Privacy Policy
Last updated: May 12, 2026
This Privacy Policy explains how Breame (“Breame,” “we,” “us”) collects, uses, shares, and protects information when you visit our website, purchase the program, or otherwise interact with our Service. We are the data controller responsible for your personal information.
1. Information we collect
Information you provide directly
- Name and email address (when you purchase the program or contact us)
- Billing address (required by our payment processor)
- Any messages or correspondence you send us
Information collected automatically
- Device and browser information (browser type, operating system, screen size)
- IP address and approximate geographic location (country/region)
- Pages visited, time on site, and referring URL
- Core Web Vitals performance metrics
Payment information
Payment card details are collected and processed directly by Stripe, Inc. We do not receive or store your full card number, CVC, or expiration date. We receive only a transaction ID, the last four digits of your card, and the payment status.
2. How we use your information
We use your information to:
- Process and fulfill your purchase
- Deliver the program and any related communications
- Provide customer support and respond to inquiries
- Send transactional emails (purchase confirmation, download links)
- Detect and prevent fraud, abuse, and security incidents
- Measure and improve the Service via aggregated analytics
- Comply with our legal obligations
Our legal bases for processing (under EU/UK GDPR) are: (a) performance of the contract for your purchase, (b) our legitimate interests in operating and improving the Service, (c) compliance with legal obligations, and (d) your consent where required.
3. How we share your information
We do not sell your personal information. We share it only with the following service providers and only as needed:
- Stripe, Inc., for payment processing. See the Stripe Privacy Policy.
- Vercel Inc., for hosting, analytics, and performance measurement. See the Vercel Privacy Policy.
- Email service provider - [NAME OF PROVIDER, e.g. Resend, Postmark] for transactional emails.
- Legal authorities, where required by law, court order, or to protect rights, safety, or property.
We may also share aggregated or anonymized information (which cannot reasonably identify you) for any purpose.
4. Cookies and similar technologies
We use a small number of cookies and similar technologies:
- Strictly necessary cookies, required for the Service to function (e.g. checkout session state).
- Analytics cookies, set by Vercel Analytics and Speed Insights to measure usage and performance. These are anonymized and aggregated where possible.
You can control cookies through your browser settings. Disabling strictly necessary cookies may prevent parts of the Service (such as checkout) from working.
5. International data transfers
Our service providers (Stripe, Vercel) are based in the United States and other countries. Your information may be transferred to, processed, and stored outside the country where you live, including in the United States, which may not provide the same level of protection as your home country. Where required, we rely on Standard Contractual Clauses or equivalent safeguards approved by the European Commission and the UK ICO.
6. How long we keep your information
We retain personal information for as long as needed to provide the Service and comply with our legal obligations. Specifically:
- Purchase records: 10 years (for tax and accounting compliance)
- Email correspondence: 3 years after last contact
- Analytics data: aggregated and retained per provider defaults
When information is no longer needed, we delete or anonymize it.
7. Your rights
Depending on where you live, you may have the following rights regarding your personal information:
- Access, request a copy of the information we hold about you
- Correction, ask us to fix inaccurate information
- Deletion, ask us to delete your information
- Restriction, ask us to limit how we use your information
- Objection, object to certain types of processing
- Portability, receive your information in a portable format
- Withdraw consent, withdraw any consent you previously gave
EU / UK residents: You have these rights under the GDPR and UK GDPR. You also have the right to lodge a complaint with your local data protection authority.
California residents: Under the CCPA / CPRA, you have the right to know what personal information we collect, to delete it, to correct it, and to opt out of any “sale” or “sharing” (we do not sell or share your information as those terms are defined under California law).
To exercise any of these rights, email us at hello@breame.co. We will respond within 30 days (or such longer period as permitted by law).
8. Security
We take reasonable technical and organizational measures to protect your information: HTTPS encryption in transit, restricted access to systems, payments processed via PCI-compliant Stripe. No method of transmission or storage is 100% secure, but we work to protect your information using industry-standard practices.
9. Children's privacy
The Service is not directed to individuals under 18 years of age and we do not knowingly collect personal information from anyone under 18. If you believe we have inadvertently collected information from a minor, contact us at hello@breame.co and we will delete it.
10. Changes to this policy
We may update this Privacy Policy from time to time. The “Last updated” date reflects the most recent revision. Material changes will be communicated by email (if you have an account with us) or via a prominent notice on the Service.
11. Contact us
For any privacy questions, data requests, or complaints, email hello@breame.co.
Breame · [LEGAL BUSINESS NAME] · [REGISTERED ADDRESS]