Privacy Policy

This Privacy Policy must be read in conjunction with the Terms and Conditions. This page informs you of our policies regarding the collection, use and disclosure of Personal Information we receive from users of the Website.

We use your Personal Information only for providing and improving the Website. By using the Website, you agree to the collection and use of information in accordance with this policy and with the requirements of the Law, the relevant national and Community legislation and the relevant decisions and acts of the relevant Authority. 

We will not transfer your information outside the European Economic Area (“EEA”) unless you are a user located outside the EEA in which case it may need to transfer your information to deliver your goods, process payment/refunds, or to send you promotional information you have subscribed to.

Data Protection Framework

GE&FR CAPITAL GROUP LTD. is based within the United Kingdom, and as such is registered with the Information Commissioner’s Office (ICO) as a Data Controller under the UK Data Protection Act of 1998. We have also aligned our Privacy Policy with the EU General Data Protection Regulation (GDPR) which comes into effect on 25th May 2018, under the supervision of the ICO within the UK.

Information Collection and Use

Your decision to disclose your personal data is entirely voluntary, and by doing so, you are providing us with specific consent to use your personal data only for the purposes for which you have disclosed it to us. The certain personally identifiable information you may provide to us, could reasonably be used by us as permitted by and in accordance with applicable data protection law, to : (i) identify you and enable you to use our Website (for the administration and delivery of an order) or in response to any query; (ii) send promotional and marketing communications to you regarding us and our products and Website; (iii) data share with our affiliates, business partners and market research companies to conduct market research and analysis about our Website on our behalf; (iv) send newsletters, updates and e‐mails; (v) create personalized content, offers, Website, and advertising; (vi) support any other intended purpose stated at the time at which your information is collected, subject to any preferences which you may have indicated; (vii) prevent fraudulent transactions and theft; and (viii) comply with applicable law, governmental request, court order, or otherwise protect the rights, property, or safety of us or others.

By participating to our Services you acknowledge and consent to us using your information in those limited circumstances and for the purposes described.

GDPR specifies a set of personal data categories which are considered to be “sensitive”, and which require special consideration by Data Controllers. This Website, and any services available from this Website, do not knowingly collect or process any sensitive personal data.

Declaration of Sub-Processing

To make an informed decision on whether to provide your personal data to Us using this website, we need to make you aware of one organisation that act as Data Processor for us in the provision of our services to you:

GE&FR Capital Group Ltd, based in the United Kingdom.

GE&FR Capital Group Ltd is registered with the Information Commissioner’s Office under the UK Data Protection Act 1998. 


Cookies are files with small amount of data, which may include an anonymous unique identifier.

Cookies are sent to your browser from a web site and stored on your computer’s hard drive.

Like many sites, we use “cookies” to collect information. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Site. For further details, please read our cookies policy.


Wherever we collect sensitive information (such as credit card data), that information is encrypted and transmitted to us in a secure way. You can verify this by looking for a lock icon in the address bar and looking for “https” at the beginning of the address of the Web page.

While we use encryption to protect sensitive information transmitted online, we also protect your information offline. Only employees who need the information to perform a specific job (for example, billing or customer service) are granted access to personally identifiable information. The computers/servers in which we store personally identifiable information are kept in a secure environment.

The technology that we use and the policies that we have implemented are intended to safeguard your privacy from unauthorised access and improper use.

Where appropriate, we attempt to provide for the secure transmission of information, such as credit card details, from your computer to our server by utilising SSL (Secure Sockets Layer) encryption software. However, due to the inherent open nature of the internet, we cannot guarantee that all data transmitted will be secure since no method of transmission over the Internet, or method of electronic storage, is 100% secure. Use of this Website demonstrates your assumption of this risk.

Changes to this Privacy Policy

We reserve the right to update or change our Privacy Policy at any time and you should check this Privacy Policy periodically for updates which shall come into effect once posted. Your continued use of the Service after we post any modifications to the Privacy Policy on this page will constitute your acknowledgment of the modifications and your consent to abide and be bound by the modified Privacy Policy.

If we make any material changes to this Privacy Policy, we will notify you either through the email address you have provided us, or by placing a prominent notice on our website.

Customer and Citizen Data Rights

As prescribed within data protection regulations, you have several rights connected to the provision of your personal data to Coffee Island using this website. These include your rights to request that Coffee Island:

  • confirms to you what personal data it may hold about you, if any, and for what purposes
  • changes the consent which you have provided in relation to your personal data
  • corrects any inaccurate or incomplete personal data which may be held about you
  • provides you with a complete copy of your personal data for you to move elsewhere
  • stops processing your personal data, whilst an objection from you is being resolved
  • permanently erases all your personal data promptly, and confirms to you that it has done so (there may be reasons why we may be unable to do this)

To contact Us, please see our contact details below.

If We don’t address your request, or fail to provide you with a valid reason why it is unable to do so, you have the right to contact the Information Commissioner’s Office to make a complaint. They can be contacted via their website ( or by telephone 0303 123 1113. Should you have any privacy-related questions or comments related to this Privacy Policy please contact us using the contact details below. We will ask you to verify your identity before we can act on your request. We aim to resolve all complaints within 15 days. Where we cannot resolve a complaint within 15 days, we will notify you of the reason for the delay as well as an indication of when we expect to resolve the complaint.

Contact Us-Opt out – Deletion of Personal Data

If you have any questions about this Privacy Policy, would like to exercise any of your statutory rights, or to make a complaint, please email to:

You can opt out of receiving various communications from us by contacting Us. If you have any questions about this Privacy Policy, would like to exercise any of your statutory rights, or to make a complaint, please email to: We will ask you to verify your identity before we can act on your request . We aim to resolve all complaints within one month. Where we cannot resolve a complaint within one month, we will notify you of the reason for the delay as well as an indication of when we expect to resolve the complaint.

Your Personal Data may also be deleted upon request to We undertake to perform the deletion within one month (30 calendar days) and will send you a confirmation once your Personal Data have been deleted. Wherever possible, we will aim to complete the request in advance of the deadline.

Our Eu Representative: As we do not have an establishment in the European Union ( E.U ) , we have appointed a representative based in the E.U , who you may address if you are located in the E.U to raise any issues or queries you may have relating to our processing of your personal data and/or this Privacy and Cookies Policy more generally . Our E.U representative is Supply Unique S.A, a company incorporated under the laws of Greece, registered on the Greek Company and Trade Register under the number 129514916000, with its registered office at Parodos Vrissakion 30 Str., Patras. Our E.U Representative can be contacted directly by emailing them at the following address :

We treat all complaints about a breach of the privacy laws seriously. Someone from Coffee Island will investigate your complaint and respond to you within a reasonable time.