Privacy Policy

Last updated: 10 February 2026

Mother City Chai (“we”, “us”, “our”) respects your privacy and is committed to protecting your personal information. This Privacy Policy explains how we collect, use, store, and disclose personal information when you visit or make a purchase from mothercitychai.com (the “Site”).

This policy has been designed to comply with:

• Australian Privacy Act 1988 (Cth) and Australian Consumer expectations

• General Data Protection Regulation (GDPR) for EEA residents

• Protection of Personal Information Act, 2013 (POPIA) of South Africa

1. Personal Information We Collect

Information You Provide to Us

When you interact with our Site or place an order, we may collect:

• Full name

• Email address

• Phone number

• Billing and shipping address

• Payment details (processed securely by third-party providers)

• Order history and customer communications

Information Collected Automatically

When you browse our Site, we may automatically collect:

• IP address and device identifiers

• Browser type, time zone, and operating system

• Pages viewed, products interacted with, and referral sources

• Cookies and similar tracking technologies

Together, this information is referred to as Personal Information.

2. Lawful Basis for Processing Personal Information

We only collect and process personal information where we have a lawful basis to do so, including:

• Contractual necessity – to fulfil orders and deliver products

• Legitimate business interests – to operate, improve, and secure our business

• Consent – for marketing communications and optional cookies

• Legal obligations – accounting, tax, and regulatory compliance

This framework aligns with ACL expectations, GDPR Article 6, and POPIA’s conditions for lawful processing.

3. How We Use Your Personal Information

We use your Personal Information to:

• Process and fulfil orders

• Communicate with you regarding purchases or enquiries

• Provide customer support

• Send marketing communications where you have opted in

• Improve website performance, usability, and customer experience

• Detect and prevent fraud or misuse

We do not sell your personal information.

4. Sharing Your Personal Information

We only share personal information with trusted service providers who assist us in operating our business.

Our online store is hosted by Shopify, which securely stores your data and processes it in accordance with industry standards.

We may also disclose personal information:

• Where required by law or legal process

• To protect our rights, customers, or business

• In connection with a business transfer or restructure

5. International Data Transfers

As an international brand operating between Australia, South Africa, and other regions, your personal information may be transferred to and processed in countries outside your place of residence.

We ensure appropriate safeguards are in place, including:

• Secure platforms

• Contractual protections

• Compliance with GDPR transfer mechanisms and POPIA safeguards

6. Cookies & Tracking Technologies

We use cookies and similar technologies to:

• Enable core website functionality

• Remember preferences

• Analyse traffic and performance

You may control cookies through your browser settings. Disabling cookies may affect site functionality.

7. Your Rights

Australian Residents (Privacy Act)

You have the right to:

• Access personal information we hold about you

• Request corrections to inaccurate or outdated information

• Make a privacy complaint

European Economic Area (GDPR)

You have the right to:

• Access your personal data

• Rectify inaccurate data

• Request erasure (“right to be forgotten”)

• Restrict or object to processing

• Data portability

• Withdraw consent at any time

South African Residents (POPIA)

You have the right to:

• Access and correct personal information

• Object to processing

• Request deletion or destruction of personal information

• Lodge a complaint with the Information Regulator

8. Data Retention

We retain personal information only for as long as necessary to:

• Fulfil the purposes outlined in this policy

• Meet legal, tax, and accounting requirements

When information is no longer required, it is securely deleted or anonymised.

9. Data Security

We take reasonable and appropriate technical and organisational measures to safeguard your personal information. Payment data is encrypted and handled by secure third-party payment processors. We do not store full payment details.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in law or business practices. Updates will be posted on this page with a revised date.

11. Contact Us

If you have questions, requests, or complaints regarding this Privacy Policy or how your personal information is handled, please contact us.