Privacy Policy

Beard & Blade Pty Ltd  |  Last updated: March 2026

Beard & Blade Pty Ltd (ABN 64 137 423 459 ) ("we", "us", "our") operates beardandblade.com.au. We are committed to protecting your personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

This Privacy Policy explains how we collect, use, disclose, and store your personal information when you use our website or purchase from us.

1. What Personal Information We Collect

We may collect the following types of personal information:

• Identity information: name, date of birth
• Contact information: email address, phone number, delivery and billing address
• Transaction information: order history, payment method details (not card numbers — see Section 5)
• Technical information: IP address, browser type, operating system, referral source, pages visited, and session data collected automatically via cookies and analytics tools
• Marketing preferences: email opt-in/opt-out status and communication history
• Review and feedback content submitted via our review platform

2. How We Collect Personal Information

We collect personal information:

• Directly from you when you place an order, create an account, contact us, or subscribe to marketing communications
• Automatically via cookies, pixels, and similar tracking technologies when you browse our website
• From third-party platforms (e.g. payment processors, advertising networks, analytics providers) where you have consented to that sharing

3. Why We Collect and Use Personal Information

We use your personal information for the following purposes:

• Processing and fulfilling your orders
• Managing returns, refunds, and customer service enquiries
• Sending transactional communications (order confirmations, shipping updates)
• Sending marketing communications where you have consented or where permitted under the Spam Act 2003 (Cth)
• Improving our website, product range, and customer experience through analytics
• Complying with legal obligations
• Preventing fraud and protecting the security of our platform

4. Disclosure of Personal Information

We may disclose your personal information to the following categories of third parties:

• Shopify Inc. — our e-commerce platform provider (servers located in the United States and Canada)
• Payment processors (e.g. Shopify Payments, PayPal, Afterpay) — for transaction processing only
• Logistics and shipping partners — for order fulfilment and delivery
• Email and marketing platforms (e.g. Klaviyo) — for sending communications you have consented to receive
• Analytics and advertising platforms (e.g. Google Analytics, Meta Ads) — for website analytics and targeted advertising
• Review platforms (e.g. Junip) — to facilitate product reviews
• Government or regulatory bodies — where required by law, court order, or regulatory obligation

We do not sell your personal information to third parties.

Overseas Disclosure

Some of the third parties listed above are located overseas, including in the United States, Canada, and the European Union. Where we disclose personal information to overseas recipients, we take reasonable steps to ensure those recipients handle your information in a manner consistent with the APPs. By using our website, you acknowledge that this overseas disclosure may occur.

5. Payment Information

We do not store your credit card or debit card numbers. All payment transactions are processed by PCI-DSS compliant payment gateways. Credit card data entered at checkout is encrypted via SSL/TLS and handled by the payment processor directly.

6. Cookies and Tracking Technologies

We use cookies and similar technologies to improve website functionality, analyse traffic, and support advertising.

Cookie	Type	Purpose
_session_id	Session	Stores session data (referrer, landing page) for Shopify.
_shopify_visit	Session (30 min)	Records visit count for Shopify's internal analytics.
_shopify_uniq	Session (daily)	Counts unique visits per customer per day.
cart	Persistent (2 weeks)	Stores cart contents between sessions.
storefront_digest	Persistent	Controls access to password-protected storefronts.
_ga / _gid	Persistent	Google Analytics — tracks sessions and user behaviour.
_fbp / _fbc	Persistent	Meta Pixel — supports advertising and conversion tracking.

You can control cookies through your browser settings. Disabling cookies may affect website functionality. You may also opt out of Google Analytics via the Google Analytics Opt-out Browser Add-on, and of Meta advertising via your Facebook ad preferences.

7. Data Security

We take reasonable steps to protect your personal information from misuse, loss, unauthorised access, modification, or disclosure. Our website is secured with SSL/TLS encryption. Shopify maintains industry-standard security practices including AES-256 encryption for stored data.

No method of internet transmission is 100% secure. While we strive to protect your personal information, we cannot guarantee absolute security.

8. Data Retention

We retain your personal information for as long as necessary to fulfil the purposes set out in this policy, or as required by law. Specifically:

• Order and transaction records: 7 years (tax and accounting obligations)
• Customer account data: retained while the account is active and for a reasonable period after closure
• Marketing consent records: retained for the duration of the marketing relationship and for evidential purposes thereafter

9. Your Rights

Under the Privacy Act 1988 (Cth) and the APPs, you have the right to:

• Access the personal information we hold about you
• Request correction of inaccurate or incomplete personal information
• Request deletion of your personal information (subject to legal retention requirements)
• Withdraw consent to marketing communications at any time by clicking "unsubscribe" in any email or contacting us directly
• Lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au if you believe we have breached your privacy

To exercise any of these rights, contact our Privacy Officer using the details in Section 12.

10. Notifiable Data Breaches

We are subject to the Notifiable Data Breaches (NDB) scheme under the Privacy Act 1988 (Cth). If we become aware of a data breach that is likely to result in serious harm to any affected individuals, we will notify the affected individuals and the OAIC as soon as practicable.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be notified via our website. The updated policy will take effect from the date of posting. We encourage you to review this policy periodically.

12. Contact Us

For any privacy-related enquiries, access or correction requests, or complaints, please contact our Privacy Officer:

Beard & Blade Pty Ltd
Attn: Privacy Officer
39 Henderson Road, Clayton, VIC 3168, Australia
Email: hello@beardandblade.com.au
Website: www.beardandblade.com.au

We will respond to all privacy enquiries within 30 days.