Privacy policy

This Privacy Policy describes how your personal information is collected, used, and shared when you visit or make a purchase from thebasicbarista.com (the “Site”).

We collect information to process orders, improve your shopping experience, and communicate with you responsibly.
We don’t sell your data. Shopify helps us securely manage this information in line with Australian and international privacy standards.

Personal Information We Collect

When you visit the Site, we automatically collect certain information about your device, including your web browser, IP address, time zone, and some of the cookies installed on your device.
As you browse, we also collect details about:

  • The pages or products you view
  • What websites or search terms referred you to our Site
  • How you interact with our pages

We refer to this automatically collected information as “Device Information.”

We collect Device Information using:

  • Cookies – small data files stored on your device. For more info on cookies and how to disable them, visit allaboutcookies.org.
  • Log Files – track actions on the Site, including IP address, browser type, internet service provider, referring/exit pages, and timestamps.
  • Web Beacons, Tags, and Pixels – electronic files that record browsing activity.

When you make or attempt to make a purchase, we collect Order Information, including:

  • Your name
  • Billing and shipping address
  • Payment information (credit card details or third-party services such as PayPal, Shop Pay, or Afterpay)
  • Email address
  • Phone number

When we mention “Personal Information” in this policy, we’re referring to both Device and Order Information.

How We Use Your Personal Information

We use Order Information to:

  • Process and fulfill orders (payments, shipping, invoices, order confirmations)
  • Communicate with you
  • Screen for potential risk or fraud
  • Provide you with information or offers related to our products and services (based on your preferences)
  • Contact you in the rare event of a product recall

We use Device Information to:

  • Detect potential risk or fraud (especially by reviewing IP addresses)
  • Improve our website experience (analytics, performance, and marketing insights)

We may also use automated systems (including AI-based tools provided by Shopify and other trusted services) to personalise your experience — for example, to recommend products or tailor marketing messages. These systems do not make decisions with legal or significant effects without human oversight.

Sharing Your Personal Information

We share your Personal Information with trusted third parties to help operate our business, as outlined below.

Shopify

Our store is hosted on Shopify, which processes your information securely to operate our website and provide advanced features known as Enhanced Services.
These Enhanced Services use anonymised insights from customer interactions across Shopify stores to improve performance, protect against fraud, and offer better merchant tools.

Shopify may process your information in Canada, the United States, or other regions where it operates. Data may also be shared with other merchants through Shopify’s Network Intelligence for aggregated, anonymised insights.

Third-Party Apps and Integrations

We use third-party services that assist with website operation, order fulfilment, marketing, and customer experience, such as email marketing tools, review platforms, analytics, and shipping systems.
These providers only receive the data necessary to perform their role and must comply with privacy laws.

Payment Processors

When you pay using third-party payment providers (e.g. PayPal, Shop Pay, Afterpay), your data is processed under those providers’ own privacy policies.
We don’t store your complete payment details on our servers.

Shipping and Fulfilment

To deliver your order, we share necessary details (like your name, address, email, and phone number) with postal carriers and couriers.
If you order internationally, your information may be shared with customs and logistics partners to ensure proper delivery and compliance with import laws.

Finally, we may share Personal Information to comply with laws and regulations, respond to lawful requests, or protect our rights.

Behavioural Advertising

We use your information to show you relevant advertising and marketing messages.

You can opt out of targeted advertising through:

If you’re in a US state that recognises a right to opt out of data “sharing” or “targeted advertising,” you can use our Data Sharing Opt-Out Page or Shopify’s automated privacy tools.

Cookies and Consent Preferences

We use cookies to provide essential site functionality, analytics, and advertising features.
You can manage cookie preferences anytime through our cookie banner or your browser settings. Some cookies are required for basic site functions, while others are optional for performance and marketing.
Refusing optional cookies may limit certain features, but you’ll still be able to browse and shop normally.

Do Not Track

We do not alter our Site’s data collection practices when we receive a Do Not Track signal.
If you use tools like Global Privacy Control (GPC) or Shopify’s consent banner, Shopify automatically respects your preferences.

Your Rights

Depending on where you live, you may have the right to:

  • Access the personal information we hold about you
  • Request correction, updating, or deletion
  • Withdraw consent or object to processing

If you’re located in the EEA, UK, or Switzerland, your data may be processed to fulfil contracts (like orders) or to pursue our legitimate business interests.
You can manage or delete your data anytime through Shopify’s Privacy Portal.

We also comply with the Australian Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).
Australian customers can contact us to request access, correction, or deletion of their personal information.

Data Retention

We keep your Order Information for our records unless you request its deletion.
To request deletion or export of your data, please contact us or visit Shopify’s  Privacy Portal.

Data Breach Notification

If a data breach occurs that could compromise your personal information, we’ll promptly notify affected individuals and the Office of the Australian Information Commissioner (OAIC) as required under the Notifiable Data Breaches (NDB) Scheme.

Mobile Phone Number Collection for SMS Marketing

We collect your mobile number for SMS marketing, including order updates, promotions, and announcements.
By providing your number, you consent to receive these messages.
You can opt out anytime using the unsubscribe link in any SMS or by contacting us directly.

We take reasonable steps to protect your number, but no system is 100% secure. By providing your number, you acknowledge this risk and agree to receive SMS communication via unencrypted networks.

Email Marketing and Unsubscribe Options

We send emails to share updates, order information, and occasional promotions.
You can unsubscribe at any time using the “unsubscribe” link in our emails or by contacting us.
Once unsubscribed, you’ll still receive essential communications like order confirmations and shipping updates.

Minors

Our Site isn’t intended for individuals under 18 years of age.

Changes

We may update this policy periodically to reflect updates in our practices, legal obligations, or Shopify’s processing systems.

Contact Us

For any questions, concerns, or complaints about our privacy practices, please contact us at:

Basic Barista
info@thebasicbarista.com
Melbourne, VIC, Australia