Barista’s Friend (Pty) Ltd (“Barista’s Friend,” “we,” “our,” or “us”) respects your privacy and is committed to protecting your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit or make a purchase through our website baristasfriend.co.za and related services (collectively, the “Services”).

By using our Services, you accept the practices described in this policy. If you do not agree, please do not use our Services.

Information We Collect

We may collect or receive the following types of information:

Personal / Identifying Information
  • Name
  • Email address
  • Telephone number
  • Postal / delivery address
  • Billing information (e.g. billing address)
  • Payment information (note: sensitive payment details such as card numbers are generally processed via third-party payment gateways)
  • Account credentials (username, password)
Technical and Usage Information
  • IP address
  • Browser type and version
  • Operating system and device type
  • Date and time of visit
  • Pages viewed, URLs visited, clickstream data, and how you interact with the site
  • Referring site / landing page
  • Cookies, pixels, and other tracking technologies
Other Information
  • Marketing preferences (if you opt in)
  • Transaction history (what you purchase, order date, etc.)
  • Communications data (e.g. your messages to us, responses, customer support interactions)
  • Any additional information you voluntarily provide (e.g. in surveys, reviews, comments)

How We Use Your Information

We use your information for the following purposes (to the extent lawful and with your consent where required):

  • To process and fulfill your orders (including shipping, delivery, returns)
  • To communicate with you (order confirmations, status updates, customer support)
  • To send marketing and promotional communications (only with your opt-in consent)
  • To administer your account (if you register)
  • To detect and prevent fraud, abuse, or other harmful activity
  • To improve our website, products, and services (analytics, A/B testing, etc.)
  • To comply with legal or regulatory obligations
  • To enforce our terms, protect our rights, and resolve disputes

If we wish to use your personal information for a new purpose not originally disclosed, we will obtain your consent or provide you the opportunity to opt out, unless otherwise permitted under law.

Legal Basis for Processing (Under POPIA)

Under South Africa’s Protection of Personal Information Act (POPIA), we will only process personal information if one or more of the following grounds apply:

  • You have consented to the processing
  • Processing is necessary to perform a contract (e.g. to fulfill your order)
  • Processing is required by law
  • Processing is necessary to protect your legitimate interests or those of others
  • Processing is for our legitimate interest (provided it does not override your rights)

We strive to ensure all processing is lawful, minimal, and transparent.

Sharing & Disclosure of Information

We will not sell or rent your personal information to third parties. We may share your information under the following circumstances:

  • Service Providers & Processors: We may engage third parties (such as payment gateways, shipping and logistics providers, analytics providers, email service providers) to perform services on our behalf. These parties will only have access to your information as needed to perform their tasks and will be subject to confidentiality obligations.
  • Affiliates / Business Partners: Where relevant, we may share information with affiliates or business partners (e.g. co-promotions) — with your consent or where permitted by law.
  • Legal & Regulatory Authorities: We may disclose your information if required by law, court order, or government request; or to enforce our terms or protect rights, property, or safety.
  • Business Transfers: In case of a merger, acquisition, or sale of assets, your information may be transferred as part of the transaction (with notice).

Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, to maintain legitimate business operations (e.g. record keeping, disputes, fraud prevention), and to comply with legal obligations. Thereafter, we securely delete, anonymize, or destroy the data.

Your Rights & Choices

Under POPIA (and applicable law), you have certain rights regarding your personal information:

  • Access & Request a Copy: Request a copy of the personal data we hold about you
  • Correction / Update: Ask us to correct or update inaccurate or incomplete information
  • Deletion / Erasure: Request that we delete your personal information (subject to legal or business constraints)
  • Withdraw Consent: Where processing is based on consent, you may withdraw it at any time
  • Object / Restrict Processing: In certain cases, you may object to or request the restriction of processing
  • Lodge a Complaint: You may lodge a complaint with the Information Regulator (South Africa) or other competent authority

To exercise these rights, please contact us using the details below. We may ask you to verify your identity before responding to your request.

Cookies & Tracking Technologies

Our website uses cookies, pixels, web beacons, local storage, and similar technologies to track your interactions and provide core functionalities (e.g. shopping cart), analytics, personalization, and marketing.

You may disable or manage cookies through your browser settings; however, disabling certain cookies may affect the functionality of the site. Where required by law, we will obtain your prior consent before placing nonessential cookies (e.g. for marketing).

Cross-Border / International Data Transfers

If you are located outside South Africa, your personal information may be transferred to or processed in countries with different data protection laws. We will ensure that appropriate safeguards are in place (e.g. standard contractual clauses, where applicable) to protect your data in accordance with POPIA’s requirements.

Security

We implement reasonable administrative, technical, and physical safeguards to protect your personal information from unauthorized access, alteration, disclosure, or destruction. These include encryption (SSL/TLS), secure server environments, access controls, and security monitoring.

However, no method of electronic transmission or storage is completely secure, so we cannot guarantee absolute security. If a data breach occurs that materially affects your personal information, we will assess the risk and where required under law, notify affected users and regulatory authorities promptly.

Children & Minors

Our Services are not intended for children under the age of 18. We do not knowingly collect personal information from minors. If we become aware that we have collected information from a child under 18, we will take steps to delete it.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or services. We will post the updated version on our website.

Please review this policy periodically.

Contact Information & Information Officer

If you have any questions about this Privacy Policy or how we handle your data, please contact us at:

Barista’s Friend (Pty) Ltd
📧 Email: hello@baristasfriend.co.za
📞 Phone: +27 82 697 2567

Other Legal Notes

  • This Privacy Policy should be read together with our Terms & Conditions and any other policies to which you agree when using our Services.
  • Please note that your rights may be limited by applicable law, e.g. in the case of legal obligations or legitimate interests.
  • If any provision of this policy is found invalid or unenforceable, it will not affect the remaining provisions.