Privacy Policy
This Privacy Policy explains how personal data is collected, used, and protected when you visit or place an order at www.fjord-coffee.de (the “Site”). We process your data in accordance with the EU General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG).
1. Controller
The controller responsible for data processing on this Site is:
LMT Hospitality GmbH (operating the brand Fjord Coffee Roasters)
Zur Alten Börse 79, 12681 Berlin, Germany
Email: hello@fjord-coffee.com
Full company details are set out in our Legal Notice (Impressum).
2. Your rights at a glance
Under the GDPR you have the right to access (Art. 15), rectification (Art. 16), erasure (Art. 17), restriction of processing (Art. 18), data portability (Art. 20), and to object to processing (Art. 21). Where processing is based on your consent, you may withdraw that consent at any time with effect for the future (Art. 7(3)). To exercise any of these rights, contact us at the address above. You also have the right to lodge a complaint with a supervisory authority (see section 12).
3. Hosting and store platform (Shopify)
Our online store is operated on the Shopify platform provided by Shopify International Limited (Ireland) and Shopify Inc. (Canada). Shopify processes data on our behalf as a processor under a data processing agreement. Personal data may be transferred to and processed in Canada and the United States on the basis of appropriate safeguards (EU Standard Contractual Clauses). More information: shopify.com/legal/privacy. Legal basis: Art. 6(1)(b) and (f) GDPR.
4. Server log files
When you access the Site, your browser automatically transmits information that is stored in server log files: browser type and version, operating system, referrer URL, host name, time of the request, and IP address. This data is not merged with other data sources and is processed to ensure a secure, stable, and correctly displayed website. Legal basis: Art. 6(1)(f) GDPR (legitimate interest).
5. Cookies and consent
We use cookies and similar technologies. Some are technically necessary to operate the store (e.g. shopping cart, checkout, login); these are set on the basis of Art. 6(1)(f) GDPR and § 25(2) TTDSG. Cookies for analytics and marketing are only set with your consent (Art. 6(1)(a) GDPR, § 25(1) TTDSG), which you give via our cookie banner and can withdraw or change at any time via the banner settings.
6. Order processing
To process your order we collect your name, billing and shipping address, email address, telephone number (if provided), and order details. This data is used to perform the purchase contract, process payment, arrange delivery, and send order confirmations and invoices. Legal basis: Art. 6(1)(b) GDPR. We retain order, contract, and invoice data for the statutory retention periods under commercial and tax law (§ 257 HGB, § 147 AO — generally 6 to 10 years).
7. Payment processing
Depending on the payment method you choose, your payment data is transmitted to the relevant payment service provider. We use Shopify Payments as well as:
- PayPal — PayPal (Europe) S.à r.l. et Cie, S.C.A., Luxembourg. Privacy: paypal.com.
- Klarna — Klarna Bank AB (publ), Sweden. Klarna may carry out identity and credit checks. Privacy: klarna.com.
Payment providers act as independent controllers for their own processing. Legal basis: Art. 6(1)(b) GDPR (contract performance) and, for fraud prevention/credit checks, Art. 6(1)(f) GDPR.
8. Shipping (DHL)
To deliver your order we pass the necessary delivery data (name, address, and where applicable email address or telephone number for shipment notifications) to our logistics partner DHL (Deutsche Post AG / DHL Group). Legal basis: Art. 6(1)(b) GDPR and Art. 6(1)(f) GDPR (efficient delivery and dispatch notifications). DHL privacy: dhl.de.
9. Subscriptions (Seal Subscriptions)
If you order a coffee subscription, we use Seal Subscriptions to manage recurring orders, billing intervals, and renewals. The data processed is limited to what is required to fulfil your subscription. Legal basis: Art. 6(1)(b) GDPR. You can pause or cancel your subscription at any time via your account or by contacting us.
10. Newsletter and email marketing (Mailchimp)
If you subscribe to our newsletter, we use Mailchimp (Intuit Inc., United States) to send it. We use a double opt-in procedure: after sign-up we send a confirmation email, and only add you to the list once you confirm. We store your email address, consent, and the date and time of confirmation. Legal basis: Art. 6(1)(a) GDPR (consent). You can unsubscribe at any time via the link in every newsletter or by contacting us; this withdraws your consent for the future. Transfers to the US are based on EU Standard Contractual Clauses. Mailchimp privacy: intuit.com/privacy.
11. Web analytics (Google Analytics 4 via Google Tag Manager)
With your consent we use Google Analytics 4, loaded via Google Tag Manager, to understand how visitors use the Site so we can improve it. Processing is carried out in pseudonymous form. The provider is Google Ireland Limited (Ireland); data may be transferred to Google LLC (United States) on the basis of EU Standard Contractual Clauses. Legal basis: Art. 6(1)(a) GDPR (consent), which you can withdraw at any time via the cookie banner. Google privacy: policies.google.com/privacy.
12. Other services used on the Site
To operate and improve the store we also use the following providers as processors, limited to the data necessary for each function: a consent/cookie banner (Booster), product bundle functionality (Bundler), and SEO/merchandising tools (Avada). Where these set non-essential cookies, they do so only with your consent.
13. Right to lodge a complaint
If you believe that the processing of your personal data infringes the GDPR, you have the right to lodge a complaint with a supervisory authority. The authority responsible for us is the Berlin Commissioner for Data Protection and Freedom of Information (Berliner Beauftragte für Datenschutz und Informationsfreiheit), Alt-Moabit 59-61, 10555 Berlin, Germany.
14. Data security
This Site uses SSL/TLS encryption to protect the transmission of your data. You can recognise an encrypted connection by the “https://” prefix and the lock icon in your browser.
15. Changes to this Privacy Policy
We may update this Privacy Policy to reflect changes to our practices or for legal or regulatory reasons. The current version always applies. Last updated: 12 June 2026.
Manage your data
You can use the links below to exercise your data rights directly: