Privacy and Cookies Policy

Effective date: [31st March 2026] Last updated: [18th April 2026]

  1. Who we are

This website is operated by FB Guitars Ltd (“FB Guitars”, “we”, “us”, “our”). We are the controller of the personal data processed through this website, except where this policy says otherwise.

Controller details FB Guitars Ltd

Data protection contact Email: dpo@fbguitars.com

If you have any questions about this policy, our use of your personal data, or your privacy rights, please contact us using the details above.

  1. Scope of this policy

This policy explains how we collect, use, store, share, and protect personal data when you:

  1. visit our website,
  2. subscribe to our Founders Edition List or any mailing list,
  3. contact us,
  4. submit an enquiry,
  5. interact with us through forms, social links, or embedded content,
  6. or otherwise use our website and related services.
  1. The personal data we collect

Depending on how you use the site, we may collect and process the following categories of personal data:

3.1 Information you provide directly

  1. your name,
  2. your email address,
  3. your telephone number,
  4. your message or enquiry,
  5. any information you choose to include when contacting us.

3.2 Mailing list and marketing data

If you subscribe to our Founders Edition List, newsletter, or product updates, we may collect:

  1. your email address,
  2. your subscription status,
  3. the date, time, and source of your subscription,
  4. records of consent where consent is relied upon,
  5. interaction data relating to our email communications, such as opens or clicks, where those features are enabled.

3.3 Technical and usage data

When you visit the site, we may automatically collect limited technical information such as:

  1. IP address,
  2. browser type and version,
  3. device type,
  4. operating system,
  5. pages visited,
  6. referring website,
  7. date and time of access,
  8. basic server and security logs.

3.4 Cookie and preference data

We may collect information through cookies or similar technologies about:

  1. your cookie consent choices,
  2. session preferences,
  3. security and site functionality,
  4. analytics or performance data, where you have consented,
  5. embedded media preferences, where applicable.
  1. How we use your personal data and our legal bases

Under the GDPR, personal data must be processed on a lawful basis. Depending on the context, we rely on one or more of the following legal bases: consent, performance of a contract, steps prior to entering a contract, legal obligation, and legitimate interests. (edpb.europa.eu)

We use personal data for the following purposes:

4.1 To operate, secure, and improve the website

We use technical and usage data to:

  1. make the website available,
  2. maintain security,
  3. detect abuse or malicious activity,
  4. troubleshoot errors,
  5. and improve performance and user experience.

Legal basis: legitimate interests, and where strictly necessary cookies are used, operation of the website.

4.2 To respond to enquiries

If you contact us, we use your information to:

  1. respond to your message,
  2. provide information you request,
  3. and manage follow-up communication.

Legal basis: steps taken at your request before entering into a contract, contractual necessity where relevant, and legitimate interests.

4.3 To manage our mailing list and send marketing communications

If you sign up to the Founders Edition List, newsletter, or launch updates, we use your data to:

  1. add you to our contact list,
  2. send you product news, launch updates, selected behind-the-scenes content, and related marketing communications,
  3. manage your subscription and preferences,
  4. and record your unsubscribe or opt-out choices.

Legal basis: consent. You can withdraw your consent at any time by using the unsubscribe link in our emails or by contacting us.

4.4 To comply with legal, regulatory, and record-keeping obligations

We may process personal data where necessary to comply with applicable laws, regulatory requirements, or lawful requests from public authorities.

Legal basis: legal obligation.

  1. Where we get personal data from

We collect personal data:

  1. directly from you, when you complete forms, subscribe, or contact us,
  2. automatically from your device/browser when you use the website,
  3. and, in limited cases, from service providers that support our website, communications, or security operations.
  1. Recipients and service providers

We do not sell your personal data.

We may share personal data with trusted service providers who process data on our behalf and only on our instructions, including providers for:

  1. website hosting,
  2. website security and maintenance,
  3. email communications and mailing list management,
  4. contact and enquiry handling,
  5. analytics and cookie-consent tools, where used.

Where you subscribe to our mailing list or Founders Edition List, we may use Brevo or a similar email communications platform to manage subscriptions and send updates. Such providers act as processors on our behalf. Brevo states that it supports GDPR compliance for customers acting as controllers and processors. (help.brevo.com)

Our website is hosted on servers located in the European Union, according to our hosting configuration.

We may also disclose personal data where required by law or where necessary to establish, exercise, or defend legal claims.

  1. International transfers

Our intention is to host and manage this website and its core services within the European Union wherever reasonably possible. If any of our service providers process personal data outside the European Economic Area, we will take appropriate safeguards, such as adequacy decisions or standard contractual clauses, as required by EU data protection law. (European Commission)

  1. How long we keep personal data

We keep personal data only for as long as necessary for the purposes described in this policy, unless a longer retention period is required or permitted by law.

As a general guide:

  1. Enquiries and contact messages: up to 24 months after our last substantive correspondence, unless a longer period is needed for legal or commercial reasons.
  2. Mailing list data: until you unsubscribe, withdraw consent, or we discontinue the relevant mailing list, subject to limited suppression records needed to respect your opt-out.
  3. Technical logs and security data: for as long as reasonably necessary for security, monitoring, and troubleshooting, typically for a limited period unless needed for investigation or legal reasons.
  4. Cookie consent records: for as long as necessary to evidence and manage your preferences.

We may retain information for longer where required to comply with legal obligations, resolve disputes, or protect our legal rights.

  1. Your rights

Under the GDPR, you may have the right to:

  1. be informed about how your personal data is used,
  2. access your personal data,
  3. have inaccurate or incomplete data corrected,
  4. request erasure of your data in certain circumstances,
  5. restrict processing in certain circumstances,
  6. receive your data in a portable format where applicable,
  7. object to processing, including direct marketing,
  8. withdraw consent at any time where consent is the legal basis,
  9. and lodge a complaint with a supervisory authority. (European Commission)

To exercise any of your rights, please contact us at dpo@fbguitars.com.

If you are not satisfied with how we handle your request, you may lodge a complaint with the Information and Data Protection Commissioner (IDPC) in Malta, which is the national supervisory authority responsible for enforcing the GDPR and the Maltese Data Protection Act. (IDPC)

  1. Cookies and similar technologies

10.1 What cookies are

Cookies are small text files stored on your device when you visit a website. They can help the site work properly, remember your preferences, improve performance, and support analytics or embedded content.

10.2 How we use cookies

We may use the following categories of cookies and similar technologies:

Strictly necessary cookies These are required for the operation, security, and core functionality of the site. They may be used to:

  1. keep forms and sessions working,
  2. remember privacy preferences,
  3. support security and anti-abuse protections,
  4. and ensure the website functions properly.

Preferences cookies These remember choices you make, such as consent settings or interface preferences.

Analytics or performance cookies These help us understand how visitors use the site so we can improve content, navigation, and performance.

Marketing or tracking cookies These may be used to measure campaign performance or personalise communications, if we enable those features.

Third-party and embedded content cookies If we embed content from third parties, such as videos, maps, or social media content, those third parties may set cookies or collect data when you interact with that content.

10.3 Consent for cookies

Where cookies are strictly necessary, we may use them without asking for consent. Where cookies are not strictly necessary, including most analytics, marketing, and third-party tracking cookies, we will request your consent before setting them on your device. You can accept, reject, or change your cookie preferences at any time through our cookie settings tool, where available. (European Union)

10.4 Managing cookies

You can also manage cookies through your browser settings. Blocking some cookies may affect how the site functions.

  1. Email marketing and unsubscribe

If you receive marketing emails from us, you may unsubscribe at any time by:

  1. clicking the unsubscribe link in the email, or
  2. contacting us at dpo@fbguitars.com

If you unsubscribe, we may retain limited information to ensure we respect your opt-out and do not continue sending you marketing communications.

  1. Children’s data

Our website and products are not directed at children, and we do not knowingly collect personal data from children in connection with marketing signups or general website enquiries. If you believe a child has provided personal data to us, please contact us so that we can review and, where appropriate, delete the information.

  1. Security

We take appropriate technical and organisational measures to protect personal data against unauthorised access, loss, misuse, alteration, or disclosure. These measures include access controls, platform security, and the use of service providers with appropriate safeguards. Brevo, for example, states that it applies GDPR-related security and privacy measures as a processor. (help.brevo.com)

  1. Changes to this policy

We may update this Privacy and Cookies Policy from time to time to reflect changes in our website, services, legal obligations, or processing practices. We will post the updated version on this page and update the “Last updated” date above.

  1. Contact us

For privacy enquiries, rights requests, or questions about this policy, please contact:

Data Protection Contact dpo@fbguitars.com

Forged by Science. Driven by Tone.
Premium performance electric guitars engineered in Malta.
© 2026 FB GUITARS LTD. ALL RIGHTS RESERVED.