Privacy-Policy

Privacy Policy – Tingora AB

At Tingora AB, we value your personal privacy and are committed to maintaining a high level of data protection.

This Privacy Policy explains how we process your personal data when you use Tingora.com, what rights you have as a customer, and how you can contact us if you have questions or wish to exercise your rights under GDPR.

1. Data Controller

Tingora AB (Corporate ID: 559540-9466, Sweden) is responsible for the processing of your personal data.

Contact:
📍 Tingora AB, Sweden
📧 info@tingora.com

2. What Is Personal Data?

Personal data is any information that can directly or indirectly be linked to you as an individual — such as your name, address, phone number, email address, payment information, or IP address.

3. What Does Processing of Personal Data Mean?

Processing includes all actions taken with personal data, such as collecting, registering, storing, organizing, modifying, using, sharing, restricting, deleting, or destroying it.

4. How We Collect Personal Data

We collect personal data when you interact with our website or services, for example when you:

  • Place an order or complete a payment

  • Contact our customer support

  • Subscribe to newsletters or marketing emails

  • Use our website (cookies and analytics tools such as Google Analytics and Meta Pixel may register information)

We may also update your information through third-party services (e.g., payment providers, address verification services, or credit checks when necessary).

5. What Personal Data We Collect and Why

We process the following categories of personal data to provide and improve our services:

Contact information: name, address, phone number, email (for managing orders, deliveries, and customer support).

Payment information: transaction numbers, payment methods (handled securely by providers such as Klarna, Stripe, and PayPal).

Order details: purchased products, delivery history, returns.

Technical data: IP address, device and browser information, cookies (to improve functionality and marketing).

Customer service correspondence: emails, chat messages, or phone communication.

6. Legal Basis for Processing

We process your personal data based on the following legal grounds:

  • Contractual necessity — to fulfill our obligations to you (delivery, payments, returns, complaints).

  • Legal obligation — to comply with accounting, tax, and consumer protection laws.

  • Legitimate interest — to improve our services, manage customer relations, prevent fraud, and offer relevant marketing.

  • Consent — for newsletters and certain marketing activities.

For customers outside the EU/EEA, local data protection laws may also apply (e.g., UK GDPR, CCPA/CPRA in California).

7. How Long We Store Personal Data

We never store your personal data longer than necessary.

  • Order and payment information: stored for 7 years according to accounting regulations.

  • Customer service cases: stored for up to 3 years after the case is closed.

  • Marketing data (e.g., newsletter subscriptions): stored until you withdraw your consent.

  • Cookies: stored according to our cookie policy and only as long as required.

8. Sharing of Personal Data

We only share personal data with trusted partners when necessary to deliver our services, such as:

  • Payment providers (Klarna, Stripe, PayPal)

  • Shipping companies (e.g., PostNord, DHL)

  • IT and analytics providers (Google, Meta)

These parties act as data processors and may only process your data in accordance with our instructions and applicable data protection laws.

We may also share data when required by law or governmental authorities.

9. Transfers Outside the EU/EEA

If personal data is transferred outside the EU/EEA, we ensure an adequate level of protection by using:

  • EU Commission’s Standard Contractual Clauses (SCCs)

  • Transfers to countries deemed adequate by the EU Commission

  • Additional safeguards when required

10. Security

We use technical and organizational measures to protect your data from unauthorized access, loss, or manipulation. Only authorized personnel have access to personal data.

11. Your Rights

As a data subject, you have the right to:

  • Access your personal data (data subject access request)

  • Request rectification of incorrect or incomplete data

  • Request erasure (“the right to be forgotten”)

  • Request restriction of processing

  • Object to processing based on legitimate interest

  • Withdraw consent (e.g., unsubscribe from newsletters)

  • Request data portability (to receive your data in a structured format)

You may also file a complaint with your national data protection authority.
In Sweden, this is Integritetsskyddsmyndigheten (IMY).
For EU customers, you can contact your local supervisory authority.

12. Cookies

We use cookies to enhance your experience, analyze traffic, and provide relevant marketing.
When visiting our website, you can choose to accept or decline cookies via our cookie banner.
More information is provided in our Cookie Policy.

13. Changes to This Policy

We may update this Privacy Policy when necessary. The latest version is always available on Tingora.com.