PRIVACY POLICY
European Union - General Data Protection Regulation (GDPR)
GRO Solutions LLC
Effective Date: March 21, 2026
GO HOMEEffective Date: March 21, 2026
GRO Solutions LLC (“we,” “our,” or “us”) is committed to protecting the personal data of
individuals located in the European Union and European Economic Area. This Privacy Policy
explains how we collect, use, store, and protect your personal data when you visit our
website and use our services, in accordance with Regulation (EU) 2016/679 (the General
Data Protection Regulation, or “GDPR”).
The data controller responsible for your personal data is:
Entity - GRO Solutions LLC
Registration - QFC No. 04838
Address - Qatar Financial Centre, Doha, Qatar
Email - info@cupofcoffee.studio
We collect the following categories of personal data when you interact with our website:
Full Name - Your first and last name, as provided by you
Email Address - Your email address, as provided by you
We do not collect any special categories of personal data (e.g., health data, biometric data,
racial or ethnic origin).
Under Article 6 of the GDPR, we process your personal data on the following legal bases:
• Consent (Article 6(1)(a)) - You have given clear, affirmative consent for us to process
your personal data for the specified purposes.
• Legitimate Interest (Article 6(1)(f)) - Processing is necessary for our legitimate
interests, such as improving our services and communicating with you, provided
these interests are not overridden by your fundamental rights and freedoms.•
Contractual Necessity (Article 6(1)(b)) - Where processing is necessary to perform a
contract with you or take pre-contractual steps at your request.
We use your personal data for the following purposes:
• To create and manage your account on our platform
• To communicate with you regarding our services, updates, and announcements
• To respond to your inquiries and provide customer support
• To comply with our legal and regulatory obligations
• To improve and personalise your experience on our website
We retain your personal data only for as long as necessary to fulfil the purposes described in
this policy, or as required by applicable law. Specifically:
• Account data (name and email) is retained for the duration of your active account and
for up to 24 months following account closure or your last interaction with us.
• Upon expiry of the retention period, your data will be securely deleted or
anonymised.
You may request deletion of your data at any time by contacting us at info@cupofcoffee.studio.
As an EU/EEA data subject, you have the following rights under the GDPR:
• Right of Access (Article 15) - You may request a copy of the personal data we hold
about you.
• Right to Rectification (Article 16) - You may request correction of inaccurate or
incomplete personal data.
• Right to Erasure (Article 17) - You may request deletion of your personal data (“right
to be forgotten”).
• Right to Restriction of Processing (Article 18) - You may request that we restrict
processing in certain circumstances.
• Right to Data Portability (Article 20) - You may request your data in a structured,
commonly used, machine-readable format.
• Right to Object (Article 21) - You may object to processing based on legitimate
interests or for direct marketing purposes.
• Right to Withdraw Consent - Where processing is based on consent, you may
withdraw it at any time without affecting the lawfulness of prior processing.
To exercise any of these rights, please contact us at info@cupofcoffee.studio. We will
respond within 30 days of receiving your request.8. International Data Transfers
Your personal data may be transferred to and processed in countries outside the European
Economic Area, including Qatar. Where such transfers occur, we ensure appropriate
safeguards are in place, such as:
• Standard Contractual Clauses (SCCs) approved by the European Commission
• An adequacy decision by the European Commission, where applicable
• Your explicit consent for the transfer, where no other safeguard is available
We implement appropriate technical and organisational measures to protect your personal
data against unauthorised access, loss, destruction, or alteration. These measures include,
but are not limited to:
• Encryption of data in transit (TLS/SSL) and at rest
• Access controls limiting data access to authorised personnel only
• Regular security assessments and audits
We do not sell your personal data. We may share your data with trusted third parties only in
the following circumstances:
• Service providers who assist us in operating our platform (e.g., hosting, email
delivery), under data processing agreements compliant with Article 28 of the GDPR
• Legal authorities, where required by law or to protect our rights
Our website may use cookies and similar tracking technologies. Where these technologies
process personal data, we obtain your consent through a cookie banner in compliance with
the ePrivacy Directive. For details, please refer to our Cookie Policy [link to be inserted].
Our services are not directed at individuals under the age of 16. We do not knowingly collect
personal data from children. If you believe a child has provided us with personal data, please
contact us and we will take steps to delete it promptly.
If you believe that our processing of your personal data infringes the GDPR, you have the
right to lodge a complaint with a supervisory authority in the EU Member State of your
habitual residence, place of work, or place of the alleged infringement.14. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. Any material changes will be
communicated via our website or by email. The “Effective Date” at the top of this policy
indicates the most recent revision.
If you have any questions about this Privacy Policy or wish to exercise your rights, please
contact us:
Entity - GRO Solutions LLC
Email - info@cupofcoffee.studio
Address - Qatar Financial Centre, Doha, Qatar
