Privacy Policy

Privacy Policy – Tingora AB

At Tingora AB, we value your privacy and are committed to protecting your personal data in accordance with the General Data Protection Regulation (GDPR) and applicable Swedish and EU data protection laws.

This Privacy Policy explains how we collect, use, store, and protect your personal data when you visit or make a purchase on Tingora.com, as well as your rights and how you can exercise them.

1. Data Controller

The data controller responsible for the processing of your personal data is:

Tingora AB
Corporate ID: 559540-9466
Sweden

Contact:
Email: info@tingora.com

2. What Is Personal Data?

Personal data is any information that can directly or indirectly identify you as an individual. This includes, for example, name, address, phone number, email address, payment information, IP address, or order history.

3. What Does Processing of Personal Data Mean?

Processing refers to any operation performed on personal data, such as collection, registration, storage, organization, use, disclosure, restriction, deletion, or destruction.

4. How We Collect Personal Data

We collect personal data when you interact with our website or services, including when you:

  • Place an order or complete a payment

  • Contact customer support

  • Subscribe to newsletters or marketing communications

  • Browse or use our website (for example through cookies and analytics tools)

We may also receive updated information from third parties such as payment providers, address verification services, or logistics partners when necessary to fulfill our obligations.

5. What Personal Data We Collect and Why

We process the following categories of personal data for the purposes described below:

Contact information
Name, address, phone number, email address
Used to process orders, deliveries, customer service, and communication.

Payment information
Transaction references and payment method details
Payments are handled securely by external payment providers such as Klarna, Stripe, or PayPal. We do not store full payment card details.

Order information
Purchased products, delivery status, returns and complaints
Used to fulfill contracts, manage returns, and comply with legal obligations.

Technical data
IP address, device and browser information, cookies
Used to ensure website functionality, security, analytics, and marketing where permitted.

Customer service correspondence
Emails, messages, or other communication
Used to handle inquiries, complaints, and support cases.

6. Legal Basis for Processing

We process personal data based on the following legal grounds under GDPR:

  • Contractual necessity
    To fulfill our contract with you, such as processing orders, payments, deliveries, returns, and complaints.

  • Legal obligation
    To comply with accounting, tax, and consumer protection laws.

  • Legitimate interest
    To improve our services, manage customer relationships, prevent fraud, ensure security, and conduct limited marketing activities.

  • Consent
    For newsletters, marketing communications, and non-essential cookies. You may withdraw your consent at any time.

7. How Long We Store Personal Data

We store personal data only for as long as necessary for the purposes for which it was collected:

  • Order and accounting data: Stored for 7 years in accordance with Swedish accounting law

  • Customer service cases: Stored for up to 3 years after the case is closed

  • Marketing data: Stored until you withdraw your consent

  • Cookies: Stored according to our Cookie Policy and applicable consent settings

8. Sharing of Personal Data

We share personal data only when necessary and only with trusted partners, such as:

  • Payment providers (for example Klarna, Stripe, PayPal)

  • Shipping and logistics partners (for example PostNord, DHL)

  • IT, analytics, and marketing service providers (for example Google and Meta)

All partners act as data processors and are bound by data processing agreements in accordance with GDPR.

We may also disclose personal data if required by law or a competent authority.

9. Transfers Outside the EU and EEA

Some of our service providers may process personal data outside the EU and EEA. In such cases, we ensure an adequate level of protection through:

  • EU Commission Standard Contractual Clauses (SCCs)

  • Transfers to countries approved by the EU Commission as providing adequate protection

  • Additional safeguards where required

10. Security

We use appropriate technical and organizational measures to protect personal data against unauthorized access, loss, alteration, or misuse. Access to personal data is restricted to authorized personnel only.

11. Your Rights

Under GDPR, you have the right to:

  • Request access to your personal data

  • Request correction of inaccurate or incomplete data

  • Request deletion of your personal data

  • Request restriction of processing

  • Object to processing based on legitimate interest

  • Withdraw consent at any time

  • Request data portability

You also have the right to lodge a complaint with a supervisory authority.

In Sweden, this is Integritetsskyddsmyndigheten (IMY).
You may also contact your local EU data protection authority.

12. Cookies

We use cookies to ensure website functionality, analyze traffic, and provide marketing where permitted.

You can manage your cookie preferences through our cookie banner when visiting the website.
More information is available in our Cookie Policy.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. The most current version is always available on Tingora.com. Changes take effect when published.