Privacy Policy

At Mortar & Bean, we take your privacy seriously. This Privacy Policy explains how we collect, use, protect, and share information when you visit our website or engage with our services. We believe transparency is essential to building trust, and we're committed to handling your data with care and respect.

Last updated: December 12, 2025

Our Commitment to Data Protection

Your personal information belongs to you. We collect only what we need to provide quality service and improve your experience on our site. We never sell your data to third parties, and we implement reasonable security measures to protect the information you share with us. This policy applies to all visitors and users of our website, regardless of how you access or use our services.

Information We Collect

Information You Provide Directly

When you interact with our website, you may choose to provide certain information voluntarily:

  • Contact Form Data: When you fill out our contact form, we collect your name, email address, and any message or inquiry you submit. We use this information solely to respond to your request and provide the information or services you're seeking.
  • Communication Records: If you email us directly or communicate through other channels, we retain these communications to provide better service and reference your previous inquiries if needed.
  • Consultation Information: During consultations or service engagements, you may share details about your business, coffee program, equipment needs, or preferences. We use this information to deliver tailored recommendations and services.

Information Collected Automatically

Like most websites, we automatically collect certain technical information when you visit:

  • Device and Browser Data: Information about the device and browser you use to access our site, including device type, operating system, browser type and version, and screen resolution.
  • Usage Information: Details about how you navigate our website, including pages visited, time spent on pages, links clicked, and the path you take through our site.
  • IP Address and Location: Your IP address and approximate geographic location based on that address. This helps us understand where our visitors are located and tailor content accordingly.
  • Cookies and Similar Technologies: We use cookies and similar tracking technologies to enhance functionality and analyze site usage. For detailed information about our cookie practices, please see our Cookie Policy.

Information from Third Parties

We may receive information about you from third-party services we use to operate our website, such as analytics providers, advertising platforms, and technical service providers. This information is typically limited to aggregated, anonymized data about website traffic and user behavior patterns.

How We Use Your Information

We use the information we collect for specific, legitimate business purposes that directly benefit your experience with our services:

Communication and Service Delivery

Responding to your inquiries, providing requested information, scheduling consultations, and delivering our coffee development and equipment integration services.

Website Improvement and Analytics

Understanding how visitors use our site, identifying popular content, detecting technical issues, and improving overall site performance and user experience.

Personalization and Preferences

Remembering your preferences, tailoring content to your interests, and providing a more relevant browsing experience when you return to our site.

Security and Fraud Prevention

Protecting our website from malicious activity, detecting and preventing fraud, ensuring secure connections, and maintaining the integrity of our systems.

Marketing and Communications

Sending relevant information about our services, sharing educational content about coffee craft, and occasionally reaching out with updates that might interest you. You can opt out of marketing communications at any time.

Legal Compliance

Meeting legal obligations, responding to lawful requests from authorities, enforcing our terms and policies, and protecting our rights and those of others.

Legal Basis for Processing Your Data

We process your personal information based on one or more of the following legal grounds:

  • Consent: You've given us explicit permission to process your data for specific purposes, such as receiving marketing communications.
  • Contractual Necessity: Processing is necessary to fulfill our contractual obligations to you or to take steps at your request before entering into a contract.
  • Legitimate Interests: We have a legitimate business interest in processing your data, such as improving our services, maintaining security, or conducting analytics, and your rights don't override these interests.
  • Legal Obligations: Processing is necessary to comply with applicable laws and regulations.

How We Share Your Information

We do not sell, rent, or trade your personal information to third parties. However, we may share your information in the following limited circumstances:

Service Providers

We work with trusted third-party service providers who assist us in operating our website, conducting business, or serving our customers. These providers include hosting services, analytics platforms, email service providers, and payment processors. They have access only to the information necessary to perform their functions and are contractually obligated to protect your data.

Business Partners

We may share limited information with business partners when providing integrated services, such as equipment suppliers or roastery facilities we work with. Any sharing is done with your knowledge and only to the extent necessary to deliver the services you've requested.

Legal Requirements

We may disclose your information if required by law, regulation, legal process, or governmental request. We may also share information when we believe disclosure is necessary to protect our rights, your safety, or the safety of others, investigate fraud, or respond to law enforcement requests.

Business Transfers

In the event of a merger, acquisition, reorganization, or sale of assets, your personal information may be transferred as part of that transaction. We will notify you of any such change and the choices you may have regarding your information.

How Long We Keep Your Information

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. The specific retention period depends on the type of information and the purpose for which we collected it:

  • Contact Form Submissions: Typically retained for 2-3 years after your last interaction with us, unless you request earlier deletion.
  • Service Records: Information related to services we've provided may be retained for up to 5 years for business records and potential follow-up support.
  • Analytics Data: Aggregated and anonymized data may be retained indefinitely for business analysis and website improvement purposes.
  • Marketing Preferences: Retained until you withdraw consent or request removal from our communications list.

When we no longer need your information, we securely delete or anonymize it so that it cannot be linked back to you.

How We Protect Your Information

We implement reasonable technical, administrative, and physical security measures designed to protect your personal information from unauthorized access, use, alteration, and destruction. However, no method of transmission over the internet or electronic storage is completely secure, and we cannot guarantee absolute security.

Technical Safeguards

Encryption, secure connections (SSL/TLS), firewalls, and regular security updates to protect data in transit and at rest.

Access Controls

Limited access to personal information, strong authentication requirements, and role-based permissions for our team members.

Regular Monitoring

Continuous monitoring for suspicious activity, regular security audits, and prompt response to potential security incidents.

Data Minimization

Collecting only the information we need, avoiding unnecessary data retention, and anonymizing data where possible.

Your Privacy Rights

You have several rights regarding your personal information. The specific rights available to you may vary depending on your location and applicable laws:

Right to Access

You can request a copy of the personal information we hold about you. We'll provide this in a structured, commonly used format.

Right to Rectification

If any information we have about you is inaccurate or incomplete, you can request that we correct or update it.

Right to Erasure

You can request that we delete your personal information, subject to certain legal exceptions such as compliance with legal obligations or establishment of legal claims.

Right to Object

You can object to certain types of processing, such as direct marketing. When you object, we'll stop processing your data for that purpose unless we have compelling legitimate grounds.

Right to Restrict Processing

In certain circumstances, you can request that we limit how we use your information while we verify its accuracy or assess your objection to our use.

Right to Data Portability

You can request a copy of your personal information in a portable format, allowing you to move, copy, or transfer it from our systems to another service provider.

Right to Withdraw Consent

Where we process your data based on consent, you can withdraw that consent at any time. This won't affect the lawfulness of processing before your withdrawal.

To exercise any of these rights, please contact us using the information provided at the end of this policy. We'll respond to your request within a reasonable timeframe and in accordance with applicable law, typically within 30 days.

Your Rights and Opt-Out Instructions

You are not required to provide any personal information when using this website. If you prefer not to share your data, you may:

Avoid filling out contact forms, account registrations, or any data-submitting features on our website.

Disable cookies through your browser settings. See our Cookie Policy for more details on cookie management.

Contact us directly to request the deletion of any previously shared personal data.

We respect your privacy choices. If you would like us to delete your data, please reach out to us through our Contact page. We will process your request promptly and in accordance with applicable data protection laws.

Children's Privacy

Our website and services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have inadvertently collected information from a child, please contact us immediately, and we will take steps to delete that information from our systems.

International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that differ from those in your jurisdiction. When we transfer your information internationally, we take appropriate safeguards to ensure your data receives adequate protection.

If you're located in the European Economic Area (EEA), United Kingdom, or Switzerland, we rely on approved data transfer mechanisms such as Standard Contractual Clauses when transferring your data outside these regions.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we'll update the "Last updated" date at the top of this policy and may provide additional notice through our website or by email if appropriate.

We encourage you to review this Privacy Policy periodically to stay informed about how we're protecting your information. Your continued use of our website after changes are posted constitutes your acceptance of the updated policy.

Contact Us About Privacy

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, we're here to help. You can reach us through the following methods:

Email: [email protected]

Website: mortarbean.org

Contact Form: Available on our homepage

We'll respond to your inquiry as promptly as possible, typically within 3-5 business days. For privacy-related requests, we may need to verify your identity before processing your request to protect your personal information.