Privacy Policy

At BRD Co. (“we,” “us,” or “our”), accessible via brd-co.com (the “Website”), we are firmly committed to safeguarding the privacy and personal data of our users, customers, and visitors. We recognize the critical importance of data protection and privacy rights, and we are dedicated to ensuring that all collected personal information is handled responsibly, lawfully, and transparently in accordance with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), where applicable.

1. Scope and Controller Responsibility

This Privacy Policy governs the use, processing, and protection of personal data collected through brd-co.com. BRD Co. is the data controller for the purposes of data protection laws, meaning we determine the purposes and means of processing personal information on our Website.

This Policy applies to all data collected through or in connection with brd-co.com, including when users submit forms, create accounts, make purchases, or otherwise interact with our services. This Policy applies regardless of the user’s location, although specific rights and obligations may vary based on local data protection laws.

2. Categories of Data We Process

Depending on how users interact with the Website, we may collect and process the following categories of personal data:

a. Usage Data
Data collected automatically through use of the Website, including browser type and version, IP address, referring/exit pages, date and time of visits, session duration, and interaction data (e.g., navigation paths).

b. Account Data
Information provided when users create or modify an account, including full name, billing and shipping addresses, email address, and phone number.

c. Profile Data
Information related to preferences, selected interests, past purchases, and behavioral patterns on the Website.

d. Communication Data
Records of communications, inquiries, support requests, and contact history, including data users submit when contacting our support team.

e. Technical Data
Device-related information such as device type, operating system, system settings, time zone, installed fonts, and system-generated identifiers like device ID or MAC address.

f. Transaction Data
Information related to purchases and payments made via the Website, including payment method (processed securely through third parties), shipping preferences, and delivery tracking details.

g. Preference Data
Marketing preferences, opt-in/opt-out choices, product interest information, and other express consents users provide.

3. Legal Bases for Processing

We process personal data based on one or more of the following lawful grounds:

– Consent: Where users have provided explicit consent, particularly for marketing communications or optional data collection (e.g., cookies).
– Contractual Necessity: To perform obligations under a contract with you, such as account management or order fulfillment.
– Legal Obligation: Where processing is required by applicable law, such as tax or regulatory compliance.
– Legitimate Interest: Where processing is necessary for our legitimate business interests, such as service improvement, website analytics, and fraud prevention, provided such interests are not overridden by users’ rights and interests.

4. Your Rights

You have specific legal rights regarding your personal data. Subject to certain legal conditions and restrictions, you may:

– Access: Request confirmation of whether your personal data is being processed and request a copy of that data.
– Rectification: Request correction of inaccurate or incomplete personal data.
– Erasure (Right to be Forgotten): Request deletion of your personal data where legally permissible.
– Restriction of Processing: Request a temporary or permanent restriction on the processing of your data.
– Data Portability: Request to receive your personal data in a structured, commonly used, and machine-readable format, or request it be transmitted to another controller.

To exercise your rights, please contact us at [email protected]. We will respond in accordance with applicable legal timelines.

5. Security Measures

We employ technical and organizational safeguards to protect your data from loss, misuse, unauthorized access, disclosure, alteration, or destruction. These include:

– End-to-end encryption protocols for data in transit and at rest.
– Role-based access controls and user authentication mechanisms.
– Regular data backups and disaster recovery planning.
– Ongoing staff training in data handling and security protocols.

6. International Data Transfers

We operate globally and may transfer, process, or store your data to a country outside your country of residence, including to countries that may not provide the same level of data protection. In such cases, we ensure appropriate safeguards are in place, including:

– Standard Contractual Clauses approved by the European Commission.
– Compliance with regional frameworks such as Privacy Shield (where applicable).
– Transfer impact assessments and contractual obligations on data recipients.

7. Data Retention

We retain personal data only for as long as necessary for the purpose it was collected, including to comply with legal, accounting, or reporting obligations. Retention periods vary depending on categorization and processing grounds:

– Account and Profile Data: Retained for as long as you maintain an active account.
– Communication Data: Retained for 2 years from the last contact, unless a legal obligation requires longer retention.
– Transaction Data: Stored for 7 years for tax and audit requirements.
– Marketing Preferences: Stored until you withdraw consent or unsubscribe.
– Technical and Usage Data: Aggregated and anonymized after 12 months unless required for critical diagnostics.

8. Cookies and Tracking Technologies

We use cookies and similar technologies on brd-co.com to enhance user experience and improve our services. The types of cookies used include:

– Essential Cookies: Necessary for website functionality and core services (e.g., shopping cart, account login).
– Functional Cookies: Enable personalization features, such as remembering user preferences.
– Analytics Cookies: Collect anonymous information for aggregated reporting on user behavior and traffic patterns (e.g., Google Analytics).
– Performance Cookies: Measure performance of our Website to assist in debugging and optimizing experience.

9. Cookie Management and User Controls

By engaging with brd-co.com, you are given the option to accept or reject cookies. You may modify your cookie preferences at any time using the cookie settings interface on our Website. Additionally, you may control cookie usage through your browser settings.

Under the GDPR and CCPA, you have the right to:

– Opt out of non-essential cookies
– Withdraw your consent for cookie-based tracking at any time
– Be informed of the purposes and categories of cookies deployed

To manage your preferences, use the cookie banner or settings panel presented upon your visit.

10. Children’s Privacy

Our Website is not directed at individuals under the age of 13, and we do not knowingly collect personal data from anyone under 13 years old. If we become aware that we have inadvertently collected data from a child under 13, we will take prompt steps to delete such information.

If you are a parent or legal guardian and believe your child has submitted personal information to us, please contact us at [email protected].

11. Policy Updates

We reserve the right to update or amend this Privacy Policy to reflect legal, technical, or business developments. Where materially significant changes are made, we will notify users via the Website or direct communication and, where required by law, request renewed consent.

We encourage you to review this Policy periodically to stay informed of how we protect your privacy.

12. Contact Us

For all inquiries about this Privacy Policy, to exercise your data protection rights, or to submit a concern or complaint, please contact us at:

Email: [email protected]
Website: https://brd-co.com

We are committed to full compliance with data protection laws and ensuring transparency regarding our data practices. We welcome feedback, questions, and concerns, and we will respond promptly and appropriately in accordance with our legal obligations.