Privacy policy

Privacy Policy – BRISA

Last updated: 28/11/2025

This Privacy Policy describes how BRISA ("we", "us", or "our") collects, uses, and discloses your personal data when you visit or make a purchase from wearbrisa.com (the “Site”), or when you otherwise interact with us (the “Services”).
For the purposes of the EU General Data Protection Regulation (GDPR) and Dutch privacy law, we act as the data controller of your personal data.

Please read this Privacy Policy carefully.

1. Changes to This Privacy Policy

We may update this Privacy Policy from time to time, for example to reflect changes in law or changes to our practices. When we update the policy, we will revise the “Last updated” date and publish the updated version on this page.

2. Personal Data We Collect

A. Information You Provide Directly

We collect information that you provide to us, including:

  • Contact details: name, billing address, shipping address, phone number, email address.

  • Order information: products purchased, payment confirmation, order history.

  • Account information: username, password (encrypted), account preferences.

  • Customer support information: any information you include when contacting us.

You may choose not to provide certain information, but doing so may limit your ability to use some features of the Services.

B. Information We Collect Automatically (Cookies & Analytics)

When you visit the Site, we automatically collect certain information using cookies, pixels, and similar technologies (“Cookies”). This includes:

  • IP address

  • Browser type and device information

  • Pages viewed, time spent on the site

  • Shopping behaviour (products viewed, abandoned carts, etc.)

  • General location (based on IP)

We use this data to improve the Site, provide essential functionality (such as cart and checkout), prevent fraud, and analyse usage patterns.

For Shopify-specific cookies, see:
https://www.shopify.com/legal/cookies

C. Information from Third Parties

We may receive personal data from third parties such as:

  • Shopify – used to power our online store

  • Payment providers – such as Shopify Payments, PayPal, Klarna, etc.

  • Analytics and marketing tools – such as Google Analytics, Meta (Facebook), email marketing providers

  • Shipping companies – for delivery and tracking

All third-party providers process your personal data according to their own privacy policies.

3. Legal Bases for Processing (GDPR)

We only process your personal data when legally permitted under the GDPR. Our legal bases include:

  • Contract (Art. 6(1)(b)) – when processing is necessary to fulfill your order or provide customer service.

  • Legitimate interests (Art. 6(1)(f)) – such as improving our Services, preventing fraud, or direct marketing to existing customers.

  • Consent (Art. 6(1)(a)) – for optional cookies, newsletters, and certain marketing activities.

  • Legal obligation (Art. 6(1)(c)) – for tax and accounting requirements.

4. How We Use Your Information

We use your personal data to:

  • Process and fulfil orders

  • Provide customer service

  • Manage your account

  • Improve and optimize our Site

  • Protect against fraud and misuse

  • Send marketing communications (only with your consent where required)

  • Comply with legal obligations (tax, invoices, bookkeeping)

5. Cookies & Tracking Technologies

We use essential and non-essential cookies on our Site.

You will see a cookie banner when visiting our Site from the EU.

You may:

  • Accept all cookies

  • Reject non-essential cookies

  • Manage specific cookie preferences

Rejecting cookies may affect website functionality.

6. How We Share Your Personal Data

We may share your personal data with:

  • Service providers (Shopify, payment processors, email marketing tools, IT/cloud service providers)

  • Shipping and logistics partners

  • Professional advisors (accountants, legal advisors)

  • Authorities when required by law

  • Third-party marketing partners (only if you have given consent for marketing cookies or email marketing)

We do not sell personal data, nor do we share it with advertisers without your consent.

7. International Transfers

Shopify and some of our service providers are located outside the EU/EEA.
Where this occurs, we rely on:

  • Standard Contractual Clauses (SCCs) approved by the EU Commission

  • Countries with an adequacy decision
    to ensure your data remains protected.

8. Data Retention

We retain your personal data only for as long as necessary, including to:

  • Fulfil your orders

  • Maintain your account

  • Meet tax or regulatory obligations

  • Resolve disputes

Order records are typically kept for 7 years as required under Dutch tax law.

9. Your Rights Under GDPR

As an EU resident, you have the right to:

  • Access your personal data

  • Correct inaccurate data

  • Delete your data (“right to be forgotten”)

  • Object to processing (including marketing)

  • Restrict processing

  • Data portability (request a copy)

  • Withdraw consent at any time

  • Lodge a complaint with a data protection authority

In the Netherlands, the authority is:
Autoriteit Persoonsgegevens (AP)https://autoriteitpersoonsgegevens.nl

You may exercise your rights by contacting us.

10. Children’s Data

Our Services are not intended for children under 16.
We do not knowingly collect personal data from children.

11. Contact Details 

BRISA
M. Scottini Services
Hoogheemraadweg 36
Amsterdam, 1069 VM
Netherlands
+31619335635

Email: info@wearbrisa.com
KvK (Chamber of Commerce) Number: 91354765
VAT Number: NL004885765B34