2. General Information
3-1 We may ask you to provide certain contact and payment information -,once you register to use our services and/or our website or order our products,- such as; your name, address, email address, and contact number. This may vary depending on whether you are purchasing products from our site for your personal use, or whether you are purchasing products on behalf of a business customer for use by a business.
3-2 We may also collect personal information such as the mailing history between TUA and you when you contact us to make an enquiry or complaint. If you order our products with us on a regular basis, we will keep records of your order history (If your order history is not available to you on our website, please contact email@example.com).
3.6 We will not collect any sensitive personal data or special categories of data about you in connection with your use of our services and/or our sites.
4Usage of Information
4-1 We may use your information for the following purposes:
4-1 (a) in order to enable us in the normal course of our business, to register you to receive our services and to provide you with our products as far as necessary in order to fulfill our contractual responsibilities towards you.
4-1 (b) in order to manage your account by processing your information as far as necessary in order to perform our contract with you and to provide our services;
4-1 (c) in order to analyse your personal preferences and cater our services to you as far as processing your information is in our legitimate interests to optimise our website;
4-1 (d) in order to store your data for the use in pre-populate fields, to make it easier for you to provide information when you return to our website.
4-1 (e) in order to use your contact details to get in touch with you about our products and services, on the basis that processing is in our legitimate interests to promote our products and services, whether you are acting on behalf of a business customer or in a personal capacity. Such contact may be by way of a telephone call, given you have consensually provided this information to us and regular email updates, and if you are acting in a personal capacity, such contact will only be conducted by regular email updates. You may opt-out of such communications at any time by following the unsubscribe link in the emails which may be sent to you;
4-1 (f) in order to check that the data we have stored about you is accurate, to validate your information (in some cases by matching it against information that has been collected by a third party) and its consistency as far as that processing is necessary in order to perform our contract with you and to provide our services;
4-1 (g) in order to comply with any legal obligations to which we are subject as far as that processing is necessary.
4.2.1 If you hold an online account with TUA, whether you are a business customer or a consumer please ensure that the personal information associated with this account is kept accurate and up to date. You have the ability to update your account online, or alternative you can contact us under firstname.lastname@example.org.
4.2.2 If you are a business customer your contact with us will be running through email@example.com. or another e-mail address ending with @studiotua.com. Any information you provide to us in the course of those communications will be processed as far as necessary in order to establish a business to business relation with mutually safe and secure terms and conditions. In the course of the communication between TUA and you we may ask for certain information about the type of business operated. While the provision of such information is not essential, if this type of information is not provided, we may not be able to protect our interests and hence are not able to offer to you our goods and services especially tailored products and services.
4.3 The provision of certain information in the order and sign up form is mandatory if you want to receive our goods or services. The system will prevent you from proceeding with the sign up or check out if you do not fill out these fields.
4.4 The provision of certain information in the order and sign up form is voluntary and you do not need to provide such information in order to receive our goods or services. The system won't prevent you from proceeding with the signup or check out if you do not fill out these fields.
4.5 We also use non-essential cookies on our website (please see details in our Coockie Policy) for which you will have the ability to opt-out of the use by choosing the appropriate option on our cookies banner. If you choose to opt-out of the use of certain cookies, the functionality of our website may be affected.
4.6 Marketing. Our goal is to provide you with as many choices regarding certain personal data uses, particularly around marketing and advertising. We have currently set up the following personal data control mechanisms (if you have remarks or suggestions please contact us under firstname.lastname@example.org):
4.6 (a) Promotional offers regarding our services and products. We may use your Identity, Contact, Technical, Usage and Profile Data to provide you with information about what we think you may want or need, or what may be of interest to you. What we call marketing is how we decide which products, services and offers may be relevant for you.
4.6 (b) If you have requested information from us or purchased goods or services from us or if you provided us with your details when you attended an event, entered a competition, or registered for a promotion, and if in each case, you have not opted out of receiving that marketing, you may receive such marketing.
4.6 (c) Third-party marketing. We will only share your personal data with third party companies if we obtain your express opt-in consent before. Express opt-in consent is a manual opt-in process which requires clicking on a checkbox, giving oral consent or written consent.
4.6 (d) Opting out. You can ask us or third parties to stop sending you marketing messages at any time. You can do so by logging into your online account and checking or unchecking relevant boxes, or by following the opt-out links on any marketing message sent to you or by contacting us under email@example.com. Opting out of receiving these marketing messages, will not delete any personal data provided to us from our system as a result of a product/service purchase, warranty registration, product/service experience or other transactions including al mechanisms mentioned in §4-6 (b). If You wish TUA to delete all data related to your person please contact firstname.lastname@example.org.
5Change of purpose
We exclusively use your personal data for the purposes mentioned in this policy, unless we reasonably consider that we need to use it for another purpose and that purpose is compatible with the original purpose and/or European law. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose and/or European law, please contact email@example.com.
If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by european law.
6Sharing of Information
6-1 As part of using our services, we have to share your personal information with the following parties:
6-1 (a) we appoint multiple service providers and third party partners, who process and store data on our behalf:
6-1 (a.1) Our online payment service providers (Stripe)
6-1 (a.2) Our email marketing campaign provider (//)
6-1 (a.3) Our CRM provider and database manager (//)
6-1 (a.4) Microsoft (our IT systems use various Microsoft applications) //;
6-1 (a.5) Our warehousing system provider (Billbee) who will further share the necessary personal information with delivery companies like DHL, DPD, etc. //6-1 (a.6) Our mailing house service providers, who process personal data on our behalf for running mail marketing campaigns;( //)
6-1 (b) professional advisors acting as processors: including lawyers, bankers and insurers who provide consultancy, banking, legal, insurance and accounting services;
6-1 (c) We may also disclose your personal data to our supply and delivery partners, insurance company for the purpose of processing and fulfilling your order. Whenever such disclosures are made, they will be subject to contractual arrangements with us and carried out in accordance with the requirements of the GDPR.
6-1 (d) if you opted in on the marketing consent statement to receive information about third party products and services, trusted third parties whose products, services and other offers we believe may be of interest to you. You will be able to opt-out of such communications at any time by following the unsubscribe link in any of the emails which we send to you;
6-2 We may also share your personal information with third parties:
6-2 (a) in the event that TUA and substantially all of its assets are acquired by a third party (in which case personal information about customers will be one of the transferred assets);
6-2 (b) if we are forced to disclose or share your personal data in order to comply with legal obligations
6-2 (c) in order to enforce or apply any contract with you; or to protect our rights, property, or safety of our employees, customers, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.
7Storage of personal data
7-1 We store your personal information as long as necessary for the purposes listed in paragraph 4.
7-2 The appropriate retention period for personal data is determined considering the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which your personal data is processed and whether we can achieve the same purposes through other means, and the applicable legal regulations.7-3 Instead of destroying or erasing your personal information, we may anonymize it in a way so that it cannot be associated with or be traced back to you. If you are an employee, worker or contractor of the company we will retain and securely destroy your personal information in accordance with applicable laws and regulations.7-4 If you want us to erase your data prior to this period, please contact us under firstname.lastname@example.org.
8-1 You may request a copy of your personal data by contacting email@example.com. In your request please include details of the to you relevant time periods, to help us to locate the data you are requesting.
8-2 Where ever processing is based on consent, you may withdraw your consent at any time. You can do this by, following the unsubscribe link in any one of the marketing emails we send you or by contacting us under firstname.lastname@example.org.
8-3 If you think we my hold inaccurate information about you, please contact us under email@example.com and describe your case to us. Please include the updated information.
8-4 You can ask us to delete your personal data. Please contact us firstname.lastname@example.org specify which information you would like us to delete and why.
8-5 You can ask us to provide you with the personal information that we hold about you in a structured, commonly used and machine readable form. You can also ask us to send such personal data to another data controller.
8-7 You can make a complaint about our data processing activities to a supervisory authority, such as ‘Autoriteit personsgegevens’ in the Netherlands or ‘Der Bundesbeauftragte fuer den Datenchutz und die Informationsfreiheit’ in Germany. You can find a list of the national responsible institutions on: edpb.europa.eu/about-edpb/board/members_en
8-9 You will neither have to pay a fee to access your personal data nor to exercise any of your other rights. However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request.
8-10 We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data, or to exercise any of your other rights. This security measure is in place in order to ensure that personal data is not disclosed to any person who has no right to access it. We can also contact you in order to request further information in relation to your case to speed up our response.
8-11 We strive to respond to all legitimate inquiries within 30 days. Occasionally it can take us longer than 30 days if your request is very complex or you have made multiple requests. In such cases, we will notify you and keep you updated.
9-1 If you agree we will store a small file of letters and numbers in your browser or the hard drive of your computer. Hose files are called cookies. Cookies contain information that is transferred to your computer’s hard drive.
10Transfers out of the EEA
10-1 In case we transfer your personal data outside of the European Economic Area (EEA) we will ensure that such transfers and the processing of personal data outside the EEA is lawful and that your personal data is stored and transferred securely and in accordance with the GDPR.
11Security and Data Storage
11-1 We treat all of your information with strict confidence. We will also make sure that all reasonable steps are taken, in order to keep your personal information secure once it has been transferred to our systems. We implement and keep implementing appropriate data collection, storage and processing practices and security measures, aiming to protect your personal data against unauthorized access, alterations, disclosure or destruction.
11-2 Your personal data may be stored in a cloud storage system by our IT service providers mentioned in section 6 above. We take steps to ensure that these third parties implement appropriate technical and security measures, in order to protect your data.
11-3 Please note that we can not guarantee 100% safety for any of the information that you disclose online. This is because the Internet in itself is a not secure medium. By agreeing to this policy, you accept the inherent risk the internet bares and agree to not hold us liable for lost or stolen data.