rights:

  • Right of access

  • Right to rectification

  • Right to erasure

  • Right to restriction of processing

  • Right to object

  • Right to data portability

You can exercise your rights at any time by writing to: rgpd@tanat.coffee

10. Security

We implement appropriate technical and organizational measures to protect your data against loss, misuse, or unauthorized access.

11. Cookies

The Site uses cookies to:

  • Improve your browsing experience

  • Generate statistics (Google Analytics)

  • Measure advertising performance (Google Ads, Meta Pixel)

  • Personalize our content and emails (Klaviyo)

You can configure your preferences from the cookie banner or through your browser settings.

12. Amendments

This policy may be updated at any time. The applicable version is the one published on the Site.