Privacy Policy

Last updated: May 19, 2026

This Privacy Policy explains what personal data Bremsole collects, why we collect it, how we use it, who we share it with, how long we keep it, and the rights you have over your own information. It applies to anyone who visits our website, creates an account, places an order, or otherwise interacts with our Services.

1. Who we are

Bremsole is the data controller for the personal data we process about you. Our registered place of business is Xom Diem Bay, Chau Quang, Quy Hop, Nghe An, Vietnam. You can reach our privacy desk at [email protected] with the subject line “Privacy”.

2. Information we collect

We collect personal data in three ways: information you give us, information we collect automatically, and information from third parties.

  • Information you give us — name, email address, postal address, phone number, payment details (handled by our payment processors and not stored on our servers in clear text), order history, account password (hashed), product reviews and any messages you send us.
  • Information collected automatically — IP address, browser type and version, operating system, referring URL, pages viewed and time spent, device identifiers, and rough geolocation derived from IP.
  • Cookies and similar technologies — see section 6 below.
  • From third parties — fraud-screening signals from our payment processors, delivery status updates from shipping carriers, and analytics events from privacy-respecting analytics vendors.

3. How we use your information

  • To process and deliver your orders, including printing shipping labels and answering related queries;
  • To operate the account features you opt into (saved addresses, order history, wishlist);
  • To screen for and prevent fraud, abuse and security incidents;
  • To respond to your enquiries, reviews and customer-service requests;
  • To send transactional emails (order confirmation, shipping notice, delivery follow-up);
  • To send marketing emails — only where you have opted in, and only with a working one-click unsubscribe in every message;
  • To comply with our legal and tax-record-keeping obligations;
  • To analyse aggregated, non-identifying trends to improve our products and website.

4. Legal basis for processing (GDPR / UK GDPR)

  • Performance of a contract (Art. 6(1)(b)) — order fulfilment, account services, returns processing.
  • Legal obligation (Art. 6(1)(c)) — tax, VAT/IOSS, anti-fraud and consumer-protection records.
  • Legitimate interest (Art. 6(1)(f)) — fraud prevention, network security, basic non-personalised analytics, defending legal claims.
  • Consent (Art. 6(1)(a)) — marketing emails, non-essential cookies, the use of testimonial photos you submit with reviews.

5. Sharing with third parties

We share personal data only with the categories of recipient listed below, and only the minimum data needed for them to perform the function:

  • Payment processors — Stripe, PayPal, and the card networks (Visa, Mastercard, American Express). Card details are tokenised and never stored in clear text on our servers.
  • Shipping carriers — Vietnam Post, DHL, FedEx, UPS and the relevant local last-mile partners; they receive your name, address and phone number.
  • Tax and fraud compliance vendors — IOSS / VAT reporting providers; fraud-screening engines.
  • Analytics — privacy-respecting analytics that record aggregated page-view metrics without persistent cross-site identifiers, where consented.
  • Email delivery — transactional and marketing email service providers operating under data-processing agreements with us.
  • Legal authorities — where we are required to disclose by valid legal process, after assessing the request.

We do not sell your personal data to anyone, ever.

6. Cookies

We use a small set of cookies. Strictly-necessary cookies (cart contents, currency selection, login session, CSRF token) load on every visit because the site cannot function without them. Analytics and marketing cookies load only after you accept the cookie banner. You can change your choices at any time through the cookie banner re-open link in the footer or by clearing cookies in your browser.

7. Data retention

  • Order records — 10 years (Vietnamese tax-record retention requirement, also aligned with most EU jurisdictions).
  • Account profile — for as long as the account is active, deleted within 30 days of an erasure request unless retention is required for a legal obligation.
  • Marketing email subscriptions — until you unsubscribe.
  • Server logs — 90 days, then aggregated or deleted.
  • Customer-service email threads — 3 years from the last message, for reference on warranty and dispute matters.

8. Security measures

We encrypt the entire site in transit using TLS 1.2+. Payment data is tokenised at the processor and never persisted on our servers in clear text. Admin access is restricted to a small named team, secured with strong passwords and second-factor authentication. We patch our platform regularly and run periodic backups stored encrypted at rest in a separate region. In the unlikely event of a breach affecting your personal data we will notify both the relevant supervisory authority and the affected users in line with applicable law.

9. Your rights

Depending on your jurisdiction you have the right to:

  • Access the personal data we hold about you;
  • Rectify inaccurate or incomplete data;
  • Erase data we no longer need to retain (“right to be forgotten”);
  • Restrict or object to certain types of processing, including direct marketing;
  • Data portability — receive your data in a structured, commonly used and machine-readable format;
  • Withdraw consent at any time for processing based on consent;
  • Lodge a complaint with a supervisory authority in your jurisdiction.

To exercise any right above, email [email protected] with the subject “Privacy”. We respond within 30 days, and may ask you to verify your identity to protect your data from unauthorised access.

10. Children’s privacy

Our Services are not directed to children under 16. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us and we will delete it promptly.

11. International data transfers

Bremsole is based in Vietnam. To deliver an international order or to run hosted infrastructure, your personal data may be transferred to and processed in jurisdictions outside your country of residence. Where we transfer personal data from the EEA, UK or Switzerland we rely on Standard Contractual Clauses or equivalent safeguards approved by the relevant authorities.

12. Third-party links

Our website may link to third-party sites (social media, payment processors, partner brands). We are not responsible for the privacy practices of those sites. Please review their privacy policies before submitting personal data.

13. Changes to this policy

We may update this Privacy Policy from time to time. The “Last updated” date at the top reflects the most recent version. Material changes will be highlighted at the top of the page for at least 30 days following publication.

14. Contact

For any privacy or data-protection enquiry, including data-subject-rights requests, contact our privacy desk at [email protected]. We treat every request seriously and respond within 30 days.

Contact

Bremsole
Xom Diem Bay, Chau Quang, Quy Hop, Nghe An, Vietnam

Phone: +84 387 612 459
Email: [email protected]
Business hours: Mon–Fri 9:00–18:00 ICT, Sat 9:00–12:00 ICT, Sun closed

My Cart
Wishlist
Recently Viewed
Categories
USDEURGBP