Back to Copa

Legal

Privacy Policy

Last updated: 2026-05-11

This Privacy Policy explains how Copa Coffee Delivery collects, uses, stores, and protects customer information when you use our website, mobile app, ordering service, and delivery service.

1. Who operates this service

The service is operated for Copa Coffee Delivery, based in Sidirokastro, Greece. The official website domain is copa.gr.

Technical support and project maintenance may be handled by the official project support contact at root@mikekarypidis.gr.

2. Personal data we collect

We collect the information needed to create customer accounts, process orders, provide delivery, secure the service, and support customers.

Category Examples
Customer account data First name, last name, email address, and phone number.
Delivery data Saved addresses, order address, delivery instructions, and contact details needed for delivery.
Order data Products ordered, order history, order status, delivery status, and support notes.
Authentication data Session tokens, login tokens, device/session identifiers, and similar data used to keep you signed in.
Technical data IP address, device type, browser/app information, error logs, security logs, and basic usage events.

3. Why we use your data

  • To create and manage your customer account.
  • To receive, prepare, process, and deliver your orders.
  • To save delivery addresses for faster future orders.
  • To contact you about your order, delivery, account, or support request.
  • To keep you signed in and protect your account from unauthorized access.
  • To detect, prevent, and investigate fraud, abuse, technical issues, or security incidents.
  • To comply with tax, accounting, legal, and regulatory obligations.
  • To improve the reliability, performance, and usability of the website and app.

5. Cookies, local storage, and mobile storage

We may use cookies, local storage, secure mobile storage, or similar technologies to keep you signed in, remember your session, maintain cart/order functionality, secure the service, and improve app reliability.

Authentication tokens or session identifiers may be stored on your device so the website or app can recognize your session. These technologies are used for service functionality and security, not for selling personal data.

You can clear cookies or app storage through your browser or device settings. This may sign you out or remove saved session information from that device.

6. When data is shared

We do not sell your personal data. We share data only when needed to operate the service, complete delivery, comply with the law, or protect customers and the business.

  • Service providers: hosting, database, infrastructure, security, email/SMS, app, and support providers.
  • Delivery operations: staff, drivers, or partners who need order and address details to complete delivery.
  • Payment providers: where online payments are available, payment processing is handled by the relevant payment provider.
  • Authorities or legal requests: where disclosure is required by law or needed to protect legal rights, safety, or security.

7. How long data is kept

We keep personal data only for as long as needed for the purposes described in this Privacy Policy, unless a longer period is required or permitted by law.

  • Account data is kept while your account remains active.
  • Saved addresses are kept until you delete them, delete your account, or request deletion, unless related order records must be kept.
  • Order records may be kept for tax, accounting, legal, and business record purposes.
  • Security and technical logs are usually kept for a limited period unless needed to investigate abuse, fraud, or security issues.
  • Session tokens are kept only for the period needed to keep you signed in or until they expire, are replaced, or you sign out.

8. Security

We use reasonable technical and organizational measures to protect personal data, including access controls, secure authentication practices, encrypted transport where applicable, monitoring, and restricted internal access.

No method of transmission or storage is completely secure. If we become aware of a security issue affecting personal data, we will take appropriate steps according to applicable law.

9. Your privacy rights

Depending on applicable law, you may have the right to access, correct, delete, restrict, export, or object to the processing of your personal data. Where processing is based on consent, you may withdraw consent.

You may also lodge a complaint with the Hellenic Data Protection Authority or another competent supervisory authority.

To exercise your rights, contact us at root@mikekarypidis.gr. We may need to verify your identity before completing your request.

10. Children

The service is intended for customers who can lawfully place orders. We do not knowingly collect personal data from children without the required consent or legal basis. If you believe a child has provided personal data improperly, please contact us.

11. Changes to this policy

We may update this Privacy Policy from time to time. When changes are made, the “Last updated” date will be updated. Significant changes may also be communicated through the website, app, or another appropriate channel.

12. Contact

Copa Coffee Delivery

Sidirokastro, Greece

Website: copa.gr

Support: root@mikekarypidis.gr