Privacy Policy
We take the protection of your personal data seriously. This policy informs you, in accordance with the General Data Protection Regulation (GDPR), about which data we collect and how we use it. The German version is legally binding.
1. Controller
The controller responsible for data processing on this website is:
Roastau Spezialitaetenkaffee
Roastau
Musterstrasse 42
10115 Berlin
Deutschland
E-Mail: info@roastau.de
Email: noreply@roastau.de
Phone: phone number to be added in the Shopware basic information
2. Data protection officer
If there is a statutory obligation to appoint one, the contact details of the data protection officer will be published here. Otherwise this contact point is not required.
3. General information on data processing
We process personal data of our users only to the extent necessary to provide a functioning website and our content and services. Processing regularly takes place only with the consent of the data subject or where a legal basis permits the processing.
4. Hosting
This website is hosted by an external service provider. The personal
data collected on this website is stored on the host's servers.
Hosting provider: the hosting provider used must be added with name and
address before publication.
A data processing agreement (DPA) pursuant to Art. 28 GDPR is in place
with the provider. The legal basis is our legitimate interest in a
secure and reliable provision of the website (Art. 6 (1) (f) GDPR).
5. Server log files
Each time the website is accessed, the system automatically collects data and information from the accessing computer system. This includes in particular browser type and version, operating system, referrer, hostname of the accessing computer, date and time of access and the IP address. The legal basis is Art. 6 (1) (f) GDPR. This data is not merged with other data sources.
6. Cookies
Our website uses cookies. Technically necessary cookies are required for the operation of the website (Art. 6 (1) (f) GDPR and § 25 (2) TDDDG). Cookies that are not technically necessary — for example for analytics or marketing — are only set with your consent (Art. 6 (1) (a) GDPR). You can revoke your consent at any time via the cookie settings.
7. Customer account and orders
If you create a customer account or place an order, we process the data required for this (e.g. name, address, email address, payment and order data) for the performance of the contract (Art. 6 (1) (b) GDPR). Where commercial and tax retention periods apply, we store the data for their duration (Art. 6 (1) (c) GDPR).
8. Newsletter
We use the double opt-in procedure for sending our newsletter. The registration is only valid with your express consent (Art. 6 (1) (a) GDPR). You can unsubscribe from the newsletter at any time, for example via the unsubscribe link in every newsletter email.
9. Payment service providers
We use external payment service providers to process payments. The data
required for the payment process is transmitted to the respective
provider. The legal basis is Art. 6 (1) (b) GDPR.
The payment service providers used are in particular the payment
providers selectable at checkout. Their names and privacy notices must
be specified before publication.
10. Shipping service providers
To deliver your order, we pass on the necessary data to the commissioned
shipping company (Art. 6 (1) (b) GDPR).
The shipping providers used are the transport providers named at
checkout or in the shipping confirmation. Their names must be specified
before publication.
11. Your rights
You have the following rights with regard to your personal data:
- Right of access (Art. 15 GDPR)
- Right to rectification (Art. 16 GDPR)
- Right to erasure (Art. 17 GDPR)
- Right to restriction of processing (Art. 18 GDPR)
- Right to data portability (Art. 20 GDPR)
- Right to object to processing (Art. 21 GDPR)
- Right to withdraw consent (Art. 7 (3) GDPR)
12. Right to lodge a complaint with a supervisory authority
Without prejudice to other remedies, you have the right to lodge a complaint with a data protection supervisory authority if you consider that the processing of your personal data infringes the GDPR.
13. Currency of this privacy policy
This privacy policy is adapted as required to reflect changes in the
legal situation or in data processing.
Last updated: 30/06/2026.