I was alarmed today to receive two marketing emails from a company after browsing their website yesterday (the emails suggest I signed up for their marketing which I definitely did NOT do). I was browsing using Brave, and Proton VPN on a Macbook. I have shopped with this retailer before but my last order was a long time ago and I did not log in to the site/my account. I have only recently starting using Brave and have never logged onto this site using this browser before. They emailed the email address they hold for me but as I didn’t log in, and was using Brave and a VPN, I don’t know how they knew it was me to connect the dots (let alone set me up for marketing emails which I would have previously declined!).
I only looked at a few pages but one thing I did do was “share” one page link to the Apple Reminders app. I did this via “File” and “Share” in the Brave browser not from a button on the page itself. Could this have somehow let them know who it was? Is this something I need to avoid doing moving forward? My main concern is how I avoid this type of invasive tracking and marketing moving forward. Or is this just not possible?
Grateful for any advice but, if you are kind enough to take the time to respond, I have very limited knowledge so please talk me to me as if I am 5 
Many thanks for any help!