Privacy Policy

If you have questions about this Privacy Policy or how we process your personal data, please contact us at the email address below.

We may collect and process the following categories of personal data:

• When you place an order with us.
• When you contact us.
• When you create or use a customer account.
• When you browse or interact with our website.
• When order, shipping, or marketplace information is provided through connected service providers such as Shopify, Sendcloud, or Amazon.

• Operate, maintain, and secure our website and webshop.
• Process orders, payments, shipping, returns, and refunds.
• Manage customer accounts and customer service.
• Communicate with you about your order, delivery, or support request.
• Maintain internal business records and documentation.
• Comply with legal, tax, accounting, and regulatory obligations.
• Detect fraud, misuse, or technical abuse.
• Improve our products, services, and website performance.

Where GDPR applies, we process your personal data on one or more of the following legal bases:

Our online store is hosted on Shopify, which provides the e-commerce platform we use to sell our products and manage customer transactions. Shopify may process information such as IP address, device information, browser information, cookies, and browsing interactions, and may also process customer and order-related data in connection with store and checkout services.

In addition to Shopify, we also store and process relevant customer data in our own internal systems where necessary for customer service, order administration, internal recordkeeping, accounting, legal compliance, dispute handling, and protection of our legitimate business interests.

We only share personal data where necessary for relevant business purposes and only to the extent required. We may share personal data with:

Where required, we use contractual safeguards such as data processing agreements with service providers acting on our behalf.

Because we use international service providers, your personal data may be processed in countries outside your own country and, where relevant, outside the European Economic Area. Sendcloud states that for certain services it may use processors or business partners outside the EU/EEA and relies on safeguards such as Standard Contractual Clauses where required.

Where legally required, we seek to ensure that appropriate safeguards are in place for international transfers.

We keep personal data only for as long as necessary for the purposes described in this Privacy Policy, unless a longer retention period is required by law.

Subject to applicable law, you may have the right to:

To exercise your rights, email persondata@bangkokrock.com. Requests are generally answered within one month, subject to lawful extensions.

We use cookies and similar technologies to operate the website, remember preferences, support store functionality, improve user experience, and understand how visitors use the site. Shopify uses cookies and similar technologies in connection with website and store interactions.

Where required by law, non-essential cookies will only be used with your consent. You can also control cookies through your browser settings.

We use appropriate technical and organizational measures to protect personal data against unauthorized access, alteration, disclosure, misuse, or loss. However, no online service can be completely secure, and we cannot guarantee absolute security.

If you purchase through or otherwise interact with Bangkok Rock through a third-party platform such as Amazon, your personal data may also be processed under that platform's own terms and privacy policies.

We recommend reviewing the privacy policies of the third-party services you use when interacting with our business.

We may update this Privacy Policy from time to time to reflect legal, technical, or operational changes. The latest version will always be posted on this page.