FREE SHIPPING WORLDWIDE

GDPR & Security

Tinga Tinga Art is a secure platform that allows shoppers to pay securely. We have invested in the best ecommerce and payment platforms to ensure the buying process is as smooth as possible.

What is the GDPR?

The European Union's General Data Protection Regulation (GDPR) came into effect on May 25, 2018. The GDPR imposes new obligations and responsibilities on controllers and processors of data.

As a merchant, we are generally the controller of our customers’ data. This means that we collect customers’ data and choose how it is handled. 

Shopify is a processor for our customers’ data, Shopify follows our instructions on how to handle that data. For more information about the roles of data controller and processor, please see Shopify’s GDPR whitepaper (in English).

For information about Shopify’s obligations as a data processor for our customers' data, see the Data Processing Addendum.

Shopify believes strongly in protecting customers’ personal data, and understands that doing so is critical to helping them preserve the trust and confidence of customers. Shopify has designed its platform to allow merchants to operate anywhere in the world.

The GDPR doesn't require personal data to be stored in Europe. The GDPR requires only that if the personal data of European residents is transported outside of Europe, then that personal data must be adequately protected.

Shopify protects personal data according to the requirements of the GDPR as it is transferred to the United States and Canada and stored.

GDPR-compliant features are built into Shopify's platform, including features to enable them to offer customers transparency into and control over their personal data, and technical measures to ensure that customers’ personal data is protected as it crosses borders. Shopify believes in making it easy for us to use their platform in a manner that complies with privacy and data protection laws like the GDPR.

For more information on Shopify's role on the GDPR, see here.

Payments

One of our payment providers, DPO Group is always determined to keep up with the highest level of security and standards to protect merchants and customers. DPO processes payments from customers all across the globe hence the requirement for them to be GDPR compliant.

In the context of GDPR, DPO is both controller and processor: a customer inputs their personal details (name, address, credit card details) into the merchant system via the DPO API. DPO then uses the information to complete the transaction between their system, and that of the associated credit bureau or bank. DPO is fully compliant with GDPR laws and standards, and strives to go above and beyond in all matters of data privacy and security. They have all of the necessary technical and organizational structures in place to uphold this high standard. 

PCI Compliance:

Furthermore, all our payment providers are PCI-DSS Level 1 certified, ensuring that all systems and information involved in the payment process is kept secure, and can be trusted with sensitive payment information. More information on our payment provider's PCI certification can be found here

SSL Certificate:

All webpages on our website, including our external payment provider are HTTPS secure with an SSL certificate. SSL stands for Secure Sockets Layer and, in short, it's the standard technology for keeping an internet connection secure and safeguarding any sensitive data that is being sent between two systems, preventing criminals from reading and modifying any information transferred, including potential personal details.

What European Countries are Part of GDPR?

GDPR covers all of the European Union Member States, which includes: Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, and Sweden.

The United Kingdom is still part of the EU and thus governed by GDPR. This includes: Channel Isles, England, Northern Ireland, Scotland, and Wales.
GDPR also includes European Economic Area Countries, such as Iceland, Lichtenstein, and Norway. 

The GDPR places equal liability on data controllers (the organization that owns the data) and data processors (outside organizations that help manage that data). A third-party processor not in compliance means our organization is not in compliance. The new regulation also has strict rules for reporting breaches that everyone in the chain must be able to comply with. Organizations must also inform customers of their rights under GDPR.

Please see DPO's privacy policy and other related documents below:

 

 

Shipping

We use DHL Express for a selection of our exports (based on customer request or our own discretion).

DHL manages freight security through a global incident reporting room and more than 100 highly secure locations, more than the entire forwarding and logistics industry.

Each of these benefits from instant communication with local and international law enforcement authorities. They also use state-of-the-art risk assessment to ensure that consignments are protected.

For other shipments, we use the local post office, which is a member of the Universal Postal Union. The UPU recognizes that the safety and security of the postal sector as part of the global supply chain is critical to supporting worldwide commerce and communication. To facilitate the development and implementation of security standards and best practices among Posts, the UPU has established the Postal Security Group (PSG) which can read more about here

We may also use other professional couriers after evaluating their professional credentials. 

Contact

Contact us for additional information related to your privacy and security:

dataprotection@tingatingaart.com

Contact DPO Group for more information on their compliance with GDPR and security compliance:

support@directpay.online

Other privacy related pages:

Size chart

Centimeters (CM)

Inches (IN)

50CM x 40CM

19 11/16 in X 15 3/4 in

60CM x 60CM

23 5/8 in X 23 5/8 in

70CM X 50CM

27 9/16 in X 19 11/16 in

80CM X 60CM

31 1/2 in X 23 5/8 in

100CM X 80CM

39 3/8 in X 31 1/2 in

140CM X 110CM

55 1/8 in X 43 5/16 in