Privacy policy (GDPR-Compliant)

Last updated: 08 31 2025

This Privacy Policy describes how TEAPHOR (Teaphor Company) (“we,” “our,” or “us”) collects, uses, and protects your personal information when you visit our website, make a purchase, or otherwise interact with our services.

We are committed to protecting your privacy and complying with the General Data Protection Regulation (EU) 2016/679 (GDPR), the UK GDPR, and the Swiss Federal Data Protection Act (FADP).

1. Data Controller

• Company Name: TEAPHOR (Teaphor Company)

• Legal Form: Entrepreneur individuel

• RCS Number: 893 736 470 R.C.S. Montpellier

• SIRET: 893 736 470 00012

• VAT Number: FR24893736470

• Email (privacy inquiries): [email protected]

2. Information We Collect

We may collect the following categories of personal information when you use our website or services:

• Identity & Contact Data: name, email, phone number, billing/shipping address.

• Account Data: login credentials if you create an account.

• Transaction Data: payment information (processed securely by third-party providers; we do not store full card details).

• Technical Data: IP address, browser type, device information, cookies.

• Marketing & Communications Data: your preferences for receiving communications.

3. How We Use Your Information

We use your personal information for the following purposes:

• To provide and deliver our products and services (Art. 6(1)(b) GDPR).

• To process payments and manage transactions.

• To communicate with you regarding your order, inquiries, or requests.

• To send you marketing communications (based on your consent, Art. 6(1)(a) GDPR).

• To improve our website and services, including analytics and advertising.

• To comply with legal obligations (Art. 6(1)(c) GDPR).

4. Legal Bases for Processing

We process your data under the following legal bases:

• Contractual necessity – to perform our obligations under a contract with you.

• Consent – for marketing and optional cookies.

• Legitimate interests – to improve our services and prevent fraud.

• Legal obligation – to comply with applicable law (e.g., tax, accounting).

5. Cookies and Tracking

We use cookies and similar technologies to:

• Enable website functionality.

• Measure performance and usage (e.g., Google Analytics).

• Deliver personalized advertising (e.g., Meta Ads, Google Ads).

You can manage cookies via our cookie banner or through your browser settings.

6. Data Sharing and Third Parties

We may share your personal information with trusted third parties, including:

• Payment processors (Stripe, PayPal, Apple pay, Google Pay).

• Hosting and infrastructure providers (EU-based servers).

• Analytics and advertising providers (Google, Meta/Facebook/Instagram).

• Email and communication services (e.g., Mailchimp, SendGrid).

All third parties process your data in accordance with GDPR and under Data Processing Agreements (DPAs).

7. International Data Transfers

Our servers are located in the European Union.

However, some third-party providers (e.g., Google, Meta, Stripe) are based in the United States.

When data is transferred outside the EU/UK/Switzerland, we rely on:

• The European Commission’s Standard Contractual Clauses (SCCs).

• The UK International Data Transfer Addendum (IDTA) where applicable.

8. Data Retention

We keep your personal data only for as long as necessary:

• Order & transaction records: 10 years (legal obligation in France).

• Marketing data: until you withdraw your consent.

• Account data: until you request deletion.

9. Your Rights (GDPR, UK GDPR, FADP)

You have the following rights:

• Right of access to your data.

• Right to rectification (correction).

• Right to erasure (“right to be forgotten”).

• Right to restrict processing.

• Right to data portability.

• Right to object to processing (including marketing).

• Right to withdraw consent at any time.

You may exercise your rights by contacting us at [email protected].

We will respond within 30 days in accordance with GDPR.

10. Security Measures

We implement appropriate technical and organizational measures (encryption, secure hosting, access controls) to protect your personal information.

However, no system is completely secure, and we cannot guarantee absolute protection.

In case of a data breach, we will notify the competent authorities within 72 hours and affected individuals where required.

11. Children’s Privacy

Our services are not directed at children under the age of 16. We do not knowingly collect personal information from minors.

12. Contact Us

If you have questions about this Privacy Policy or your personal data, you may contact us at:

TEAPHOR (Teaphor Company)
Email: [email protected]

For privacy reasons, the full postal address of the data controller is not published online.
It can be obtained upon legitimate request by contacting us at the above email address
or through our website host:

Hostinger International Ltd.
Jonavos g. 60C, 44192 Kaunas, Lithuania
Website: https://www.hostinger.com