Politique de confidentialité

BRÍ Wellness – Privacy Policy

Last updated: October 21, 2025

BRÍ Wellness Limited (“BRÍ”, “we”, “us”, “our”) operates this website and online store (the “Services”). We are the Data Controller for personal data collected via the Services. Our store is hosted on Shopify. This Privacy Policy explains how we collect, use, share, secure, and retain your personal data, and the rights available to you under GDPR.

1) Who we are & contact details

Controller: BRÍ Wellness Limited, Unit 10, Docklands Business Park, Limerick, Ireland. Company No.: 785303. VAT: IE04416948BH.
Email: hello@briwellness.ie

2) What personal data we collect

We collect the following categories of data, depending on how you use the Services:

  • Identity & Contact: name, email, phone, billing/shipping addresses.
  • Account: login email, hashed password, preferences.
  • Order & Payments: items purchased, order history, delivery details; payment status/confirmation from our payment processors (card numbers are not stored by BRÍ).
  • Device & Usage: IP address, device/browser type, cookies, pages viewed, on-site actions (e.g., add-to-cart), marketing attribution.
  • Communications: support messages, survey/quiz responses (see RevenueHunt below), email engagement.
  • Inferences: product interests derived from quiz answers or browsing.

3) How we collect data

  • Directly from you: checkout, account creation, forms, support, quiz.
  • Automatically: via cookies, pixels, SDKs and similar technologies.
  • From our processors: order, payment, fulfilment, analytics and marketing partners acting on our instructions.

4) Our lawful bases for processing (GDPR Article 6)

  • Contract: to process your order, take payment, arrange delivery, manage returns.
  • Legitimate interests: to prevent fraud, secure our Services, understand performance, personalise your experience, and market to existing customers (soft opt-in where permitted).
  • Consent: for non-essential cookies/analytics/ads; for marketing to non-customers; for the product quiz profiling where required.
  • Legal obligation: tax/VAT records, consumer-rights compliance, regulatory requests.

5) How we use your data

  • Provide & improve the Services: checkout, delivery, returns, account features, customer support.
  • Personalise & recommend: show relevant products and content based on browsing, orders, and quiz results.
  • Marketing (subject to your choices): email flows, onsite messages, ads measurement.
  • Security & fraud prevention: detect abusive or fraudulent activity; protect accounts.
  • Compliance: tax, accounting and consumer-law obligations.

6) Our ecommerce & marketing stack (processors)

We use trusted service providers that process personal data on our behalf under Data Processing Agreements and appropriate safeguards:

  • Shopify (Store & Checkout): store hosting, checkout, payments integrations, fraud screening, analytics, “Shopify Customers” features. Privacy: shopify.com/legal/privacy. Sub-processors list & SCCs apply for transfers outside the EEA/UK.
  • Seal Subscriptions: subscription management (billing schedule, dunning, customer portal events). Privacy: sealsubscriptions.com/privacy-policy.
  • Klaviyo: email/SMS automation, flow analytics, segmentation (uses Shopify & quiz events where we’ve configured). Privacy: klaviyo.com/legal/privacy.
  • RevenueHunt (Product Quiz): collects quiz answers to recommend BRÍ products and create segments. Privacy: revenuehunt.com/privacy-policy.
  • Fulfilment & carriers: to pick, pack and deliver orders; receive your name, address, email/phone for delivery updates.
  • Payments: PCI-DSS compliant gateways process your card details; we receive only payment confirmations.
  • Analytics/ads & cookies: performance measurement, attribution and audience creation where consented.

We require all processors to implement appropriate technical and organisational security measures and to process data only on our documented instructions.

7) Cookies & similar technologies

We use essential cookies for core site functions (e.g., cart, checkout) and, with your consent, analytics and advertising cookies. You can manage preferences via our cookie banner and your browser settings. See our Cookies Policy for details, including cookie lifetimes and vendors.

8) International transfers

Some processors (e.g., Shopify, Klaviyo) may process data outside the EEA/UK. Where they do, we rely on lawful transfer mechanisms such as the European Commission’s Standard Contractual Clauses (SCCs) and (where applicable) the UK Addendum, alongside supplementary measures.

9) How we share data

  • With processors listed above to operate the Services.
  • With carriers & fulfilment partners to deliver your order.
  • With authorities when required by law (e.g., tax, law enforcement).
  • Business transfers (e.g., merger or acquisition) where your data may transfer with appropriate safeguards.

We do not sell your personal data. We only use targeted advertising where consented and as permitted by law.

10) Retention

We retain personal data only as long as necessary for the purposes described:

  • Orders & tax records: 6 years (or longer where required by law).
  • Customer accounts: active period plus 24 months of inactivity, then deletion/anonymisation.
  • Marketing: until you withdraw consent or object (and for a brief period thereafter to record your opt-out).
  • Support tickets: up to 24 months after closure unless needed to resolve disputes or comply with law.

11) Your rights (EEA/UK)

Subject to conditions and exemptions, you have the right to:

  • Access your personal data and receive a copy;
  • Rectify inaccurate or incomplete data;
  • Erase data (right to be forgotten);
  • Restrict processing in certain circumstances;
  • Object to processing based on legitimate interests or to direct marketing;
  • Portability of data you provided to us;
  • Withdraw consent where processing is based on consent (this does not affect prior lawful processing).

To exercise your rights, email hello@briwellness.ie. We may verify your identity before responding.

12) Marketing choices

You can opt-out of marketing emails at any time via the unsubscribe link in our emails or by contacting us. We will still send essential transactional emails (e.g., order confirmations).

13) Security

We employ appropriate technical and organisational measures to secure your data (e.g., encryption in transit, access controls, least-privilege). No method is 100% secure; please keep your account credentials confidential and notify us of any suspected unauthorised use.

14) Children

Our Services are intended for adults and are not directed to individuals under 18. We do not knowingly collect personal data from children.

15) Complaints

If you have concerns, please contact us first at hello@briwellness.ie. You also have the right to lodge a complaint with the Irish Data Protection Commission: dataprotection.ie.

16) Changes to this Policy

We may update this Policy to reflect changes to our practices or for legal reasons. We will post updates here and revise the “Last updated” date. Where required, we will notify you of material changes.