STARBUCKS PRIVACY STATEMENT
Last Revised: 17 May 2018
Thank you for visiting Starbucks’ website and for reviewing our privacy statement. At Starbucks we’re committed to protecting the privacy rights of our customers. The goal of this Starbucks Privacy Statement (“Statement”) is to explain to you in plain language what personal information or data Starbucks Coffee (Austria) GmbH, Starbucks Corporation and its respective subsidiaries and affiliated companies (“we,” “us,” “our,” “Starbucks”) collect from you and why, how we handle and protect personal information, and how to exercise your privacy rights and choices.
Your personal information or data is any information that identifies you, authenticates you, and can be linked to you and your transactions, behaviors, or preferences. For example, depending on your activities on our website and whether we offer a Starbucks mobile application in your home country, you may provide us personal information such as your full name, contact details, credit card, financial account information, date of birth, username and password, demographics, access to your mobile phone’s contacts list, and more. Those are just a few examples so please review this Statement carefully and let us know if you have any concerns you would like for us to address regarding your personal information.
This Statement applies to the website located at starbucks.at, Starbucks mobile applications, and any other websites or applications associated with Starbucks brands or products that direct the viewer or user to this Statement. Websites that are owned and operated by Starbucks may contain links to websites that are owned and operated by other companies. This Statement does not apply to websites and services that are owned and operated by third parties. The term “your device" refers to any computer, tablet, smart phone or other device you are using to access our websites or to operate Starbucks mobile applications.
This Statement went into effect on the date noted at the top of this webpage. We may update this Statement from time to time. If we make material changes, we will post the updated Statement on this page and change the date at the top of this Statement webpage. We encourage you to look for updates and changes to this Statement by checking this date when you access our websites and mobile applications. We will notify you of any modifications to this Statement that might materially affect the way we use or disclose your personal information prior to the change becoming effective.
Information We Collect
How We Use Your Information
How We Share Your Information
Cookies, Web Beacons, and Similar Technologies
How to Manage Your Account Information and Your Rights
How We Protect Your Information
Use by Children
International Transfers of Personal Data
As you use our websites and mobile applications, we collect information about you and the services you use. The information we collect falls into three different categories: (1) information you give us; (2) information we collect from you automatically; and (3) information we collect from other sources.
Information You Give Us
We collect some information when you use our services, such as your first and last name, username, password, email address, postal address, phone number, financial account information such as a credit card number, birthday, demographic information (such as your gender), and any other information you give us. You may also permit us to access information directly from your device, such as information in the “contacts list". You may also provide us information about other people, including when you direct us to send a gift card.
We collect some information automatically, including when you access our websites, download and use a Starbucks mobile application or otherwise use our services or install our applications. This information includes:
- Purchasing Information – We collect information about your transactions on our websites or via our Starbucks mobile applications, including what products you purchase, how frequently you purchase them, and any rewards or promotions associated with a purchase.
- Location Information – We collect information about the location of your device, including GPS location, for purposes of enhancing or facilitating our services, such as enabling the functionality of our websites or mobile applications that provide you with information about stores near you, enabling you to remotely order and pay for our products and services. We may also use information about the location of the device you are using to help us understand how our websites, mobile applications, and other services and functionality are being used and to deliver more relevant advertising. If you want to opt out of the collection of this location information, please see the section below titled "Your Choices".
Some information we collect is publicly available. For example, we may collect information you submit to a blog, a chat room, or a social network like Facebook, Twitter or Google+. We may also collect information about you from other companies and organizations. By gathering additional information about you, we can correct inaccurate information, enhance the security of your transactions, and give you product recommendations and special offers that are more likely to interest you.
We use the information we collect about you in a variety of ways, including:
- to conclude or perform a contract with you, for example to:
- process your purchases of or requests for products and services, including delivering gift cards in accordance with your instructions;
- communicate with you about orders, purchases, returns, services, accounts, programs, contests, and sweepstakes;
- for our legitimate business purposes, including to:
- respond to your customer service inquiries and requests for information;
- maintain, improve, and analyze our websites, mobile applications, ads, and the products and services we offer;
- detect, prevent, or investigate security breaches or fraud; and
- facilitate the functionality of our websites and mobile applications;
- to comply with our legal obligations, for example to maintain appropriate records for internal administrative purposes and as required by applicable law, and provide important product safety information and notice of product recalls; and
- on the basis of your consent, for example to send you via email and other electronic means personalized promotions and special offers or informing you about our brands, products, events, or other promotional purposes;
You can withdraw your consent at any time by modifying your promotional preferences online at https://card.starbucks.at/login.aspx or contacting us as set out below.
We share your information in the following circumstances:
When We Work Together – We may share information between and among Starbucks Coffee (Austria) GmbH and its affiliates, as well as Starbucks Corporation, its subsidiaries, and affiliated companies for purposes of management and analysis, decision making, and other business purposes. For example, we may share your information within these companies to administer our loyalty programs, process orders and requests, and expand and promote our product and service offerings.
When We Work with Service Providers – We share your information with service providers that provide us with support services, such as credit card processing, website hosting, email and postal delivery, location mapping, product and service delivery, analytics services, or conducting academic research. Other service providers assist us, with your consent where required by applicable law, to assess, develop and provide you with promotions and special offers that may interest you, administer contests, sweepstakes and events or for other promotional purposes.
When We Work on Business Transactions – If we become involved with a merger or another situation involving the transfer of some or all of our business assets, we may share your information with business entities or people involved in the negotiation or transfer.
When Sharing Helps Us Protect Lawful Interests – We may disclose your information if we believe that the disclosure is required by law, a subpoena or other legal process, if we believe that the disclosure is necessary to enforce our agreements or policies, or if we believe that the disclosure will help us protect the rights, property, or safety of Starbucks or our customers or partners.
When You Give Consent – We may share information about you with other companies if you give us permission or direct us to share the information.
When You Post on Our Websites – If you post information on a blog or another part of our websites, the information that you post may be seen by other visitors to our websites, including your user name.
We and others use a variety of technologies to collect information about your device and use of our websites and mobile applications. These technologies include cookies, web beacons, java scripts, entity tags, and HTML local storage. Most web browsers can be programmed to accept or reject the use of some or all of these technologies, although you must take additional steps to disable or control other technologies. For more information, please see the section of this Statement titled "Your Choices"
Cookies – Cookies are small data files that are sent from a website’s server and are stored on your device’s hard drive either for only the duration of your visit ("session cookies") or for a fixed period ("persistent cookies"). Cookies contain information that can later be read by a web server.
Web Beacons – Web beacons are small, transparent images that are embedded in web pages, applications, and emails that are sometimes called “clear gifs," “single pixel gifs", "page tags" or “web bugs." We use web beacons to track the web pages you visit, to test the effectiveness of our marketing, and to find out if an email has been opened and acted on.
Java Scripts – Java scripts are code snippets embedded in various parts of websites and applications that facilitate a variety of operations including accelerating the refresh speed of certain functionality or monitoring usage of various online components.
Entity Tags – Entity Tags are HTTP code mechanisms that allow portions of websites to be stored or “cached" within your browser and validates these caches when the website is opened, accelerating website performance since the web server does not need to send a full response if the content has not changed.
HTML5 Local Storage – HTML5 local storage allows data from websites to be stored or “cached" within your browser to store and retrieve data in HTML5 pages when the website is revisited.
These and similar technologies are used for the following purposes:
Services and Functionality – Some of these technologies are required to allow you to access and use our websites or mobile applications and the various services and functionality we offer. Without these technologies, some of the services and functionality on our websites and mobile applications would not work properly.
Performance Monitoring – Some of these technologies help us analyze and estimate traffic and assess the volume of use of services and functionality on websites and mobile applications. They show us how visitors and customers interact with our digital properties, whether there are any errors, the degree to which certain web pages, applications, services or functionality are accessed and used and how they are performing or operating. These technologies help us understand how our websites and mobile applications are used and assist us in improving the content and operation of our online properties. When these technologies are used for performance monitoring, no information that identifies you is collected.
User Convenience – Some of these technologies enhance the ease of use of our websites and mobile applications and the services and functionality they make available by accelerating load and refresh times and remembering information that you have provided on prior visits to our websites or when you last used a website or mobile application service or functionality.
Marketing – Some of these technologies are used to tailor your experience on our website, within our mobile applications, or across your applications or devices by controlling the promotions, advertisements and other marketing messages that may appear when you access or use these or other digital properties. These technologies also help us learn which services and functionality you are using and how you are accessing information about us. We may use this information to personalize your visit to a website or use of a mobile application or to send you relevant promotions and advertisements.
Promotional Communication Choices
You can opt out of receiving promotional emails and mailings by informing us of your preference at the time you sign up for a Starbucks account, modifying your promotional preferences online at https://card.starbucks.at/login.aspx, or following the opt out instructions in the promotional emails we send you. Similarly, you may opt in to receive text messages, telephone calls and mailings. Where our mobile applications allow for the delivery of “push notifications" you can also opt out of receiving these notifications by toggling the “Notifications" switches within our mobile applications to "off."
Please note that if you opt out of receiving promotional communications from us, we may still send you transactional communications, including emails about your accounts or purchases.
Location Information – You may be able to adjust the settings of your device so that information about your physical location is not sent to us or third parties by (a) disabling location services within the device settings; or (b) denying certain websites or mobile applications permission to access location information by changing the relevant preferences and permissions in your mobile device or browser settings. Please note that your location may be derived from your WiFi, Bluetooth, and other device settings. See your device settings for more information.
Cookies, Web Beacons and Similar Technologies – You may be able to reject cookies, web beacons, entity tags and HTML5 local storage by adjusting the appropriate settings in your browser. Each browser is different, but many common browsers (Internet Explorer, Chrome, Firefox, and Safari) have preferences or options that may be adjusted to allow you to either accept or reject cookies and certain other technologies before they are set or installed or allow you to remove or reject the use or installation of certain technologies altogether. If you want to learn the correct way to modify your browser settings, please use the Help menu in your browser.
Interest-Based Ads – Many advertising companies that collect information for interest-based advertising are members of the European Interactive Digital Advertising Alliance, the Network Advertising Initiative and the Digital Advertising Alliance, which maintain websites where people can opt out of interest-based advertising from their members. To opt-out on these pages, visit http://www.youronlinechoices.com, www.AboutAds.info and http://optout.networkadvertising.org/#!/
Adobe Flash Player Technology – We allow Adobe to set and enable special cookies that are necessary to deliver video content for Adobe Flash Player. You cannot remove Flash cookies simply by changing your browser settings. If you would like to limit the websites that can store information in Flash cookies on your device, you must visit the Adobe website: http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager07.html.
Google Analytics – We use Google Analytics to aggregate and analyze data about your use of our websites. To opt out of Google’s analytics services, please visit the Google website: https://tools.google.com/dlpage/gaoptout/ (to learn more about how Google collects and processes data, visit Google’s website: https://www.google.com/policies/privacy/partners/).
"Do Not Track" Technology – Some newer web browsers have a "Do Not Track" preference that transmits a "Do Not Track" header to the websites you visit with information indicating that you do not want your activity to be tracked. We currently do not respond to browser "Do Not Track" signals.
Information can be changed or removed from your Starbucks accounts by visiting https://card.starbucks.at/login.aspx.
Depending on the applicable law, you may have various rights in respect of your personal information, such as the right of access, rectification, restriction, opposition, portability and erasure. These rights are subject to limitations set out in law. Please contact us using any of the methods described below if you would like to exercise applicable rights.
For visitors in the EU, you may lodge a complaint with a supervisory authority if you consider that our processing of your personal information infringes applicable law.
Starbucks protects your information using technical, physical, and administrative security measures to reduce the risk of loss, misuse, unauthorized access, disclosure or modification of your information. While we have employed security technologies and procedures to assist safeguarding your personal information, no system or network can be guaranteed to be 100% secure.
Starbucks will only retain your information for as long as is reasonably needed for each purpose. The criteria used to determine the period of storage of your personal data is our legitimate business purposes and respective statutory retention period.
We do not intend for our websites or online services to be used by anyone under the age of 15. If you are a parent or guardian and believe we may have collected information about your child, please contact us as described in the "Contact Us" section of this Statement.
Some of the third parties with whom we share your personal information may be located in the United States and other countries outside of the European Economic Area, including in countries that may not provide the same level of data protection as your home country. We take appropriate steps to ensure that recipients of your personal information protect it such as standard data protection contractual clauses, a copy of which can be obtained by emailing firstname.lastname@example.org.
We share your personal information with Starbucks Corporation, which participates in and has certified its compliance with the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks. Starbucks is committed to subjecting all personal data received from European Union (EU) member countries, and Switzerland, in reliance on the Privacy Shield Frameworks, to the applicable Principles. To learn more about Privacy Shield and view the certification of Starbucks Corporation, visit the U.S. Department of Commerce’s Privacy Shield List here: https://www.privacyshield.gov/list.
Starbucks Corporation is responsible for the processing of personal data it receives, and subsequently transfers to a third party acting as an agent on its behalf, under the Privacy Shield Framework. Starbucks complies with the Privacy Shield Principles for all onward transfers of personal data from the EU and Switzerland, including the onward transfer liability provisions.
With respect to personal data received or transferred pursuant to the Privacy Shield Framework, Starbucks Corporation is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, Starbucks may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
If you have an unresolved privacy or data use concern that has not been addressed satisfactorily, please contact the following U.S.-based third-party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.
Under certain conditions, more fully described on the Privacy Shield website here: https://www.privacyshield.gov/article?id=How-to-Submit-a-Complaint , you may be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted.
We welcome your questions, comments and concerns about privacy. You can contact Starbucks Customer Service by email at email@example.com, phone at +43 1 33 66 33, or by postal mail at: Customer Service, Starbucks Coffee, Austria GmbH, Theobaldgasse 20, A-1060 Vienna or our Data Protection Officer at firstname.lastname@example.org.