Privacy Policy

Privacy Policy & Personal Data Protection

GrillBro is committed to protecting the privacy of its customers and users, in accordance with the General Data Protection Regulation (GDPR – EU Regulation 2016/679) and applicable Portuguese legislation.

1. Data Controller

GrillBro
Website: www.grilllbro.com
Email: grillbrosupport@gmail.com
Country: Portugal

2. Data Collected

We collect the following data:

  • Identification data: first name, last name, email address, postal address, phone number.
  • Order data: purchase history, ordered products, amounts.
  • Navigation data: IP address, cookies, pages visited, visit duration (via Google Analytics 4 and Shopify Analytics).
  • Payment data: securely processed by Shopify Payments – GrillBro does not store your bank details.

3. Purposes of Processing

Your data is used to:

  • Process and deliver your orders.
  • Manage your customer account and after-sales service.
  • Send transactional communications (order confirmation, delivery tracking).
  • Send marketing communications (with your prior consent).
  • Improve our website and services (analytics).
  • Comply with our legal obligations.

4. Legal Basis for Processing

  • Contract execution: order processing.
  • Legal obligation: invoicing, accounting.
  • Legitimate interest: fraud prevention, security.
  • Consent: marketing communications, non-essential cookies.

5. Retention Period

  • Order data: 10 years (accounting obligation).
  • Customer account data: until account deletion or 3 years of inactivity.
  • Marketing data: until consent is withdrawn.
  • Analytical cookies: maximum 13 months.

6. Data Sharing

Your data may be shared with:

  • Shopify Inc. (hosting and payment processing) – GDPR compliant.
  • Carriers (for the delivery of your orders).
  • Google Analytics 4 (audience analysis, anonymized data).
  • No data sales to third parties.

7. Transfers Outside the EU

Some of our providers (Shopify, Google) may process data outside the EU. These transfers are governed by appropriate safeguards (standard contractual clauses, adequacy decisions).

8. Your Rights

In accordance with GDPR, you have the following rights:

  • Right of access: obtain a copy of your data.
  • Right to rectification: correct inaccurate data.
  • Right to erasure: request the deletion of your data.
  • Right to data portability: receive your data in a structured format.
  • Right to object: object to processing for marketing purposes.
  • Right to restriction of processing: limit processing in certain cases.

To exercise your rights, please contact us at: grillbrosupport@gmail.com. We will respond within 30 days. You can also file a complaint with the CNPD (National Commission for Data Protection – Portugal): www.cnpd.pt.

9. Cookies

Our site uses cookies. For more information, please consult our cookie policy integrated into the consent banner. You can change your preferences at any time via your browser settings.

10. Updates

This policy may be updated at any time. The date of the last update is indicated at the bottom of the page. Last updated: May 2026.

11. Contact

grillbrosupport@gmail.com