Privacy Policy

This Privacy Policy explains how Breece Marketing Ltd. (“breece”, “we”, “our”) processes personal data when you visit breece.co or contact us. We act as the controller within the meaning of Article 4(7) of the General Data Protection Regulation (EU) 2016/679 (“GDPR”).

Controller

Breece Marketing Ltd.

Address

Voufon 26A
8575 Pegeia
Cyprus

Director

Nikolas Alexander Hebel

Privacy contact

office@breece.co

We have not appointed a dedicated Data Protection Officer as our processing does not reach the threshold under Article 37 GDPR. The contact above is the responsible point for any privacy-related request.

3.1 · Visiting the website

When you load a page, our hosting provider (see “Processors” below) records standard server access data: IP address (typically truncated), user agent, referrer, timestamp and requested URL. This is used to operate, secure and debug the site.

Legal basis: Art. 6(1)(f) GDPR — our legitimate interest in operating a stable, secure website. Retention: short-term only, typically up to 14 days at the hosting layer.

3.2 · Contact form (“Signal” panel & /contact)

When you submit the contact form on the home page or on /contact, we process the fields you fill in: name, email, company, role, and message (plus phone and industry on the dedicated contact page). We use these to respond to your enquiry.

Legal basis: Art. 6(1)(b) GDPR (steps taken at your request prior to entering a contract) and Art. 6(1)(f) GDPR (our legitimate interest in replying to business enquiries). Retention: up to 24 months after our last substantive contact, unless an ongoing business relationship or statutory obligation requires us to keep it longer.

3.3 · Direct email

If you email us directly (e.g. at office@breece.co), we process the content and metadata of your message for the purpose of responding. The same legal bases and retention apply as for the contact form.

We rely on a small number of carefully selected service providers that process personal data on our behalf under Art. 28 GDPR data processing agreements. At the time of writing, these are:

• Vercel Inc. · Hosting and edge delivery of breece.co. Processes server access data. Cross-border transfers covered by EU Standard Contractual Clauses and supplementary safeguards.
• Transactional email provider · Delivers contact-form submissions to our inbox. Provider to be finalised (currently evaluating Resend / SendGrid / self-hosted SMTP). This policy will be updated once the provider is live.
• Our own infrastructure · Replies are drafted and stored within our business correspondence systems, accessed only by breece personnel on a need-to-know basis.

We do not sell personal data. We do not share personal data with third parties for their own marketing purposes.

Some of our processors operate infrastructure outside the European Economic Area (EEA). Where this is the case, we ensure an adequate level of protection, typically through EU Standard Contractual Clauses (Art. 46(2)(c) GDPR) in combination with supplementary technical and organisational measures. You may request a copy of the relevant safeguards at the contact address above.

breece.co currently uses only strictly necessary storage that is required for the site to function (e.g. remembering your theme preference or an accepted cookie notice). No analytics, marketing or tracking cookies are set at the time of writing.

A consent manager will be introduced before any non-essential cookie or tracking script is deployed. Consent will be obtained before any such technology is loaded and can be withdrawn at any time via the same manager.

No analytics product is active at launch. If we introduce analytics, we will prioritise a privacy-friendly, cookieless or consent-gated option (for example, Plausible) and update this policy before it goes live.

All fonts are self-hosted via next/font. We do not load resources from the Google Fonts CDN or other third-party font servers. Icons and images are served from our own domain or our hosting provider’s edge network.

Under the GDPR you have the following rights in relation to your personal data:

• AccessArt. 15 GDPR
• RectificationArt. 16 GDPR
• ErasureArt. 17 GDPR
• Restriction of processingArt. 18 GDPR
• Data portabilityArt. 20 GDPR
• ObjectionArt. 21 GDPR
• Withdrawal of consent at any timeArt. 7(3) GDPR

To exercise any of these rights, email office@breece.co with the subject “Data protection”.

You may lodge a complaint with a data protection supervisory authority, in particular in the EU Member State of your residence, place of work or the location of the alleged infringement.

Our lead authority is the Office of the Commissioner for Personal Data Protection of the Republic of Cyprus (dataprotection.gov.cy).

We apply appropriate technical and organisational measures to protect personal data against accidental or unlawful destruction, loss, alteration and unauthorised disclosure or access. Traffic to breece.co is encrypted via HTTPS end-to-end.

We may update this policy to reflect new features, new processors or legal developments. The date below indicates the current version. For material changes we will highlight the update on the site before it takes effect.