Privacy Policy

^{STARBUCKS Privacy Policy}

^{At Starbucks, we approach data and privacy the same way we approach everything we do: we put people first. We believe that caring for you also means caring for your personal data and your privacy. Grab a cup of coffee and find out more below.}

^{Last updated: 26 May 2026}

^Overview

^{This Starbucks Privacy Policy describes the categories of personal data we collect, how we use it, how and when it is shared, and the choices and rights you have regarding your personal data. It also explains how we communicate with you and how you can contact us with any queries or requests regarding your personal data. Thank you for taking the time to read and understand our privacy policy.}

^Contents

^{You can jump to specific sections of our Privacy Policy by selecting one of the sections listed below.}

^1.^{ApplicabilityandScope}
^2.^{Updates to this Privacy Policy}
^3.^{Data we collect}
^4.^{How we use your personal data}
^5.^{How we share your personal data}
^6.^{Starbucks App}
^7.^{Your choices and rights}
^8.^{How we protect your personal data}
^9.^{Retention and deletion of your personal data}
^10.^Children
^11.^{International data transfers}
^12.^Contact

^{1. Applicability and Scope}

^{(This Privacy Policy (“Privacy Policy”) applies to the website (“Website”) accessible at https://www.starbucks.de/ and operated by Starbucks EMEA Limited (“Starbucks EMEA”), as well as the Starbucks mobile app, also operated by Starbucks EMEA, which is available via https://www.starbucks.de/ (“App”). It also applies to the processing of personal data when you visit any of the Starbucks Coffee Houses (“Coffee House”) in Germany, all of which are operated by AmRest Coffee Deutschland Sp. z o.o. & Co. KG (“AmRest”). Starbucks EMEA and AmRest are joint controllers with regard to the data processed in connection with the Website, the App and the Coffee Houses to the extent described in more detail below and in the Annex to this Privacy Policy.)In this Privacy Policy, “we”, “our” or “us” refer to Starbucks EMEA and AmRest.}

^{2. Updates to this Privacy Policy}

^{This Privacy Policy is effective from the date stated above under “Last updated”. This Privacy Policy may be updated from time to time. If this is the case, you will be notified of any changes to this Privacy Policy that could significantly affect your rights or the way in which we personal data, you will be notified before the change takes effect, e.g. via a notice on the website. We encourage you to keep an eye out for updates and changes to this Privacy Policy by checking the date under “Last updated” when accessing the website and the app.}

^{3. Data we collect}

^{When you use the website and the app or visit a coffee house, we collect data about you and the services you use. The data we collect can essentially be categorised into the following three categories: (1) data you voluntarily provide to us, (2) data we collect automatically, and (3) data we collect from other sources. Some examples of when we collect this data include browsing or making a purchase on the website or in the app, creating a Starbucks account, using the website or app to make a purchase, topping up or redeeming a Starbucks Card, using the order and payment function in the app, or participating in a survey or promotional campaign. Here you will find a general description of the data we collect. Detailed information on the purposes of processing, the categories of personal data processed, the legal basis for processing and the responsibilities of the data controllers can be found in the appendix to the Starbucks Privacy Policy.}

^{(a) Data you voluntarily provide to us}

^{Some of the data we collect is provided when you use our services, e.g. when you set up a user account, when you add a Starbucks Card with stored credit, or when you join the Starbucks Rewards loyalty program, when you pay for products, or when you submit online forms on the website or in the app, including contact forms through which you send us enquiries or feedback. You may also grant us direct access to data on your device, e.g. data in the device’s ‘contacts’ list. The term “device”, as used in this Privacy Policy, refers to any computer, tablet, smartphone or other device that you use to access this website or use the app. Further information on permissions for mobile applications can be found below in the Starbucks App section. You are generally free to provide your personal data, and the provision of such data is not required to enter into and/or fulfil a contract, with the exception of the Starbucks Card and Starbucks Rewards, for which the provision of such data is required.}

^{(b) Data we collect automatically}

^{Some data is collected automatically by us or by service providers acting on our instructions to perform business tasks, including when you access the website, download and use the app, open emails sent by us or click on certain links within them, or otherwise interact with our services. For example:}

^{Purchase data – We collect data about your purchases in the Coffee Houses, on the website or via the app, including information about which products you buy, how often you buy them, and any rewards or promotions associated with a purchase.}
^{Device usage and location data – We collect certain data using cookies so that our systems can recognise your browser or device and we can provide you with our services. Further information about cookies and how we use them can be found in the appendix to the Starbucks Privacy Policy and the Cookie Statement.}
^{CCTV – In some of our Coffee Houses CCTV cameras are installed to monitor building security and to assist in the prevention, detection and investigation of criminal offences, as well as to help ensure the health and safety of our employees and visitors to our coffeehouses. Further information about video surveillance is available in the Coffee Houses.}

^{(c) Data that we collect from other sources}

^{Some data we collect comes from independent sources, including, in some cases, data that is publicly available, provided by or acquired from advertising partners, or found on social media platforms. For example, we may collect data that you submit to a blog, chat room or social network such as Facebook or Twitter. We may also collect or licence data about you from other companies and organisations, such as data aggregators or co-sponsors of events or promotions, including to supplement data we receive from you. In some cases, we receive data about you from affiliated companies, which we handle in accordance with this Privacy Policy. By collecting additional data about you, we can correct inaccurate data, enhance the security of your purchases, help prevent fraud, and provide you with product recommendations and special offers that are more likely to interest you.}

^{4. How we use your personal data}

^{We use your personal data for business and commercial purposes, including to provide the products and services you have requested, to provide customer service, to ensure security and prevent fraud, for marketing and advertising purposes, and for website and app analytics. Here you will find general information about the purposes and legal bases on which we rely when processing personal data. Detailed information about the purposes of processing, the categories of personal data processed, the legal basis for processing, the retention period and the responsibilities of the data controllers can be found in the appendix to the Starbucks Privacy Policy.}

^{(a) To enter into or perform a contract with you}^{. We process certain personal data when you access or use our services, for example for the:}

^{Processing your purchases of products and services or enquiries regarding them;}
^{Registration and verification of user accounts;}
^{Promoting our customer loyalty programs, such as Starbucks®Rewards;}
^{Supporting the functionality of the website and the app, including payment-related functionality.}

^{If you do not provide us with certain personal data when using our services, we may not be able to fulfil our contract with you (for example, if you do not provide us with your payment details, we cannot complete a purchase).}

^{(b) For our legitimate business purposes}^{. We process certain personal data in our legitimate business interests and in your legitimate interests, for example, to:}

^{To communicate with you}^{. We process certain data to communicate with you in connection with your accounts, our services, our marketing and your enquiries, including to:}

^{To enable users to access and browse the website}
^{to communicate with you regarding orders, purchases, returns, services, accounts, programs, competitions and prize draws;}
^{(to respond to your customer service enquiries) and other enquiries submitted via contact forms;}
^{to publish your comments or remarks on the website;}
^{to send you personalised information about promotions, content and special offers;}
^{to communicate with you regarding our brands, products, events or for other promotional purposes;}
^{to implement your communication preferences, such as sharing data with business partners so that they can send you emails about their promotions, products and initiatives; and}
^{to provide important product safety information and product recall notices.}

To process contact enquiries. We process personal data that you submit via contact forms to process your enquiry, contact you and provide customer services.

^{For research, development and improvement of our services}^.^{We want to ensure that the website, the app and the services are constantly improved and expanded so that we can meet and exceed your needs and expectations. To do this, we process certain personal data, including, amongst other things, to:}

^{maintain, improve and analyse our website, app, advertisements and the products and services we offer; and}
^{detect, prevent or investigate suspicious activity or fraud.}

^{To enforce our terms and conditions, contracts or policies}^{. To maintain a safe and trustworthy environment for you when you use the website, the app and other services, we process your personal data to ensure that our terms and conditions, policies and contracts with you and any third parties are enforced.}

^{(c) To comply with applicable law}^{. We are required by certain laws and regulations, such as tax laws, to process certain personal data, including, amongst other things, to:}

^{maintain appropriate records for internal administrative purposes in accordance with applicable law and}
^{where necessary, to comply with applicable legal and regulatory obligations (e.g. important product safety information and notifications regarding product recalls) and to be able to respond to legitimate requests from public authorities.}

^{(d) With your consent}^{. With your consent, we will process certain personal data, including to:}

^{send you personalised advertising and special offers by email and other electronic means and/or}
^{to inform you about our brands, products, events or other promotions.}

^{You may withdraw your consent at any time by changing your marketing preferences in your Starbucks account online or by contacting us as described in the Contact section below. Withdrawing your consent does not affect the lawfulness of processing prior to withdrawal. We do not currently make decisions based solely on automated processing (automated decision-making), including profiling, which produces legal effects or similarly significantly affects you.}

^{5. How we share your personal data}

^{We share your personal data to the extent necessary to fulfil the purposes described in this Privacy Policy and as permitted by applicable law. This includes sharing between Starbucks EMEA and AmRest, between affiliated companies for internal business purposes, sharing with service providers to assist in the performance of business functions on our instructions, sharing with your consent, sharing for marketing purposes, sharing as part of corporate transactions, and sharing to protect legitimate interests. We share personal data in the following circumstances:}

^{(a) When we work together – We share data with subsidiaries and affiliated companies, including Starbucks Corporation, for fraud prevention and for services and other business purposes. In some cases, for example, we share personal data to manage our customer loyalty programs, process orders and enquiries, and to expand and promote our range of products and services.}

^{(b) When we work with service providers – We share your personal data with service providers who provide support services to us, such as: services relating to credit card payments, hosting and administration of the website and app, the platform for our loyalty card, customer support (e.g. assistance with requests relating to data subjects’ rights as well as other enquiries submitted via contact forms), including the use of customer systems to manage and respond to such enquiries, whereby access to this data is restricted to authorised staff of the relevant local operator. Email and postal delivery, location tracking, delivery of products and services, fraud monitoring, analytics services, and the conduct of academic research. We contractually prohibit these service providers from storing, using or disclosing your personal data for any purpose other than the provision of the agreed services to us.}

^{Customer service systems – Personal data submitted via contact forms is processed in our customer service systems, which are used to manage and respond to customer enquiries. Access to this data is restricted to authorised employees of AmRest who are responsible for handling customer enquiries.}

^{(c) In connection with corporate transactions – If we are involved in a merger, corporate transaction or other action involving the transfer of some or all of our business assets, we may disclose your personal data to companies or individuals involved in the negotiations or transfer.}

^{(d) Where disclosure helps us to protect safety and legitimate interests – We disclose personal data where we believe that disclosure is required by law or in the context of legal proceedings, where we believe that disclosure is necessary to(enforce our contracts or policies, or if we believe that disclosure will help us protect our rights, property, health or safety, or that of our customers or partners.)}

^{(e) When we work with marketing service providers – We share data with marketing service providers to evaluate, develop and provide you with promotions and special offers that may be of interest to you, to organise competitions, prize draws and events, or for other promotional purposes.}

^{(f) With your consent – We share data about you with other companies if you give us your consent to do so or request that we do so.}

^{(g) When you post content on the website – If you post data on a blog or another part of the website, the data you post, including your username, may be viewed by other visitors to the website.}

^{We also share data in a way that does not allow you to be directly identified. For example, in some cases we share data about your use of the website and the app in a way that does not allow you to be identified, or we combine data about the nature or frequency of your transactions with similar data about other people and share the aggregated data for statistical analysis and other business purposes.}

^{6. Starbucks App}

^{In certain regions, we may offer the app to our customers for their use and enjoyment. For further information about the Starbucks® app for iPhone® or Android™, please visit https://www.starbucks.de/ or the app store for your mobile device. Use of the app requires the collection of data in accordance with the section above entitled “Data We Collect” and includes options for you (the “User”) to control the app’s features, such as location services and the setting of push notifications and in-app messaging preferences. Here you will find general information about the purposes and legal bases on which we rely when processing personal data. Detailed information on the purposes of processing, the categories of personal data processed, the legal basis for processing and the responsibilities of the data controllers can be found in the Annex to the Starbucks Privacy Policy. User Data – When using an iOS, Android or other supported device, certain features of the App require the transmission of specific data provided by you, including:}

^{username and password;}
^{Email address;}
^{Billing address;}
^{Telephone number;}
^{Payment details, such as payment card numbers or account numbers;}
^{Data relating to a Starbucks prepaid card (“Starbucks Card”); and}
^{GPS location (collectively, “User Data”).}

^{This User Data is required to purchase products via the App. You have several options for making your purchase securely and conveniently, including using the App to pay in the same way you would pay with a Starbucks Card (“mobile payment method“). As described below, certain data is shared with us by the app on an optional basis, including:}

^{advanced analytics data such as location data, diagnostic and usage data, and user interactions;}
^{location-based data, e.g. collected via GPS or other location-based technologies, to enhance the user experience so that you can place pre-orders, get directions and see what’s available at nearby Coffee Houses; and}
^{the day and month of your birthday, so that we can celebrate your special day (we do not ask for your year of birth).}

^{We use cookies to enable our systems to recognise your browser or device and to provide the app. For further information on how we use cookies, please read the appendix to the Starbucks Privacy Policy and the Cookies Statement.}

^{Control of app functionality}

^{Location services – To use certain features of the app, such as the feature for finding Coffee Houses, you must either (a) enable ‘location services’ in the app; and/or (b) set the permissions on your mobile device to allow this data to be transmitted. Further information on how to configure location services on iOS devices can be found}^here^{, and additional information on managing the location settings of an Android device can be found}^here^{. If you use such features of the app, including location services and voice ordering, you will transmit user data to us and/or to companies commissioned by us, and we and/or they will collect, process and store your user data to the extent necessary for the functionality of the app and for the purposes described in the privacy policy.}

^{Further information on how we may use and store personal data, and how you can control the use of your personal data can be found in the rest of this privacy policy.}

^{User Responsibility}

^{You are solely responsible for maintaining the confidentiality and security of any user data that you transmit from a device for the purposes of the App or store on it, including mobile payment methods, as well as for all transactions and other activities carried out using a Starbucks Card registered in your name, whether authorised or unauthorised. You agree to notify Starbucks EMEA immediately of any unauthorised transactions relating to the App, including mobile payments, or any other security breach. Starbucks EMEA is not liable for any loss or damage arising from the loss or theft of user data that you transmit from or store on a device, or from unauthorised or fraudulent transactions relating to the App.}

^{Email communications, push notifications and in-app messages}

^{The App allows all users to configure settings for receiving promotional emails from AmRest, receiving push notifications on your device, and receiving messages in your inbox. Please also note that you can opt out of receiving email messages at any time by adjusting the settings of your Starbucks Online account, as described below in the section ‘Your choices and rights’, or by clicking on the ‘Unsubscribe’ link included in every promotional email we send you.}

^{7. Your Choices and Rights}

^{You have control over your preferences regarding promotional communications, the functionality of the app, cookie settings and settings for interest-based advertising. In addition, you have certain legal rights.}

^{Choices regarding promotional communications}

^{You can opt out of receiving promotional emails and mailings by informing us of your preferences when you sign up for a Starbucks account, by changing your promotional preferences online in your account’s profile settings, or by following the unsubscribe instructions in the promotional emails we send you. Similarly, you may choose to receive telephone calls and postal mail. Please note that even if you opt out of receiving marketing communications, AmRest may still send you transactional communications, including emails regarding your Starbucks accounts or purchases.}

^{Mobile functionality}^{– As described above in the Starbucks App section, location services, push notifications and voice messages can be adjusted or disabled within your device settings. For further information on how we use cookies, please read the Cookies Statement.}

^{In certain circumstances, you have by law the right to (there may be legal restrictions or exclusions to these rights):}

^{to obtain information about your personal data (commonly known as the ‘right to access’). This allows you to obtain a copy of the personal data we hold about you.}
^{to request the rectification of the personal data we hold about you}
^{To request the erasure of your personal data. This allows you, in certain circumstances (e.g. where there is no valid reason for further processing), to request the erasure or removal of personal data.}
^{to request the restriction of the processing of your personal data. This allows you to ask us to stop processing your personal data.}
^{to request the transfer of your personal data to a third party (right to data portability), where this is possible.}

^{to object to the processing of your personal data where we rely on a legitimate interest (or that of a third party), or where we process your personal data for direct marketing purposes.}

^{You may exercise these rights by accessing your user account at}^{https://www.starbucks.de/}^{or by contacting us as described in the Contact section below, specifying which right(s) under the GDPR you wish to exercise. We must verify your identity in order to comply with your request, to which we will respond within one month.}

^{8. How we protect your personal data}

^{We protect your personal data using technical, physical and administrative security measures to reduce the risk of loss, misuse, unauthorised access, disclosure or alteration of your personal data. When you submit particularly sensitive data (such as a credit card number) via the website or using the app, we encrypt the transmission of this data using the Secure Sockets Layer (SSL) protocol. However, no security system is perfect, and due to the nature of the internet, we cannot guarantee that data, including personal data, is absolutely secure from intrusion or other unauthorised access by third parties. You are responsible for protecting your password(s) and maintaining the security of your devices.}

^{9. Retention and deletion of your personal data}

^{We retain personal data to the extent necessary to fulfil the purposes set out in this privacy policy and to comply with legal requirements, including record-keeping, dispute resolution and the enforcement of our contracts. Our retention of your personal data is governed by applicable law. This retention period may extend beyond the duration of your customer relationship with us. As a general rule, we only retain your personal data for as long as is necessary to fulfil the purpose for which it was collected or for as long as required by law. We may need to retain your personal data for longer than the retention periods we have specified in order to process your requests, including to continue to opt you out of promotional emails or to comply with legal, regulatory, accounting or other obligations. For example, personal data contained in contracts, communications and business correspondence may be subject to statutory retention obligations which may require retention for up to 10 years. Other personal data is generally deleted 6 years after the termination of the relevant contractual relationship between you and us (where applicable). More detailed information on the actual retention periods can be found in the appendix to the Starbucks Privacy Policy. When personal data is no longer required, or in any event after the legal authority to retain it has expired, personal data will be deleted in accordance with local law and in accordance with the procedures established for the relevant system or process.}

^{10. Children}

^{The website or online services are not intended for use by children. If you are a parent or guardian and believe that we may have collected data relating to your child, please contact us immediately as described in the Contact section of this Privacy Policy. For further information, please read our Terms of Use.}

^{11. International Data Transfers}

^{Your personal data may be transferred to a country other than the country in which it was collected, and which is located outside the European Economic Area (EEA), including the United States, where it may be stored and processed. In such cases, we will take appropriate measures to ensure an adequate level of data protection on the part of the recipient in accordance with the requirements of the GDPR, including through the use of standard contractual clauses adopted by the European Commission. You may obtain a copy of these clauses by contacting our Data Protection Officer (see the Contact section below).}

^12.Contact

^{We welcome your questions, comments and concerns regarding data protection. You can contact Starbucks EMEA by email at [email protected], or by post at Building 7, ChiswickPark, 566 Chiswick High Road, London, United Kingdom, and AmRest and AmRest Guest Services, by email}^{[email protected]}^{or by post at AmRest Coffee Deutschland Sp. z o.o. & Co.KG, Dachauer Straße 65, 80335 Munich. You have the right to address any enquiry regarding your rights to Starbucks EMEA and/or AmRest, which operates the Coffee Houses in Germany, and the party to whom you address the enquiry is responsible for processing it and replying to you. If you have any concerns about our compliance with the law, you have the right to lodge a complaint with a supervisory authority in the EEA (}^Link^{). We would appreciate it if you could first share your concerns with us and would welcome you to send us an enquiry first – see the Contact section. You may also contact the Data Protection Officer (“DPO”) of Starbucks EMEA at any time,}^{[email protected]}^{. You may also contact the DPO of AmRest: Data Protection Officer AmRest Coffee Deutschland Sp. z o.o. & Co.KG, Dachauer Straße 65, 80335 Munich, email:}^{[email protected]}^.

^{Appendix to the Starbucks Privacy Policy available for download}^{. For information about cookies and how we use them, please read the Cookie Policy.}

^{Appendix to the Starbucks Privacy Policy}

	^{Purposes of processing}	^{Categories of personal data}	^{Legal basis for processing}	^{Data controller}
	^{Access to and navigation of the brand website. To enable users to access and navigate the website.}	^{IP address} ^{Date and time of the access request} ^{Time zone difference from Greenwich Mean Time (GMT)} ^{Content of the request (specific page)} ^{Access status/HTTP status codeAmount of data transferred} ^{Website from which the access request originates} ^{Browser (language and version of the browser software), device type and operating system}	^{Data processing in connection with the website is based on legitimate interests (Art. 6(1)(f) GDPR) (e.g. the processing of personal data that your browser transmits to our server is technically necessary to enable you to access and use the website). Further information on the balancing of interests is available on request.}	^{Starbucks EMEA}
	^{Access to and use of the Starbucks Rewards website. To enable users to access and use the website.}	^{IP address} ^{Date and time of the access request} ^{Time zone difference from Greenwich Mean Time (GMT)} ^{Content of the request (specific page)} ^{Access status/HTTP status code} ^{the amount of data transferred} ^{Website from which the access request originates} ^{Browser (language and version of the browser software), device type and operating system}	^{(Data processing in connection with the website is based on legitimate interests (Art. 6(1)(f) GDPR) (e.g. the processingof personal data transmitted by your browser to our serveristechnically necessary to enable you to access and use the website). Further information on the balancing of interests is available on request.)}	^{Starbucks EMEA}
	^{Starbucks app. So that users can use the app’s features.}	^{IP address} ^{Date and time of the access request} ^{Time zone difference from Greenwich Mean Time (GMT)} ^{Content of the request (specific page)} ^{Access status/HTTP status code} ^{Amount of data transferred} ^{Device type and operating system} ^{Username and password;} ^{Email address;} ^{Billing address;} ^{telephone number;} ^{Financial data, such as payment confirmations;} ^{Data relating to a Starbucks gift card (“Starbucks Card”);} ^{advanced analytics data such as location data, diagnostic and usage data, and user interactions;} ^{Location data, e.g. via GPS or other location-based technologies, to enhance the user experience so that you can order in advance, get directions and see what’s available at stores near you; and} ^{The day and month of your birthday, so we can wish you a happy birthday on your special day (we do not ask for your year of birth).}	^{Data processing in connection with the app is based on legitimate interests (Article 6(1)(f) of the GDPR) (for example, the processing of personal data transmitted from your device, on which the app is installed, to our server(s) is technically necessary for you to be able to use the app). Further information on the balancing of interests is available on request.}	^{Starbucks EMEA}
	^{General communication To communicate with users regarding orders, purchases, accounts, etc., and to respond to customer service enquiries and requests for information.}	^{First name} ^Surname ^Address ^Town ^Postcode ^{Email address and, for AmRest loyalty programme members, the data listed below for Starbucks Rewards}	^{Legitimate interests (Art. 6(1)(f) GDPR): The processing of personal data is necessary to respond to the user’s enquiry, which could not otherwise be processed. Therefore, the processing is justified on the basis of legitimate interests. Further information on the balancing of interests is available on request.}	^{Starbucks EMEA}
^5.	^{Personalised newsletters and other communications, includingpersonalised promotions, content and special offers, as well as communications regarding our brands, products,events or other promotional purposes. To enable users to subscribe to our personalised newsletter and for us to send them personalised newsletters.}	First name Surname Email and, for loyalty programme members, the data listed below for Starbucks Rewards Data for personalising marketing communications (e.g. purchase history, including details of products purchased, time of purchase (weekdays vs. weekends, time since last purchase), favourite location/city date of birth for birthday messages), demographic data (such as gender, age group, country and derived interest groups (e.g. “coffee lovers” or “travel enthusiasts”)).	^{The legitimate interest (Art. 6(1)(f) GDPR) in conjunction with consent to receive marketing information forms the legal basis for the processing of personal data for the purpose of personalisation and the sending of emails to subscribers of the personalised newsletter regarding initiatives, announcements and product offers based on account information and activity (profiling).}	^{Joint controllership} ^{Starbucks EMEA is responsible for:} ^{• the collection, storage and anonymisation (including through tokenisation) of personal customer data, determining which personal customer data (if any) is to be disclosed to the licensee, and the disclosure of such personal customer data;} ^{• determining any restrictions on analyses that Licensees may carry out using the personal customer data shared by Starbucks to improve marketing campaigns; and} ^{• determining the general communication approach and providing recommendations and guidelines on this approach to the Licensee.} ^{AmRest is responsible for:} ^{• conducting analyses of the personal customer data to improve marketing communications in accordance with the parameters set by Starbucks; and} ^{• Determining the exact content of the communications (in accordance with the guidelines), setting the schedule for the communications and sending the communications to customers, as well as setting the schedule for the loyalty campaign newsletter.}
^6.	^{Analytics services on the website and in the app}	^{To ensure the security of the service, carry out statistical analyses, improve our services and adapt them to the needs and convenience of users.}	^{Legitimate interests (Art. 6(1)(f) GDPR).}	^{Starbucks EMEA}
^7.	^{(Starbucks Rewards: To enable users to sign up for our loyalty and rewards programme “Starbucks Rewards”, to offer and improve the “Starbucks Rewards” programme, and to optimise our products and services, asdescribedin the relevant terms and conditions [}^{https://www.starbucks.de/de/terms-of-use}^].	^{First name;} ^Surname; ^{Email address;} ^Password; ^Address; ^{Address 2 (optional);} ^Town; ^Postcode; ^{Date of birth (month and day only);} ^{Starbucks card number;} ^{Browser (language and version of the browser software);} ^{Device type and operating system;} ^{Cardholder details; and transaction details.}	^{Processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract (i.e. contract regarding participation in the Starbucks Rewards programme and the provision of benefits under the Starbucks Rewards programme) (Art. 6(1)(b) GDPR).}	^{Join the Controllership Team} ^{Starbucks is responsible for:} ^{• all data processing in connection with Starbucks Rewards; and} ^{• determining any restrictions on the data processing that franchisees may carry out using the personal customer data disclosed by Starbucks.} ^{AMRest is responsible for:} ^{• conducting analyses of the personal customer data that Starbucks shares with AMRest, in accordance with the restrictions imposed by Starbucks;} ^{• managing overall programme performance (e.g. revenue, frequency, average receipt value, number of customers with marketing consent, in-store vs. mobile app usage, active points balance) and the associated management of marketing campaigns; and} ^{• Measuring the effectiveness of marketing campaigns (e.g. how many customerstook advantage of the promotion, revenue generated, return on investment).}
^8.	^{Use of video surveillance in retail outlets.}	^{Video recordings}	^{Legitimate interests (Art. 6(1)(f) GDPR). Processing is necessary to ensure the safety of individuals, including our employees, to protect our property and to safeguard the confidentiality of information whose disclosure could cause harm to AmRest.}	^AmRest
^9.	^{Management of contact forms}	Name, email address Subject and content of the message	^{Legitimate interest (Art. 6(1)(f) GDPR).The processing of this data is necessary to ensure a high standard of customer service and to provide the requested information.}	^AmRest

^{Information about cookies and their use on this website can be found in the}^{Cookie Policy}^.