Privacy Policy

Effective Date: April 12, 2026
Last Updated: May 8, 2026

Brett’s Biltong (“we,” “us,” or “our”) operates the website brettsbiltong.com. This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you visit our website or make a purchase. By using our website, you agree to the practices described in this policy.

1. Information We Collect

1.1 Information You Provide Directly

When you interact with our website, you may voluntarily provide us with:

  • Account Information: Name, email address, username, and password when you create an account.
  • Order Information: Billing and shipping addresses, phone number, and email address when you place an order.
  • Payment Information: Credit/debit card details, PayPal, Apple Pay, Venmo, or Cash App payment details. Note: Payment card data is processed directly by our payment processor (Stripe) and is never stored on our servers.
  • Communications: Any information you include when you contact us via email, phone, or our contact form.
  • Marketing Preferences: Your email address and name when you subscribe to our newsletter or marketing communications.
  • Age Verification: Confirmation that you meet our minimum age requirement.
  • WhatsApp Communications: If you contact us via WhatsApp, we receive your phone number, display name, profile photo (if public), and the content of your messages (including text, images, and files you send). This data is transmitted through the Meta WhatsApp Business API.

1.2 Information Collected Automatically

When you visit our website, we automatically collect certain information, including:

  • Device and Browser Information: IP address, browser type and version, operating system, device type, and screen resolution.
  • Usage Data: Pages visited, time spent on pages, referring URLs, click patterns, and navigation paths.
  • Cookies and Tracking Technologies: We use cookies, pixel tags, and similar technologies to enhance your experience and collect analytics data. See Section 6 for more details.

1.3 Information from Third Parties

We may receive information about you from third-party services we use, such as:

  • Payment Processors: Transaction confirmation and fraud prevention data from Stripe and PayPal.
  • Analytics Providers: Aggregated usage data from Meta (Facebook) Pixel.
  • Google: Conversion attribution and audience-matching data from Google Ads and Google Merchant Center, used to measure advertising performance.
  • Email Marketing: Engagement data (open rates, click-through rates) from Mailchimp.
  • WhatsApp Business API: Message delivery and read status data from Meta’s WhatsApp Business platform.

2. How We Use Your Information

We use the information we collect for the following purposes:

  • Order Fulfillment: Processing and shipping your orders, generating invoices, and providing delivery updates.
  • Customer Service: Responding to your inquiries, requests, and complaints via email, phone, or WhatsApp.
  • Payment Processing: Completing transactions securely through our payment processors.
  • Account Management: Creating and maintaining your customer account, order history, and preferences.
  • Marketing Communications: Sending promotional emails, newsletters, and special offers (only with your consent; you can opt out at any time).
  • Website Improvement: Analyzing usage patterns to improve website functionality, content, and user experience.
  • Advertising: Delivering relevant advertisements on social media platforms through Meta Pixel data.
  • Security and Fraud Prevention: Protecting against unauthorized access, fraud, and other malicious activity.
  • Legal Compliance: Meeting our legal and regulatory obligations, including tax reporting.
  • Inventory and Sales Management: Synchronizing order and product data with our point-of-sale system for inventory management.

3. How We Share Your Information

We do not sell your personal information. We may share your information with the following categories of third parties, solely for the purposes described in this policy:

3.1 Service Providers

  • Payment Processing: Stripe and PayPal process your payment information to complete transactions. Their use of your data is governed by their respective privacy policies.
  • Shipping Carriers: We share your name, shipping address, and phone number with carriers (e.g., USPS, UPS, FedEx) to deliver your orders.
  • Email Services: Mailchimp processes your email address and name to deliver marketing communications on our behalf.
  • Website Hosting: Rocket.net hosts our website and processes data as necessary to provide hosting services.
  • Analytics: Meta (Facebook) receives anonymized usage data through Meta Pixel for advertising and analytics purposes.
  • Google: Google LLC receives website usage data (pageviews, clicks, add-to-cart events, purchases) through the Google global site tag (gtag.js), and product feed data (titles, prices, images, availability) through Google Merchant Center, for advertising and conversion measurement. See Section 6.5 for details.
  • WhatsApp Business API: When you message us on WhatsApp, your messages are transmitted through Meta’s WhatsApp Business API infrastructure. Meta processes this data as a service provider on our behalf and may use limited data in accordance with WhatsApp’s Business Messaging Policy. We do not use your WhatsApp conversations for marketing purposes unless you explicitly opt in.

3.2 Legal Requirements

We may disclose your information if required to do so by law or in response to valid legal process, such as a subpoena, court order, or government investigation.

3.3 Business Transfers

If Brett’s Biltong is involved in a merger, acquisition, or sale of assets, your personal information may be transferred as part of that transaction. We will notify you of any such change.

3.4 With Your Consent

We may share your information for other purposes with your explicit consent.

4. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this policy, including:

  • Account Data: Retained as long as your account is active, or as needed to provide services.
  • Order Data: Retained for a minimum of 7 years for tax and legal compliance purposes.
  • Marketing Data: Retained until you unsubscribe or request deletion.
  • Website Analytics: Aggregated analytics data may be retained indefinitely in anonymized form.

When data is no longer needed, we securely delete or anonymize it.

5. Data Security

We take the security of your personal information seriously and implement appropriate technical and organizational measures to protect it, including:

  • Encryption: All data transmitted between your browser and our website is encrypted using TLS/SSL (HTTPS).
  • Payment Security: We are PCI-DSS compliant through our use of Stripe, which handles all card data. We never store, process, or transmit credit card numbers on our servers.
  • Access Controls: Administrative access to our systems requires two-factor authentication (2FA).
  • Caching and Performance: We use Redis object caching and content delivery networks to optimize performance while maintaining data security.

While we strive to protect your personal information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.

6. Cookies and Tracking Technologies

6.1 What Are Cookies?

Cookies are small text files stored on your device when you visit our website. They help us recognize your browser, remember your preferences, and improve your experience.

6.2 Types of Cookies We Use

  • Essential Cookies: Required for the website to function properly, including shopping cart functionality, login sessions, and security features. These cannot be disabled.
  • Analytics Cookies: Help us understand how visitors interact with our website so we can improve content and functionality.
  • Marketing Cookies: Used by Meta Pixel to deliver relevant advertisements on Facebook and Instagram based on your browsing activity on our site.
  • Preference Cookies: Remember your settings and preferences, such as age verification status and language.

6.3 Managing Cookies

You can control cookies through your browser settings. Most browsers allow you to block or delete cookies. However, disabling essential cookies may prevent you from using certain features of our website, including placing orders.

6.4 Meta Pixel

We use Meta Pixel (formerly Facebook Pixel) to measure the effectiveness of our advertising, understand user behavior, and deliver targeted advertisements. Meta Pixel collects data such as pages visited, products viewed, and purchases made. This data is shared with Meta Platforms, Inc. and is subject to Meta’s Privacy Policy. You can opt out of Meta’s targeted advertising through your Facebook Ad Settings.

6.5 Google Services

We use the following Google services on our website to enable advertising, product listings, and conversion measurement:

  • Google Ads & Conversion Tracking: We use Google Ads to advertise our products. When you visit our website, the Google global site tag (gtag.js) records information about your visit — pageviews, products viewed, items added to cart, and purchases — and transmits it to Google. On completed orders, the data sent includes the order’s transaction ID, total value, currency, and item details (product names, IDs, quantities). This information is shared with Google LLC and is governed by Google’s Privacy Policy. You can opt out of personalized Google advertising at Google Ad Settings.
  • Google Merchant Center & Google Shopping: We use Google Merchant Center to list our products on Google Shopping. Product data (titles, descriptions, prices, images, availability, GTINs) is shared with Google to enable shopping listings and Performance Max campaigns. Customer data is not shared through this channel.
  • Enhanced Conversions: When you complete a purchase, we may share hashed (one-way SHA-256 encrypted) versions of your email address and other limited identifiers with Google to improve conversion measurement accuracy. Hashing happens in your browser before transmission, so Google does not receive your raw email address.

Information shared with Google may be processed in the United States or other countries where Google operates. Google acts as a data processor and/or controller depending on the specific service. To exercise privacy rights related to data Google holds, follow the instructions in Google’s Privacy Policy.

6.6 WhatsApp Business API

We use the Meta WhatsApp Business API to communicate with customers who reach out to us via WhatsApp. When you message us on WhatsApp:

  • What we collect: Your phone number, display name, profile photo (if publicly visible), message content (text, images, documents, voice messages), and message timestamps.
  • How we use it: We use your WhatsApp messages solely for customer service purposes — answering product questions, providing order updates, and resolving issues. We may retain conversation history to provide better support and maintain records of customer interactions.
  • What we do NOT do: We do not add your WhatsApp phone number to marketing lists, send unsolicited promotional messages via WhatsApp, or share your WhatsApp data with third parties for advertising purposes — unless you explicitly opt in to receive marketing messages from us on WhatsApp.
  • Meta’s role: WhatsApp messages are transmitted and temporarily stored by Meta Platforms, Inc. as the infrastructure provider. Meta’s handling of this data is governed by the WhatsApp Business Messaging Policy and WhatsApp Privacy Policy.
  • End-to-end encryption: Messages sent to businesses via the WhatsApp Business API are encrypted in transit between your device and WhatsApp’s servers, and between WhatsApp’s servers and our systems. However, because we use the Business API (not the standard WhatsApp app), messages are not end-to-end encrypted in the same way as personal WhatsApp messages.
  • Retention: We retain WhatsApp conversation records for up to 24 months for customer service and dispute resolution purposes, after which they are deleted.
  • Opting out: You can stop communicating with us on WhatsApp at any time by simply ceasing to send messages or by blocking our business number. You may also request deletion of your WhatsApp conversation history by contacting us at info@brettsbiltong.com.

7. Your Rights and Choices

7.1 Access and Correction

You have the right to access, correct, or update your personal information at any time by logging into your account or contacting us.

7.2 Deletion

You may request that we delete your personal information by contacting us at info@brettsbiltong.com. Please note that we may need to retain certain information for legal or legitimate business purposes (such as tax records for completed orders).

7.3 Marketing Opt-Out

You can unsubscribe from our marketing emails at any time by clicking the “unsubscribe” link in any marketing email, or by contacting us directly. Please note that even after opting out, you may still receive transactional emails related to your orders.

7.4 Do Not Track

Some browsers offer a “Do Not Track” (DNT) signal. Our website does not currently respond to DNT signals, but you can manage tracking through cookie settings and the opt-out links provided in this policy.

8. California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA), including:

  • Right to Know: You can request details about the personal information we have collected about you in the past 12 months.
  • Right to Delete: You can request deletion of your personal information, subject to certain exceptions.
  • Right to Opt Out of Sale: We do not sell your personal information. However, certain data sharing with advertising partners (such as Meta Pixel) may be considered a “sale” or “sharing” under California law. You can opt out by contacting us or adjusting your cookie preferences.
  • Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights.

To exercise any of these rights, please contact us at info@brettsbiltong.com or call (214) 501-3041. We will verify your identity before processing your request.

9. Texas Privacy Rights

Under the Texas Data Privacy and Security Act (TDPSA), Texas residents have the right to:

  • Access and obtain a copy of their personal data.
  • Correct inaccuracies in their personal data.
  • Delete their personal data.
  • Opt out of the processing of personal data for targeted advertising, sale, or profiling.

To exercise these rights, contact us using the information in Section 13.

10. Children’s Privacy

Our website is not directed to children under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child under 18, we will take steps to delete that information promptly. If you believe a child has provided us with personal information, please contact us at info@brettsbiltong.com.

11. International Users

Our website is operated from the United States. If you access our website from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States, where data protection laws may differ from those in your country. By using our website, you consent to the transfer of your information to the United States.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, or legal requirements. When we make material changes, we will update the “Last Updated” date at the top of this page. We encourage you to review this policy periodically.

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Brett’s Biltong
Email: info@brettsbiltong.com
Phone: (214) 501-3041
Mailing Address: 6501 Dalrock Road, Ste 102, Rowlett, Texas 75089