Tengerly Trading

Privacy Policy

Your privacy is important to us. Learn how we protect your personal data.

Last Updated: October 6, 2025

Introduction

Tengerly Trading OÜ ("we," "our," or "us") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, store, and protect your information when you use our e-commerce platform at tengerly.com.

We comply with the General Data Protection Regulation (GDPR) and other applicable data protection laws. As a business registered in Estonia and operating within the European Union, we adhere to the highest standards of data protection.

1. Data Controller Information

Company Name: Tengerly Trading OÜ

Registration: Estonia

Website: https://tengerly.com

Email: hello@tengerly.com

Data Protection Contact: hello@tengerly.com

2. Information We Collect

2.1 Information You Provide

  • Account Information: Email address, password (encrypted), first name, last name, phone number
  • Shipping & Billing Information: Full name, address, postal code, city, country, phone number
  • Order Information: Products purchased, quantities, prices, payment method
  • Communication Data: Contact form messages, email correspondence, customer support inquiries
  • Payment Information: Processed securely through PayPal (we do not store credit card details)

2.2 Information Automatically Collected

  • Technical Data: IP address, browser type, device information, operating system
  • Usage Data: Pages visited, time spent on site, products viewed, shopping cart activity
  • Cookies: Session cookies, authentication tokens, preference cookies (see Section 7)

2.3 Third-Party Information

  • PayPal: Payment confirmation, transaction ID, payer information
  • Google reCAPTCHA: Bot detection data (IP address, browser data)
  • Intercom: Support chat data (if you use our live chat)

3. How We Use Your Information

3.1 Order Processing

To process your orders, arrange delivery, send order confirmations, and provide customer support.

Legal basis: Contract performance (GDPR Art. 6(1)(b))

3.2 Account Management

To create and manage your account, authenticate your login, and maintain your preferences.

Legal basis: Contract performance (GDPR Art. 6(1)(b))

3.3 Communication

To send order updates, respond to inquiries, send password reset emails, and account notifications.

Legal basis: Contract performance & Legitimate interest (GDPR Art. 6(1)(b)(f))

3.4 Marketing (Optional)

To send promotional emails, product updates, and special offers (only if you opt-in).

Legal basis: Consent (GDPR Art. 6(1)(a)) - You can unsubscribe anytime

3.5 Legal Compliance

To comply with tax laws, accounting requirements, and other legal obligations.

Legal basis: Legal obligation (GDPR Art. 6(1)(c))

3.6 Security & Fraud Prevention

To protect against fraud, unauthorized access, and ensure platform security (reCAPTCHA verification).

Legal basis: Legitimate interest (GDPR Art. 6(1)(f))

4. How We Share Your Information

We do not sell your personal data. We only share information with trusted third parties necessary for our business operations:

4.1 Payment Processors

PayPal - Payment processing (subject to PayPal's privacy policy)

We do not store credit card information on our servers.

4.2 Email Service Provider

Brevo (Sendinblue) - Transactional emails, order confirmations, newsletters

EU-based service, GDPR compliant

4.3 Cloud Storage

DigitalOcean Spaces - Product images and media files

Frankfurt (Germany) data center, EU data residency

4.4 Customer Support

Intercom - Live chat and customer support

Only if you initiate a support conversation

4.5 Security & Spam Prevention

Google reCAPTCHA v3 - Bot detection and spam prevention

Subject to Google's privacy policy

Note: All third-party services we use are GDPR-compliant and have appropriate data processing agreements in place.

5. Data Retention

We retain your personal data only as long as necessary for the purposes outlined in this policy:

Account Data

Active accounts: Until you delete your account or request deletion

Order & Transaction Data

7-10 years (EU tax and accounting requirements)

Email Communications

Until you unsubscribe or delete your account

Analytics & Usage Data

Aggregated data: Retained indefinitely (anonymized, no personal identification)

Account Deletion: When you delete your account, we anonymize your personal data immediately while retaining order history for legal compliance. See our Account Deletion Policy for details.

6. Your Rights Under GDPR

As a data subject in the European Union, you have the following rights:

✓ Right to Access (Article 15)

Request a copy of your personal data we hold.

✓ Right to Rectification (Article 16)

Correct inaccurate or incomplete personal data.

✓ Right to Erasure (Article 17)

Request deletion of your personal data ("Right to be Forgotten").

✓ Right to Restriction (Article 18)

Limit how we use your personal data.

✓ Right to Data Portability (Article 20)

Receive your data in a machine-readable format.

✓ Right to Object (Article 21)

Object to processing based on legitimate interests or direct marketing.

✓ Right to Withdraw Consent (Article 7)

Withdraw consent for marketing emails or data processing anytime.

✓ Right to Lodge a Complaint

File a complaint with your local data protection authority.

How to Exercise Your Rights

Contact us at:

  • Email: hello@tengerly.com
  • Account Settings: Manage your data directly in your account dashboard
  • Delete Account: Available in Account Settings → Danger Zone

We will respond to your request within 30 days as required by GDPR.

7. Cookies and Tracking Technologies

We use cookies to enhance your experience on our website. You can manage your cookie preferences through our Cookie Consent banner.

Essential Cookies (Always Active)

Required for authentication, shopping cart, session management, and security.

Examples: customer_token, anonymous_cart, checkout_data

Analytics Cookies (Optional)

Help us understand how visitors use our website to improve user experience.

You can opt-out through the Cookie Consent banner.

Marketing Cookies (Optional)

Used for personalized advertising and remarketing campaigns.

You can opt-out through the Cookie Consent banner.

8. Data Security

We implement industry-standard security measures to protect your personal data:

🔒 Encryption

SSL/TLS encryption for data transmission

🔐 Password Protection

Bcrypt hashing for password storage

🛡️ Access Control

Role-based access for admin panel

🤖 Bot Protection

Google reCAPTCHA v3 for spam prevention

💳 Payment Security

PayPal integration (PCI DSS compliant)

🗄️ Database Security

PostgreSQL with secure authentication

Note: While we implement robust security measures, no method of transmission over the Internet is 100% secure. Please use strong passwords and keep your account credentials confidential.

9. Children's Privacy

Our services are not directed to individuals under the age of 16. We do not knowingly collect personal data from children. If you believe we have inadvertently collected information from a child, please contact us immediately at hello@tengerly.com.

10. International Data Transfers

Your data is primarily stored and processed within the European Union:

  • Database: Hosted in EU data centers
  • Media Storage: DigitalOcean Spaces (Frankfurt, Germany)
  • Email Service: Brevo (EU-based)

Some third-party services (PayPal, Google reCAPTCHA, Intercom) may transfer data outside the EU. These transfers are protected by appropriate safeguards such as Standard Contractual Clauses (SCCs) and adequacy decisions.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes by:

  • Updating the "Last Updated" date at the top of this page
  • Sending an email notification to registered users
  • Displaying a prominent notice on our website

Your continued use of our services after any changes indicates your acceptance of the updated policy.

12. Contact Us

If you have any questions about this Privacy Policy or how we handle your personal data, please contact us:

Email: hello@tengerly.com

Website: tengerly.com/contact

Company: Tengerly Trading OÜ

Registration: Estonia (EU)

We aim to respond to all inquiries within 30 days as required by GDPR.

Your Right to Complain

If you believe we have not handled your personal data properly, you have the right to lodge a complaint with your local data protection authority. In Estonia, this is:

Estonian Data Protection Inspectorate

Website: www.aki.ee/en

Privacy Policy | Tengerly Trading