1. Who We Are

Brontie Limited, registered in Ireland (Company No. 793231), located at 43 Greenfield Drive, Maynooth, Co. Kildare, is the controller of your personal data.

If you have questions, contact us at: hello@brontie.ie.

2. What Data We Collect

• Customer Data: name, email address, payment details (via Stripe), and gift purchase history.
• Recipient Data: name and email address (as provided by the sender).
• Café Partner Data: contact information, bank details for payouts, sales/redemption data.
• Usage Data: device/browser info, IP address, cookies, voucher tracking (e.g. redemption times, forwarding of voucher links).
• Communications: any emails or messages sent to us.

3. How We Use Your Data

• To provide the Brontie service (purchase, send, redeem gifts).
• To process payments securely through Stripe.
• To notify cafés of redemptions and manage payouts.
• To track voucher usage, including viral flows (e.g. if a gift is forwarded).
• To improve the website and user experience via analytics.
• To send service-related updates (e.g. redemption reminders, support replies).
• With your consent, to send marketing updates (opt-in only).

4. Legal Basis

• Contract: processing required to deliver our service.
• Legal obligation: for VAT, tax, and accounting purposes.
• Consent: for marketing and optional data tracking.
• Legitimate interests: to analyse usage and improve our service.

5. Sharing Your Data

• Cafés: recipient’s name and gift details so they can redeem.
• Stripe: for payment processing.
• Analytics providers: e.g. Posthog (anonymised usage data).
• Legal/regulatory authorities: if required by law.

We never sell your personal data.

6. Data Retention

• Customer and café data: retained for as long as you use the service, then securely archived for tax/legal compliance (usually 6 years).
• Cookies and analytics data: retained as per our [Cookie Policy].
• Gift data: retained for up to 5 years in line with Irish voucher expiry laws.

7. Your Rights

Under GDPR, you have the right to:

• Access your data.
• Correct inaccuracies.
• Request deletion (except where retention is required by law).
• Object to processing for marketing or analytics.
• Withdraw consent at any time.

Contact hello@brontie.ie to exercise these rights.

8. Data Security

We use secure servers, encryption, and access controls to protect your data. Payments are processed by Stripe, and Brontie never stores your full card details.

9. International Transfers

Data may be processed outside the EU by third-party providers (e.g. Stripe, analytics tools). We ensure such transfers comply with GDPR safeguards (e.g. SCCs).

10. Updates

We may update this Privacy Policy from time to time. Updates will be posted here with a new “Last updated” date.