STARBUCKS PRIVACY STATEMENT
At Starbucks, we approach data and privacy as we approach everything we do: we put people first. We believe that taking care of you includes taking care of your data and privacy. Grab a cup of coffee and learn more below.
Last Revised: 16 March 2022
This Starbucks Privacy Statement describes the types of personal information that we collect, how we use it, how and when it is shared, and the choices and rights you have with respect to your information. It also explains how we communicate with you and how you can make requests or submit inquiries to us about your information. Thank you for taking the time to read and understand our data and privacy related practices.
1. Applicability and Scope
2. Updates to this Privacy Statement
3. Information We Collect
4. How We Use Your Information
5. How We Share Your Information
6. Starbucks Mobile Applications
7. Your Choices and Rights
8. How We Protect Your Information
9. Retention and Disposal of Your Information
11. International Transfers
12. Contact Us
STARBUCKS PRIVACY STATEMENT
1. Applicability and Scope
This Privacy Statement ("Statement") applies to the websites located at [www.starbucks.be]and any other websites or applications owned and operated by Starbucks brands or products that direct the viewer or user to this Statement. It also applies to the personal information we process when you visit one of our stores in Belgium.
Starbucks EMEA Limited (“Starbucks EMEA”) and Café Sirène, which operates the Starbucks business in Belgium, are controllers in relation to information collected on the website, app and in store.
Your personal information or data is any information that can identify, authenticate, or relate to you or your transactions, behaviors, or preferences. For example, based on your activities on our website and Starbucks mobile application, you may provide us with personal information such as your name, contact information, credit card information, financial information, date of birth, user ID and password, demographic information, cell phone contact list, and more. These are just a few examples. So please review this Statement carefully and let us know if you have any questions you would like us to answer about your personal information.
Your data controllers:
- Café Sirène, a limited liability company, registered in the Register of Legal Persons of Brussels under number 0719.429.796, whose registered office is located at Square de Meeûs 40 in 1000 Brussels. Café Sirène is a company of the Alsea SAB group.
Its Data Protection Officer (DPO) is the company Grupo Adaptalia Legal Formativo S.L. The DPO can be reached by e-mail at the following address: [email protected] and by phone at the following number (+34)9 15 53 34 08
- Starbucks EMEA Limited (UK company registration number 09084257), Building 7 Chiswick Park, 566 Chiswick High Road, London, England, W4 5YG
Its Data Protection Officer (DPO) can be reached at the following email address: [email protected].
In this Statement, "we", "us" or "our" means Starbucks EMEA Limited and, where applicable, Starbucks Coffee Netherlands B.V.
2. Updates to this Privacy Statement
This Statement went into effect on the “Last Revised” date noted near the top of this page. Starbucks EMEA may update this Statement from time to time. When it does so, it will notify you of any modifications to this Statement that might materially affect your rights or the way that we use or disclose your personal information prior to the change becoming effective by means of a message on this website. We encourage you to look for updates and changes to this Statement by checking the “Last Revised” date when you access our websites and mobile applications.
[As you use our websites and mobile applications or visit one of our stores, we collect information about you and the services you use. The information we collect falls into three main categories: (1) information you voluntarily provide us; (2) information we collect automatically; and (3) information we collect from other sources.
Some examples of when we collect this information include when you browse or make a purchase on one of our websites or mobile application; create a Starbucks account; use our website or mobile application to purchase, reload or redeem a Starbucks Card; use the order and pay functionality in our mobile applications; buy or send a gift card or e-gift; or participate in a survey or promotion.
(a) Information You Voluntarily Provide Us
Some information we collect is provided when you use our services, such as when you create an account, add a Stored Value Starbucks Card, or join Starbucks Rewards loyalty program; pay for products; book a Starbucks Roastery tour; or submit online forms through our websites or mobile applications.
You may also choose to permit us to access information directly from your device, such as information in the device’s “contacts list". The term “your device” as used in this Statement refers to any computer, tablet, smart phone or other device you are using to access our websites or to operate the Starbucks mobile applications. For more information about mobile application permissions, please see the Starbucks Mobile Applications section below.
You may also in some instances provide us information about other people, such as name, phone number and email address, including when you direct us to send someone a gift card or e-gift.
(b) Information We Collect Automatically
Some information is collected automatically by us or by service providers performing business functions at our direction, including when you access our websites, download and use our Starbucks mobile applications, open emails we send or click certain links within them, or otherwise interact with our services. For example:
Purchasing Information – We collect information about your transactions in our stores, on our websites or via our Starbucks mobile applications including what products you purchase, how frequently you purchase them, any Rewards or promotions associated with a purchase, and the products you have placed on your “Wishlist" or “My Bag" for future purchase.
Device Usage and Location Information – We collect certain information using cookies to enable our systems to recognize your browser or device and to provide our services to you. For more information about cookies and how we use them, please read our [Cookies Notice].
CCTV Information – Closed circuit video surveillance cameras (“CCTV”) are installed at some of our retail locations to monitor building security and assist in crime prevention, detection, and investigation, and to ensure the health and safety of our staff and visitors to our facilities.
(c) Information We Collect from Other Sources
Some information we collect is from unaffiliated sources, including in some cases information that is publicly available, provided by or purchased from marketing business partners, or present on social media platforms.
For example, we may collect information you submit to a blog, a chat room, or a social network like Facebook or Twitter. We may also collect or license information about you from other companies and organizations, such as information aggregators or event or promotion co-sponsors, including to supplement information that we receive from you. In some cases, we receive information about you from affiliated entities, which we handle in accordance with this Privacy Statement. By gathering additional information about you, we can correct inaccurate information, enhance the security of your transactions and help prevent fraud, and give you product recommendations and special offers that are more likely to interest you.
We use your information for business and commercial purposes, including to provide the products and services you request, to perform customer service functions, for security and fraud prevention, for marketing and promotional purposes, and to perform website and mobile application analytics.
We rely on the following legal bases to process personal information:
(a) To Conclude or Perform Our Contract With You. We process certain personal information when you access or use our services, for example, to:
- process your purchases of, or requests for, products and services;
- register and verify user accounts;
- support our loyalty programs, such as Starbucks® Rewards;
- deliver gift cards or e-gifts, and any associated personalized messages, in accordance with your instructions;
- facilitate the functionality of our websites and mobile applications, including payment-related functionality.
(b) For our Legitimate Business Purposes. We process certain personal information in our legitimate business interests and in your legitimate interests, for example:
To Communicate With You. We process certain information in order to communicate with you in relation to your accounts, our services, our marketing, and your requests, including to:
- communicate with you about orders, purchases, returns, services, accounts, programs, contests, and sweepstakes;
- respond to your customer service inquiries and requests for information;
- post your comments or statements on our websites;
- send you personalized promotions, content, and special offers;
- communicate with you about our brands, products, events, or other promotional purposes;
- implement your communications preferences, such as sharing information with business partners so that they may email you about their promotions, products and initiatives; and
- provide important product safety information and notice of product recalls.
For Research, Development, and Improvement of Our Services. We want to ensure that our website, mobile applications, and services are continually improving and expanding so that we meet and exceed your needs and expectations. To do so, we process certain personal information, including to:
- maintain, improve, and analyze our websites, mobile applications, ads, and the products and services we offer; and
- detect, prevent, or investigate suspicious activity or fraud.
To Enforce our Terms, Agreements, or Policies. To maintain a safe, secure, and trusted environment for you when you use our websites, mobile applications, and other services, we use your personal information to ensure our terms, policies, and agreements with you and any third parties are enforced.
(c) To Comply with Applicable Laws. We are required to process certain personal information under certain laws and regulations, such as tax laws, as well as to:
- maintain appropriate records for internal administrative purposes as required by applicable law; and
- comply with applicable legal and regulatory obligations such as to provide important product safety information and notice of product recalls), and to respond to lawful governmental requests, as needed.
(d) With Your Consent. If we have your consent to do so, we will process certain personal information, including to:
- send you personalized promotions and special offers via email and other electronic means; and/or
- to inform you about our brands, products, events, or other promotional purposes.
You can withdraw your consent at any time by modifying your promotional preferences in your Starbucks user account online, or by contacting us as described in the Contact Us section below. Withdrawing your consent does not affect the lawfulness of the processing prior to the withdrawal.
We share your information as needed to fulfill the purposes described in this Privacy Statement and as permitted by applicable law. This includes sharing between Starbucks EMEA Limited and Café Sirène, among affiliated entities for internal business purposes, sharing with service providers to help perform business functions at our direction, sharing with your consent, sharing for marketing purposes, sharing as part of corporate transactions, and sharing to protect lawful interests.
We share personal information in the following circumstances:
(a) When We Work Together – We share information with subsidiaries and affiliated companies, including Starbucks Corporation, for fraud monitoring and services and other business purposes. For example, in some cases, we share personal information to administer our loyalty programs, process orders and requests, and expand and promote our product and service offerings.
(b) When We Work with Service Providers – We share your information with service providers that provide us with support services, such as: credit card processing services; website and Application hosting and management, the platform for our loyalty card; customer care services (such as assistance with responding to data subject access requests); email and postal delivery; location mapping; product and service delivery; fraud monitoring; analytics services; and conducting academic research. We contractually limit these service providers from retaining, using, or disclosing your confidential personal information for any purpose other than performing agreed upon services for us.
(c) When We Work on Business Transactions – If we become involved with a merger, corporate transaction or another situation involving the transfer of some or all of our business assets, we may share your information with business entities or people involved in the negotiation or transfer.
(d) When Sharing Helps Us Protect Safety and Lawful Interests – We disclose personal information if we believe that the disclosure is required by law or legal process, if we believe that the disclosure is necessary to enforce our agreements or policies, or if we believe that the disclosure will help us protect the rights, property, health or safety of Starbucks or our customers or partners.
(e) When We Work with Marketing Service Providers – We share information with marketing service providers to assess, develop and provide you with promotions and special offers that may interest you, administer contests, sweepstakes and events or for other promotional purposes.
(f) When You Give Consent – We share information about you with other companies if you give us permission or direct us to share the information.
(g) When You Post on Our Websites – If you post information on a blog or another part of our websites, the information that you post may be seen by other visitors to our websites, including your user name.
We also share information in a way that does not directly identify you. For example, in some cases we share information about your use of our websites and mobile applications in a manner that does not identify you, or combine information about the nature or frequency of your transactions with similar information about other people and share the aggregated information for statistical analysis and other business purposes.
6. Starbucks Mobile Applications
In certain locations, we may offer the Starbucks mobile application (“Application”) for our customers’ use and enjoyment. For more information on the Starbucks® Application for iPhone® or Android™, please visit: www.starbucks.be/app or your device’s mobile app store.
Use of the Application entails information collection in accordance with the Information We Collect section above, and includes ways for you (the “User”) to control Application functionality, such as location services, purchasing e-gifts, and setting push notification and in-app message preferences.
User Information -Through the use of an iOS, Android or other supported hardware device, some functionality of the Application requires the transmission of certain information provided by you to Starbucks, including:
- username and password;
- e-mail address;
- billing address;
- phone number;
- financial information, such as payment card numbers or account numbers;
- information related to a Starbucks stored value card (“Starbucks Card”);
- voice; and
- GPS location (together, “User Information”).
This User Information is needed in order to purchase Starbucks products through the Application. You have multiple options to securely and conveniently make your purchase, including:
- by using the Application to pay in the same manner as you would pay with a Starbucks Card (“Mobile Payment”);
- by making payment via your mobile device using a Starbucks Card prior to arriving at the store (“Method of Payment,” or “MOP”); and
- by placing an order using voice commands (“Voice Ordering”).
As described further below, certain optional information is also shared with Starbucks through the Application, including:
- Personalized messages for individuals to whom you would like to purchase and send a Starbucks gift card (“eGift”), and names and email addresses from a device’s “contacts” list if you choose to import a recipient’s contact information from there;
- advanced analytics information such as location data, diagnostic and usage data, and user interactions;
- location-based information, such as through GPS, Bluetooth-enabled iBeacons, or other location-based technology to enhance the user experience so that you may order ahead, receive directions, and see what is available at nearby stores; and
- the day and month of your birthday, so that we may recognize you on your special day (we don’t ask for your birth year for this).
Controlling Application Functionality
Location Services - In order to use certain Application functionality, such as MOP and location-based services and technology, you must either (a) enable “location services” in the Application; and/or (b) set the permissions in your mobile device to allow communication of this information. More information about adjusting location services on iOS devices may be found here, and additional information on managing an Android device’s location settings may be found here.
If you allow for location sharing, your device communicates with us in ways that allow for us to customize your experience in and around Starbucks stores, to monitor the effectiveness of our marketing efforts, to tailor messages based on your time and location patterns, and to limit the number of times you see a promotional message or offer.
Voice Ordering - In order to use certain Application functionality such as Voice Ordering, when available, you must (a) enable “microphone” and “speech recognition” in the Application; and/or (b) set the permissions in your mobile device to allow communication of this information.
If you use such Application functionality, including location services and voice ordering, you are transmitting User Information to Starbucks and/or its agents, and authorize Starbucks and/or its agents, to record, process, and store such User Information as necessary for the Application functionality and for purposes described in the Starbucks Privacy Statement. Please see the rest of this Privacy Statement for more information about how we may use and store personal information, and how to control the use of your personal information.
eGifts - If you choose to use Application functionality that allows you to send messages or eGifts to third parties, you must first obtain their permission to provide their personal information, such as their name, phone number or email address, to Starbucks. The referred information will be used by Starbucks for the purpose of contacting the third party, on your behalf, to carry out the requested functionality, for example, by emailing an eGift. Although you may enter the recipient’s contact information into the Application, you also have the option to provide the recipient’s contact information by granting Starbucks permission to access your device’s contacts.
You are solely responsible for maintenance of the confidentiality and security of any User Information which you transmit from or store on a Device for purposes of the Application, including Mobile Payment, MOP and Voice Ordering, and for all transactions and other activities undertaken with any Starbucks Card registered in the your name, whether authorized or unauthorized. You agree to immediately notify Starbucks of any unauthorized transactions associated with the Application including Mobile Payment, MOP, Voice Ordering, or any other breach of security. Starbucks shall not be responsible for any losses arising out of the loss or theft of User Information which you transmit from or store on a Device or from unauthorized or fraudulent transactions associated with the Application.
Email Communications, Push Notifications, and In-App Messages
The Application allows all users to set preferences for receiving promotional email communications from Starbucks, receiving push notifications on your device, and receiving inbox messages. Please note as well that you may opt-out of receiving email communications at any time by adjusting your Starbucks online account settings as described in the Your Choices and Rights section below, or by clicking the “unsubscribe” link included within any commercial email we send you.
7. Your Choices and Rights
You have control over your promotional communications preferences, mobile application functionality, cookie settings, and interest-based advertising preferences. You also have certain rights under law.
Promotional Communication Choices
You can opt out of receiving promotional emails and mailings by informing us of your preference at the time you sign up for a Starbucks account, by modifying your promotional preferences online in your account’s profile management section, or by following the “unsubscribe” instructions in the promotional emails we send you. Similarly, you may opt in to receive text messages, telephone calls and mailings. Please note that if you opt out of receiving promotional communications from us, we may still send you transactional communications, including emails about your Starbucks accounts or purchases.
Mobile Functionality – As described in the Starbucks Mobile Applications section above, location services, push notifications, and voice transmissions may be adjusted or disabled within your device settings.
Under certain circumstances, by law you have the right to:
- Request access to your personal information (commonly known as a “data subject access request”). This enables you to receive a copy of the personal information we hold about you.
- Request correction of the personal information that we hold about you.
- Request erasure of your personal information. This enables you to ask us to delete or remove personal information in certain circumstances (e.g., where there is no good reason for us continuing to process it).
- Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party), or where we are processing your personal information for direct marketing purposes.
- Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you.
- Request the transfer of your personal information to another party, when possible.
You can exercise these rights by visiting your user account at, or by contacting us as described in the Contact Us section below and specifying which GDPR privacy right(s) you wish to exercise. We must verify your identity in order to honor your request, which we will respond to within one month.
8. How We Protect Your Information
We protect your information using technical, physical, and administrative security measures to reduce the risk of loss, misuse, unauthorized access, disclosure or modification of your information. When you transmit highly sensitive information (such as a credit card number) through our website or in one of our mobile applications, we encrypt the transmission of that information using the Secure Sockets Layer (SSL) protocol.
However, no security system is perfect, and due to the inherent nature of the Internet, we cannot guarantee that data, including personal information, is absolutely safe from intrusion or other unauthorized access by others. You are responsible for protecting your password(s) and maintaining the security of your devices.
9. Retention and Disposal of Your Information
We retain your information for as long as necessary to fulfill the purposes described in this Privacy Statement and to comply with our record retention policies (unless a longer period is required by law). Our retention policies reflect applicable law. We will retain and use your information to the extent necessary to manage your relationship with us, to personalize and enhance your overall customer experience, and to comply with our legal obligations (for example, if we are required to retain your information to comply with applicable tax/revenue laws), to resolve disputes, to enforce our contracts, and as otherwise described in this Statement.
Your personal information may be transferred to, stored, and processed in a country other than the one in which it was collected, including the United States. It may also be processed by staff operating outside the EEA who work for Starbucks or for our third-party service providers. In such cases, we will take appropriate steps to ensure an adequate level of data protection of the recipient as required under the GDPR, including by putting in place standard contractual clauses that have been approved by the European Commission. You may obtain a copy of these clauses by contacting our DPO (see the Contact Us section below).
We welcome your questions, comments and concerns about privacy. You can contact Starbucks at Café Sirène by email to [email protected] or by post to: Café Sirène France, Service Clientèle, 38 rue des Jeûneurs, 75002 Paris or to our data protection officer at the email address dpd @zena.com.
By mail to Starbucks Coffee Company EMEA, Building 7, Chiswick Park, 566 Chiswick High Road London W4 5YG or to their Data Protection Officer at any time at [email protected].
You have the right to submit any request for rights to Starbucks EMEA Limited and Café Sirène, which operates the Starbucks business in Belgium. The entity to which you submit the request is responsible for processing the request and responding to you.
If you have any problems regarding our compliance, you have the right to lodge a complaint with the Data Protection Authority, in particular on its website at: https://www.autoriteprotectiondonnees.be/ or by post at the address Data Protection Authority, 35 rue de la Presse, 1000 Brussels Belgium.