Privacy Policy
Last updated: July 1, 2026
1. Introduction
This Privacy Policy explains how Byteex Ltd, a limited company registered in Cyprus with registered address at Gladstonos 16, Paphos, 8046, Cyprus, trading as Brew, collects, uses, discloses, and protects information when you visit brewupsells.com (the “Site”) or use the Brew service (the “Service”).
In this policy, “Brew,” “we,” “us,” and “our” refer to Byteex Ltd, trading as Brew. Byteex Ltd is the data controller responsible for your personal information under the GDPR and applicable data-protection law.
Contact
- Operating company: Byteex Ltd (trading as Brew)
- Address: Gladstonos 16, Paphos, 8046, Cyprus
- Email: help@brewupsells.com
- Website: https://brewupsells.com
By using the Site or Service, you agree to the collection and use of information in accordance with this Privacy Policy.
2. Information We Collect
2.1 Information you provide
We collect information you provide when you:
- Create an account or start a subscription
- Connect your Shopify store to Brew
- Create, edit, preview, or publish an offer
- Contact support or request a feature
- Subscribe to product updates
This may include your name, email, business name and store URL, billing details processed by our payment provider, the offers and settings you configure, and any other information you choose to share.
2.2 Information collected automatically
- IP address, browser type, device, and operating system
- Pages visited, features used, and navigation patterns
- Approximate location (country/city level)
- Date and time of visits and interactions
2.3 Cookies and similar technologies
We use cookies and similar technologies for authentication, preferences, analytics, and (where applicable) marketing. See Section 4.
3. Data From Your Shopify Store
To create, preview, and serve offers, the Service connects to your Shopify store through Shopify’s official APIs, using only the permissions (scopes) you approve when you connect. Depending on the offers you run, this may include access to product, collection, inventory, order, and customer data.
- We access store data only to operate the offers you create and the features you request.
- We do not sell store or customer data, and we do not use it to train third-party AI models.
- You can disconnect your store at any time, which revokes our access going forward.
- Our handling of Shopify data is also governed by Shopify’s API terms and data-protection requirements.
3.1 Data Processing Agreement
When you connect your store, you act as the data controller for your customers’ personal data and we act as your data processor for that data, processing it only to provide the Service and on your instructions. A Data Processing Agreement (DPA) reflecting this, including GDPR Article 28 terms, is available on request at help@brewupsells.com.
4. How We Use Information
- Provide, operate, and maintain the Service and the offers you run
- Create, preview, serve, and optimize the offers you configure
- Process payments and manage your subscription
- Respond to support requests and communicate about your account
- Improve our product, reliability, and user experience
- Send service and (with consent where required) marketing messages
- Protect against fraud, abuse, and security threats, and comply with law
6. Legal Basis for Processing (GDPR)
For users in the EU, EEA, and UK, we rely on the following legal bases:
- Contractual necessity: to deliver the Service you signed up for
- Consent: for non-essential cookies and certain marketing
- Legitimate interests: to secure, improve, and operate our product
- Legal obligation: to comply with tax, accounting, and other laws
8. International Transfers
We operate from Cyprus and use providers that may process data in the United States and elsewhere. Where we transfer personal data internationally, we use appropriate safeguards such as the European Commission’s Standard Contractual Clauses.
9. Data Security
We use technical and organizational measures, including encryption in transit and at rest, access controls, least-privilege practices, and regular security reviews, to protect your information. No method of transmission or storage is 100% secure, so we cannot guarantee absolute security.
10. Data Retention
We retain personal information for as long as needed to provide the Service and for a reasonable period afterward, then delete or anonymize it, except where longer retention is required by law (for example, tax records). If you cancel, we keep account data for a limited window to allow reactivation and dispute resolution.
11. Your Rights
Depending on where you live, you may have rights to access, correct, delete, port, or restrict processing of your personal information, to object to certain processing, and to withdraw consent. California residents have rights under the CCPA/CPRA, including the right to know, delete, correct, and opt out of “sharing” for cross-context behavioral advertising.
To exercise any right, email help@brewupsells.com with “Privacy Rights Request” in the subject line. You also have the right to lodge a complaint with your local supervisory authority (in Cyprus, the Office of the Commissioner for Personal Data Protection).
12. Children’s Privacy
The Service is intended for businesses and people aged 18 or older. We do not knowingly collect personal information from anyone under 18 and will delete it if we learn we have.
13. Changes to This Policy
We may update this Privacy Policy from time to time. We will post the updated version here and revise the “Last updated” date, and for material changes we will provide additional notice where required.
14. Contact Us
Questions about this policy or our data practices? Contact Byteex Ltd (trading as Brew) at help@brewupsells.com, or write to Gladstonos 16, Paphos, 8046, Cyprus.
This policy is provided in English; if translated, the English version prevails.
