Privacy Policy

Effective7 May 2026Last updated12 May 2026

1. Who we are

Briezo is an ecommerce analytics platform for Shopify and WooCommerce merchants. Briezo (ABN 92 611 517 994) is a business registered in Australia.

This policy explains what personal data we collect, how we use it, who we share it with, and the rights you have over it. It applies to merchants who sign up for Briezo, to visitors to our marketing pages, and to end customers of merchants where we process data on a merchant's behalf (as a data processor).

If you have any questions, email hello@briezo.com.

2. Information we collect

We collect the following categories of data, always for the purpose of operating the Briezo dashboard for the merchant who authorised it.

a) Merchant account data

  • Email address and display name
  • Password (stored only as a salted hash — we never see the plaintext)
  • Timezone, currency preference, dashboard theme, and layout preferences
  • Billing address and Stripe customer ID (card details are handled entirely by Stripe and never touch our servers)
  • Subscription plan, billing history, and invoice references

b) Shopify store data

When you install Briezo from the Shopify App Store or connect a Shopify store, we receive and process the following via Shopify's Admin API:

  • Store URL (myshopify domain), shop name, timezone, and currency
  • Shopify Admin API access token, encrypted at rest with AES-256-GCM
  • Order data: order IDs, totals, line items, discounts, taxes, shipping, financial and fulfillment status, refunds
  • Product and inventory data: titles, variants, SKUs, prices, inventory levels, collections
  • Customer data (Shopify Protected Customer Data): customer email, first and last name, order history, total spent, and the customer's accepts_marketing flag. This is used to compute RFM segments, LTV cohorts, and lifetime value — see section 4 below for full detail on how we handle this.

c) Advertising platform data

If you connect an ad account, we receive:

  • Ad account IDs and account names for Meta, TikTok, Google Ads, Pinterest, and Snapchat
  • OAuth access and refresh tokens, encrypted at rest with AES-256-GCM
  • Campaign, ad set, and ad-level performance metrics (spend, impressions, clicks, conversions, ROAS, CTR, CPC, video view rates, frequency)
  • Creative metadata (ad names, thumbnails, copy) used to display the Creative Scorecard

We only write data back to these platforms when you explicitly ask us to (for example, installing the Briezo Web Pixel on your storefront). We do not post, publish, or modify campaigns on your behalf.

d) Email and SMS marketing data

If you connect Klaviyo, Mailchimp, or Omnisend, we receive:

  • API keys or OAuth tokens, encrypted at rest
  • Campaign and automation performance metrics (opens, clicks, attributed revenue, unsubscribes)
  • Aggregate subscriber counts and list sizes

We do not download or store individual subscriber email addresses from these platforms.

e) Subscription and returns data

If you connect Recharge or Loop Returns, we receive subscription status, recurring revenue metrics, return reasons, and refund amounts so we can factor them into your P&L and LTV calculations.

f) Briezo first-party tracking pixel

Briezo installs a first-party Web Pixel on your storefront (via Shopify's Web Pixels Extension) when you enable tracking. The pixel collects, under your own domain and on your behalf:

  • Anonymous visitor identifiers stored in first-party cookies
  • Page URLs, referrers, and UTM parameters
  • Click identifiers (fbclid, gclid, ttclid, epik, sc_click_id) for ad attribution
  • Device and browser metadata (user agent, screen size, language)
  • Purchase events and checkout completion events

The pixel is set on the merchant's own domain as a first-party cookie. Data is used solely to power the merchant's own attribution and customer journey reports inside Briezo — it is never shared with advertisers, data brokers, or any third party.

g) Post-purchase attribution survey

If you enable the post-purchase survey, we collect the customer-provided answer to “How did you hear about us?” along with the associated order ID. This answer is only visible to the merchant inside their Briezo dashboard.

h) Product usage data

  • Pages viewed in the dashboard, feature usage counts, alert and report configurations
  • Support ticket content and AI assistant chat history (used to improve answers within your own account)
  • Error logs and performance traces (no personal data beyond what is needed to reproduce a bug)

3. How we use information

  • To operate the dashboard — display analytics, charts, and reports to the merchant who owns the data
  • To compute derived metrics — including attribution, LTV, cohort analysis, RFM segmentation (Champions / Loyal / At Risk / Lost), profit-per-product, and customer journeys
  • To send the Daily AI Brief and other scheduled reports to the merchant's own email or Slack, only when they have configured them
  • To generate AI insights — relevant data is sent to Anthropic's Claude API for processing. Under Anthropic's commercial terms, customer inputs are not used to train Anthropic's models. See Anthropic's commercial terms.
  • To detect anomalies and send alerts about spend spikes, conversion drops, or creative fatigue
  • To process billing via Stripe and manage subscription lifecycle
  • To communicate about product updates, security notices, and account matters
  • To provide support when you contact us
  • To secure the service (rate limiting, abuse detection, fraud prevention)
  • To compute anonymized industry benchmarks — bucketed by revenue tier and broad vertical category (e.g. skincare, supplements, apparel), aggregated across at least five (5) merchants per bucket, with a per-store opt-out in Settings → Privacy. See section 6a.
  • To produce anonymized service-level usage telemetry — daily platform-level counts (active stores, AI interactions, model runs) used to operate, debug, and improve Briezo. See section 6b.

We do not use merchant data or customer data to train, fine-tune, or otherwise improve machine-learning models — ours or any third party's. We do not use it for advertising. The only purposes outside operating Briezo for the merchant who authorised the access are: (a) computing anonymized, aggregated industry benchmarks as described in section 6a below — buckets of at least five (5) merchants, with all identifiers stripped — and (b) service-level usage telemetry described in section 6b — daily platform-level counts with no merchant or customer personal data. You can opt your store out of benchmark contribution at any time in Settings → Privacy.

4. Shopify Protected Customer Data

Briezo accesses Shopify Protected Customer Data — specifically customer email, customer name, order history, and total spent — in order to provide the merchant with customer-level analytics they cannot get from Shopify's native reporting. This includes:

  • RFM customer segmentation (Recency, Frequency, Monetary)
  • Lifetime value and cohort analysis
  • Repeat purchase and churn analytics
  • Profit per customer and per segment
Our commitments: Protected Customer Data is only accessed for the merchant who owns the store. It is never transmitted to any third party except the sub-processors listed in section 5 (and only to the minimum extent necessary to operate Briezo). It is never used for our own marketing or model training. It is never sold. It is never used to identify your store to any other merchant. The only secondary use is contributing to anonymized, aggregated industry benchmarks (see section 6a) — buckets of at least five merchants, with all identifiers stripped, and a per-store opt-out in Settings → Privacy. It is automatically deleted from our systems within 48 hours of an app uninstall, via the Shopify customers/redact and shop/redact webhooks.

Briezo complies with Shopify's Protected Customer Data requirements. A merchant can request immediate deletion of any specific customer's data by emailing hello@briezo.com with the customer email and store domain.

5. Third-party services (sub-processors)

Briezo uses the following sub-processors. Each receives only the data necessary to perform its specific function. Links go to each provider's own privacy policy.

6a. Anonymized, aggregated data

To help merchants understand how their store performance compares to peers, we may use anonymized, aggregated metrics derived from your store's data — such as average order value, repeat purchase rate, channel revenue mix, customer retention, and conversion rates — to compute industry benchmarks shown to other Briezo users.

We do this only after the data has been:

  • Aggregated across at least five (5) merchants per bucket, so no individual store can be identified
  • Bucketed by broad categories — revenue tier and vertical category (e.g. skincare, supplements, apparel, food & bev, fitness, home, baby & kids, pet, or a generic “all” bucket). Vertical-category buckets are only published when at least five merchants in your tier-and-category meet the threshold; otherwise the comparison falls back to the cross-vertical all-category roll-up. Never bucketed by identifiers that could re-identify your store.
  • Stripped of all customer-level personal information — no names, emails, phone numbers, addresses, or order details ever leave your store's scope

You can opt your store out at any time in Settings → Privacy. Opt-out applies to future aggregations; past benchmark snapshots cannot be retroactively un-mixed because they no longer distinguish individual contributors.

What we never do:
  • Share or sell your raw store data, customer data, or order data
  • Use your data to train artificial intelligence models — ours, Anthropic's, or any third party's
  • Identify your specific store in any benchmark or comparison shown to another merchant

6b. Service-level usage telemetry

To operate, debug, and improve Briezo, we record a small set of daily, platform-wide usage counts. Examples include the total number of stores that received at least one tracked event yesterday, the number of marketing-mix model runs initiated, and the number of AI assistant conversations. These counts let us monitor service health, capacity-plan our infrastructure, and decide which features are worth investing in.

This telemetry is recorded subject to the following commitments:

  • No per-merchant rows. Telemetry is stored as totals, never as one row per store or per user.
  • Per-revenue-tier breakdowns are k-anonymised. Any sub-bucket with fewer than five (5) contributing stores is dropped before it is written, so no tier-level number can be traced back to a specific store.
  • No personal data. Telemetry rows contain a date, a metric name, an optional revenue-tier label, and integer counts — nothing else. No emails, names, store domains, customer information, or order details.
  • Not shared externally. Telemetry is used internally by Briezo only; we do not sell it, ship it to advertisers, or feed it to any third party.
  • Not used to train models. Telemetry is not used to train, fine-tune, or otherwise improve machine-learning models — ours or any third party's.

Because this telemetry contains no personal data and no per-store rows, there is no opt-out switch: an opt-out would be technically meaningless once the data is aggregated. The benchmark contribution opt-out in Settings → Privacy applies only to the merchant-facing industry benchmarks described in section 6a.

6. Data sharing & sale

Briezo does not sell merchant data or customer data to anyone. We do not share data with advertisers, data brokers, marketing lists, or any third party outside the sub-processors listed in section 5.

Anonymized, aggregated benchmarks shown to other Briezo merchants (per section 6a) do not constitute “sharing data” within the meaning of this section, because no individual store, customer, or order is identifiable in those benchmarks.

We may disclose data only if required by law, a valid legal process, or to protect the rights, property, or safety of Briezo, our merchants, or the public.

7. Data retention & deletion

  • While subscribed — we retain your data for as long as your Briezo account or store connection is active. Historical ad and order data is kept up to your plan's history window (Starter 30 days, Pro 90 days, Scale 365 days).
  • App uninstall — when a Shopify merchant uninstalls Briezo, Shopify sends us shop/redact and customers/redact webhooks. We process these webhooks and delete all associated shop and customer data from our production systems within 48 hours.
  • Self-serve account deletion — Briezo merchants can delete their entire account and all associated data at any time from Settings → Account → Delete Account inside the dashboard. This triggers an immediate cascade delete of your user record, stores, tokens, CAPI events, RFM customers, pixel events, and team memberships.
  • Self-serve data export — before deleting, you can download a full JSON export of your account, stores, preferences, team, and billing history from the same Account page, or by calling GET /api/account/export while authenticated.
  • Email-based deletion — you can also request deletion by emailing hello@briezo.com. We complete email-based deletion within 30 days.
  • Customer-specific deletion — merchants can request deletion of any specific customer's data (for GDPR erasure requests) via the same email, or wait for Shopify to forward a customers/redact webhook which Briezo processes automatically.
  • Meta / Facebook data deletion — if you connected a Meta ad account to Briezo, deleting your Briezo account (via Settings → Account or by emailing hello@briezo.com) revokes our stored Meta OAuth token and removes all cached Meta data. You can also revoke Briezo's access at any time from your Facebook Business Settings → Integrations page.
  • Backups — deleted data may remain in encrypted backup snapshots for up to 30 additional days, after which it is permanently purged.
  • Billing records — Stripe retains invoice and payment records as required by applicable tax and accounting law.

8. Security

  • Encryption in transit — all connections use HTTPS / TLS 1.2 or higher
  • Encryption at rest — all access tokens, API keys, and sensitive credentials are encrypted with AES-256-GCM before being written to the database
  • Authentication — session cookies are HTTP-only and Secure. Every state-changing request is protected by a CSRF token.
  • Isolation — each merchant's data is scoped by user ID at the query layer. Merchants cannot access each other's data under any circumstances.
  • Rate limiting — applied to authentication and sensitive endpoints to defend against brute-force and credential-stuffing attacks
  • Backups — regular encrypted database backups stored on secure infrastructure
  • Breach notification — in the event of a data breach that affects your personal information, we will notify affected users by email within 72 hours of confirming the incident, and notify relevant authorities as required by applicable law

9. Cookies & tracking

Briezo itself uses a very small number of cookies:

  • Session cookie — keeps you logged in (strictly necessary)
  • CSRF token cookie — prevents cross-site request forgery (strictly necessary)
  • Theme / preference cookies — remember your dashboard theme, timezone, and layout (user preference)

We do not use third-party advertising cookies or cross-site tracking cookies on Briezo's own pages. Disabling cookies will prevent you from logging in.

Briezo Web Pixel on merchant storefronts. When a merchant enables the Briezo tracking pixel on their own store, a first-party cookie is set on the merchant's own domain. This cookie is controlled by the merchant and governed by the merchant's own privacy policy and cookie disclosures. Briezo processes the data solely as a data processor on the merchant's behalf.

Change your cookie preferences

When you first visit a Briezo public page we show a cookie banner asking you to accept or decline non-essential cookies. Your choice is stored locally in your browser. To change your decision, reset your preferences below — the banner will reappear so you can choose again.

Reset cookie preferencesComing soon

10. GDPR rights (EU / UK)

If you are located in the European Economic Area, the United Kingdom, or Switzerland, the General Data Protection Regulation (GDPR) and UK GDPR give you the following rights over your personal data:

  • Right of access — request a copy of the personal data we hold about you
  • Right to rectification — correct inaccurate or incomplete data
  • Right to erasure (“right to be forgotten”) — request deletion of your data
  • Right to restriction — limit how we process your data in certain circumstances
  • Right to data portability — receive your data in a structured, machine-readable format
  • Right to object — object to processing based on legitimate interests
  • Right to lodge a complaint with your local data protection authority

To exercise any of these rights, email hello@briezo.com. We respond within 30 days.

Legal basis. Briezo acts as a data processor under GDPR Article 28 with respect to customer data obtained from connected stores — the merchant is the data controller. For merchant account data (your own email, password, billing info), Briezo is the data controller, and we process that data on the basis of contract performance and legitimate interest in operating the service.

11. CCPA rights (California)

If you are a California resident, the California Consumer Privacy Act (CCPA) gives you the following rights:

  • Right to know what personal information we have collected about you
  • Right to delete personal information we hold about you
  • Right to correct inaccurate personal information
  • Right to opt out of sale — not applicable to Briezo because we do not sell personal information to anyone
  • Right to non-discrimination for exercising any of the above rights

To exercise these rights, email hello@briezo.com.

12. Australian Privacy Act

Briezo is an Australian business. Under the Australian Privacy Act 1988 and the Australian Privacy Principles, you have the right to access, correct, and request deletion of the personal information we hold about you, and to make a complaint to the Office of the Australian Information Commissioner (OAIC).

Contact hello@briezo.com to exercise these rights.

13. Children's privacy

Briezo is a business-to-business tool intended for merchants and their teams. We do not knowingly collect personal information from anyone under the age of 16. If we learn that we have inadvertently collected such information, we will delete it promptly.

14. Changes to this policy

We may update this policy from time to time as the product evolves or as legal requirements change. The “Effective date” at the top of the page always shows the current version. For material changes, we will notify logged-in users by email and via a notice inside the dashboard at least 14 days before the change takes effect. Your continued use of Briezo after changes take effect constitutes acceptance.

15. Contact

For any privacy-related question, request, or complaint:

Privacy Policy — Briezo — Briezo