FREE DELIVERY ON ORDERS OVER $60

Privacy Policy

Danes Coffee Roasters

Last updated: 29 April 2026

1. About this Privacy Policy

This Privacy Policy explains how DANES MANAGEMENT SERVICES PTY LTD (ABN: 78 092 036 792), trading as Danes Coffee Roasters ("Danes", "we", "us", "our"), collects, holds, uses, discloses and protects your personal information when you visit, use or make a purchase from danes.com.au (the "Site"), interact with us on social media, attend our cafe or events, or otherwise communicate with us (together, the "Services").

We are bound by the Privacy Act 1988 (Cth) ("Privacy Act") and the Australian Privacy Principles ("APPs"). This Policy describes how we meet those obligations.

By using the Services, you acknowledge this Privacy Policy. If you do not agree, please do not use the Services.

2. What information we collect

2.1 Information you give us

  • Identity and contact details: name, email, phone, billing and shipping address.
  • Order and payment information: items purchased, order history, delivery preferences, and the payment method you use. Card details are entered directly into our payment provider's secure environment — we do not store full card numbers (see section 4).
  • Account information: the email and credentials you choose to access your account. Passwords are stored only as one-way cryptographic hashes and cannot be read by us.
  • Marketing preferences: subscription status for our newsletter, SMS list, and any product-specific notifications.
  • Customer communications: anything you send us via email, contact forms, live chat, social media, or in person.
  • Loyalty, rewards and gift card information: where you participate in a rewards or referral program, or purchase or redeem a gift card — your activity, balances, and redemption history.
  • User-generated content: reviews, ratings, photos, comments and other content you submit publicly through the Site or our social channels.

2.2 Information collected automatically

When you visit the Site, we and our service providers automatically collect:

  • Device and browser information: IP address, device type, browser type and version, operating system, referring URL, language settings.
  • Usage information: pages viewed, items searched and added to cart, session duration, click paths, and approximate location derived from IP address.
  • Cookie and similar tracking data: see section 7.

2.3 Information from third parties

We may receive information about you from:

  • Payment providers (confirmation of successful payment, fraud signals).
  • Shipping carriers (delivery status and address validation).
  • Social media platforms when you interact with our pages, click an ad, or use a social login.
  • Marketing, analytics and advertising providers.
  • Wholesale or trade customers who add you to an account.

2.4 Sensitive information

We do not knowingly collect "sensitive information" as defined in the Privacy Act (such as health, racial, political, religious, or biometric information) and ask that you do not provide it to us.

3. How we use your information

We use personal information to:

  • Process and fulfil your orders, including payment, shipping, returns, exchanges and refunds.
  • Manage your account and respond to your enquiries.
  • Operate, maintain, secure and improve the Site and our products.
  • Detect, prevent and respond to fraud, abuse, and security incidents.
  • Send transactional messages (order confirmations, shipping updates, account notices).
  • With your consent, send marketing communications about our products, offers, events, and content. You can opt out at any time — see section 8.
  • Personalise your experience, including product recommendations and relevant offers.
  • Conduct research and analytics on usage trends.
  • Comply with our legal, tax, accounting and regulatory obligations.
  • Enforce our terms of service and protect our legal rights.

We do not currently use automated decision-making that produces legal or similarly significant effects on you. If this changes, we will update this Policy in line with the transparency obligations that take effect on 10 December 2026 under the Privacy and Other Legislation Amendment Act 2024 (Cth).

4. Who we disclose your information to

We share personal information only as needed to run our business or meet legal obligations. Categories of recipients include:

  • Shopify Inc. — our e-commerce platform, which hosts the Site and processes order data.
  • Payment processors — Shopify Payments, Stripe, PayPal, Afterpay, Zip to process payments and assess fraud risk.
  • Shipping and logistics providers — Australia Post, Shippit, StarTrack, Aramex to deliver your orders.
  • Email and SMS marketing platforms — Klaviyo to send communications you have subscribed to.
  • Analytics, advertising and personalisation providers — Google Analytics, and Meta Pixel, to measure performance and serve relevant advertising. See section 7.
  • Customer support, reviews and loyalty tools —  Judge.me, and Smile.io where used.
  • Professional advisers — accountants, auditors, insurers and lawyers, where reasonably required.
  • Government agencies, regulators or law enforcement — where required or authorised by law.
  • A purchaser or successor — in connection with the sale, merger, restructure or insolvency of our business.

We do not sell your personal information.

5. Overseas disclosure

Some of the providers listed in section 4 store or process personal information outside Australia. The countries most commonly involved are Canada, the United States, the United Kingdom, Ireland, Singapore and other locations where our providers operate data centres. We take reasonable steps to ensure overseas recipients handle your information consistently with the APPs, including through written contractual protections.

6. How long we keep your information

We retain personal information only for as long as needed for the purposes described in this Policy or as required by law. Indicative retention periods:

  • Transaction and tax records: at least 5 years from the date of the transaction, in line with ATO record-keeping requirements.
  • Account information: for as long as your account is active, plus a reasonable period for security, dispute resolution and legal compliance.
  • Marketing data: until you unsubscribe or withdraw consent, plus a short period for compliance auditing.
  • Customer support correspondence: typically 24 months after resolution, unless we are required to retain it longer.
  • Server logs and analytics: typically 14–26 months, depending on the provider.

When information is no longer required, we delete it or irreversibly de-identify it.

7. Cookies and similar technologies

The Site uses cookies and similar technologies (pixels, tags, local storage, SDKs) to:

  • Keep you signed in, remember your cart, and provide core Site functionality (strictly necessary).
  • Remember your preferences such as language or region (functional).
  • Understand how the Site is used so we can improve it (analytics).
  • Show you relevant offers on the Site and on third-party platforms (marketing/advertising).

You can manage your preferences via the cookie banner on our Site, and you can disable cookies through your browser settings. Disabling strictly necessary cookies will affect core functionality such as checkout.

For information about cookies set by our e-commerce platform, see Shopify's Cookie Policy.

8. Direct marketing and your choices

We will only send you marketing where you have opted in, or where otherwise permitted under the Spam Act 2003 (Cth) and the Privacy Act. Every marketing email and SMS will identify us and include a functional unsubscribe option.

You can opt out at any time by:

  • Clicking the "unsubscribe" link in any marketing email.
  • Replying STOP to a marketing SMS.
  • Updating your preferences in your account.
  • Contacting us at the details in section 13.

We will action opt-out requests within 5 business days. Even after you opt out of marketing, we will still send essential transactional and account-related messages (e.g. order confirmations, recall notices).

9. Your privacy rights

Under the Privacy Act, you have the right to:

  • Access the personal information we hold about you.
  • Correct any information that is inaccurate, out of date, incomplete or misleading.
  • Request deletion of your personal information where it is no longer necessary for the purpose collected, you have withdrawn consent, or it has been unlawfully collected.
  • Withdraw consent to processing where we rely on consent, including for marketing.
  • Deal with us anonymously or under a pseudonym where it is lawful and practicable to do so.
  • Make a complaint about our handling of your personal information (see section 12).

To exercise any of these rights, contact us using the details in section 13. We will respond within 30 days. We may need to verify your identity before acting on a request, and in some cases (for example, where we have a legal obligation to retain information) we may not be able to action a request in full — we will explain why in writing.

There is no charge to access your personal information, although we may charge a reasonable fee for providing copies in certain formats.

10. Security

We take reasonable technical and organisational measures to protect personal information against loss, misuse, unauthorised access, modification, or disclosure, including:

  • Encryption of data in transit (HTTPS / TLS).
  • Access controls and least-privilege permissions for staff and contractors.
  • Use of reputable, security-audited service providers (such as Shopify and PCI-DSS-compliant payment processors).
  • Staff training on privacy and information security.
  • Regular review and update of our security practices.

No system is perfectly secure. If we become aware of a data breach that is likely to result in serious harm, we will notify affected individuals and the Office of the Australian Information Commissioner ("OAIC") as required under the Notifiable Data Breaches scheme.

11. Children

Our Services are not directed at children under 16. We do not knowingly collect personal information from children under 16 without the verifiable consent of a parent or guardian. If you believe a child has provided us with personal information, please contact us and we will take reasonable steps to delete it.

We will update our practices as required by the Children's Online Privacy Code being developed by the OAIC (expected to be registered by 10 December 2026).

12. Complaints

If you believe we have breached the Privacy Act or the APPs, please contact us first using the details in section 13. We will acknowledge your complaint within 5 business days and aim to provide a substantive response within 30 days.

If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner:

  • Website: oaic.gov.au
  • Phone: 1300 363 992
  • Mail: GPO Box 5288, Sydney NSW 2001

13. Contact us

Customer Care Team: Danes Coffee Roasters | 28 Dale Street, Brookvale NSW 2100, Australia
Email: info@danes.com.au
Phone: (02) 9938 4522

14. Customers outside Australia

If you are visiting the Site from outside Australia, your information may be transferred to, stored in, and processed in Australia and the other countries listed in section 5. By using the Services, you consent to this transfer.

If you are located in the European Economic Area or the United Kingdom, you have additional rights under the GDPR / UK GDPR, including the right to object to processing, the right to data portability, and the right to lodge a complaint with your local data protection authority. Where we rely on a lawful basis other than consent (such as performance of a contract or legitimate interests), we will explain this on request.

If you are a California resident, you have certain rights under the CCPA/CPRA, including the right to know, the right to delete, the right to correct, and the right to opt out of the "sale" or "sharing" of personal information. We do not sell personal information.

If you are in New Zealand, our handling of your information is also subject to the Privacy Act 2020 (NZ).

15. Changes to this Policy

We may update this Privacy Policy from time to time. The "Last updated" date at the top of this Policy will reflect any changes. Where changes are material, we will provide reasonable advance notice (for example, by email to subscribers or a prominent notice on the Site) before the changes take effect.

Footer image

© 2026 Danes Coffee Roasters, Powered by Shopify

  • Footer bottom image
  • American Express
  • Apple Pay
  • Google Pay
  • Mastercard
  • PayPal
  • Shop Pay
  • Union Pay
  • Visa