Privacy policy

Privacy Policy

This Privacy Policy explains how Lynch Coffee Co Pty Ltd (trading as Cherry Mouth Roasters, “we”, “us”, “our”) collects, uses, discloses and safeguards your personal information when you visit https://cherrymouth.com (the “Site”), make a purchase, or interact with our services.

We comply with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). By using the Site, you agree to this Policy. If you do not agree, please do not use the Site.

What We Collect

We may collect the following information:

  • Identity & Contact: name, email, phone number, billing and shipping addresses.
  • Order Details: items purchased, order notes, gift messages.
  • Payment Info: processed securely by payment gateways (we do not store card numbers).
  • Account & Subscription Data: login, preferences, subscription selections, delivery intervals.
  • Support & Communications: messages you send us (email, forms).
  • Device & Usage: IP address, browser, device type, pages viewed, cookies, and analytics events.

How We Use Your Information

  • To fulfil orders and provide our products/services (roast-to-order coffee, equipment, subscriptions).
  • To manage your account, subscriptions (via Seal Subscriptions), and customer support.
  • To process payments and prevent fraud (via Shopify Payments and/or other gateways).
  • To communicate about orders, delivery, policy updates, and—with your consent—marketing.
  • To improve our Site, products, logistics, and customer experience through analytics.
  • To comply with laws, regulatory requirements, and our Terms & Conditions.

Legal Bases (EU/UK visitors)

Where GDPR/UK GDPR applies, we process personal data on the bases of: contract (order fulfilment), legitimate interests (fraud prevention, analytics, product improvement), consent (marketing cookies/emails), and legal obligation.

Disclosure to Third Parties

We share data with service providers only as needed to provide and improve the Site and services:

  • Shopify (store platform, hosting, checkout, fraud prevention).
  • Payment gateways (e.g., Shopify Payments, PayPal, Afterpay/Klarna if enabled).
  • Subscriptions: Seal Subscriptions (manages recurring orders and customer portal).
  • Shipping & Logistics: Australia Post and couriers (labels, tracking, delivery).
  • Analytics & Marketing: Google Analytics, Meta (Facebook/Instagram) Ads, email/SMS tools (if enabled).
  • IT & Security: hosting, backup, and anti-fraud tools.

We may disclose information to comply with legal obligations, respond to lawful requests, or protect our rights, users, or the public.

International Transfers

Some providers may store or process data outside Australia (e.g., the USA, EU, UK, Canada). We take reasonable steps to ensure overseas recipients protect your information in line with the APPs.

Cookies & Tracking

We use cookies and similar technologies to operate the Site, remember preferences, enable checkout, and measure performance. Categories include:

  • Strictly Necessary – required for core functionality and checkout.
  • Performance/Analytics – help us understand how the Site is used.
  • Functional – remember preferences (e.g., currency, login).
  • Marketing – personalise ads and measure campaign effectiveness.

You can manage cookies via your browser settings. Some features may not work if you block certain cookies. Where required, we present a cookie banner to capture consent for non-essential cookies.

Marketing Communications

With your consent, we may send marketing emails or SMS about new releases, offers, and events. You can unsubscribe at any time via the link in the message or by contacting us. Transactional messages (e.g., order confirmations, delivery updates) are not marketing and will continue as needed to fulfil your order.

Data Retention

We retain personal information for as long as necessary for the purposes above, including legal, tax, and accounting requirements, or to resolve disputes and enforce agreements. When no longer needed, we take reasonable steps to de-identify or securely destroy the data.

Security

We use reasonable technical and organisational measures to protect personal information (HTTPS, access controls, limited retention). However, no method of transmission or storage is 100% secure.

Your Rights

Subject to the Privacy Act and APPs, you may request to access or correct your personal information. Contact us using the details below. If you are in the EU/UK where GDPR applies, you may also have rights to erasure, restriction, portability, and objection, and to withdraw consent for marketing at any time.

Children

Our Site is not intended for individuals under the age of majority. We do not knowingly collect personal information from children. If you believe a child has provided personal information, please contact us to delete it.

Links to Other Sites

Our Site may contain links to third-party websites. We are not responsible for their privacy practices. Review their policies before providing personal information.

Changes to This Policy

We may update this Privacy Policy from time to time. The “Last updated” date will reflect the latest version. Your continued use of the Site after changes means you accept the updated Policy.

Contact Us

If you have questions, want to access/correct your information, or make a privacy complaint, please contact:

Email: admin@cherrymouth.com
Business: Lynch Coffee Co Pty Ltd (trading as Cherry Mouth Roasters)

Related Policies

Last updated: