Security Policy

At TingaTinga African Art, we pride ourselves on delivering a secure and seamless payment platform that prioritizes the satisfaction of our valued customers across the globe. Our unwavering commitment to providing a superior buying experience is evident in our investment in cutting-edge ecommerce and payment technologies.


As one of our esteemed payment providers, DPO Group is unwavering in its commitment to maintaining the highest level of security and standards to safeguard the interests of both merchants and customers.

Given that DPO processes payments from customers all around the world, it is imperative for them to adhere to the stringent requirements of the General Data Protection Regulation (GDPR).

In the context of GDPR, DPO is both controller and processor: a customer inputs their personal details (name, address, credit card details) into the merchant system via the DPO API. DPO then uses the information to complete the transaction between their system, and that of the associated credit bureau or bank.

DPO is fully compliant with GDPR laws and standards, and strives to go above and beyond in all matters of data privacy and security. They have all of the necessary technical and organizational structures in place to uphold this high standard. 

PCI Compliance:

Furthermore, all our payment providers are PCI-DSS Level 1 certified, ensuring that all systems and information involved in the payment process is kept secure, and can be trusted with sensitive payment information. More information on our payment provider's PCI certification can be found here. 

SSL Certificate:

All webpages on our website, including our external payment provider are HTTPS secure with an SSL certificate. SSL stands for Secure Sockets Layer and, in short, it's the standard technology for keeping an internet connection secure and safeguarding any sensitive data that is being sent between two systems, preventing criminals from reading and modifying any information transferred, including potential personal details.

What is the GDPR?

Transparency and informing the public about how their data are being used are two basic goals of the GDPR.

The European Commission summarizes GDPR as: Privacy by design and privacy by default. This means that any action that involves processing personal data must be done with data protection and privacy built into every step. Once a product or service has been released, the strictest privacy settings must apply by default.

The European Union's General Data Protection Regulation (GDPR) came into effect on May 25, 2018. The GDPR imposes new obligations and responsibilities on controllers and processors of data.

As a merchant, we are generally the controller of our customers’ data. This means that we collect customers’ data and choose how it is handled. 

Shopify is a processor for our customers’ data, Shopify follows our instructions on how to handle that data. For more information about the roles of data controller and processor, please see Shopify’s GDPR whitepaper (in English).

For information about Shopify’s obligations as a data processor for our customers' data, see the Data Processing Addendum.

Shopify believes strongly in protecting customers’ personal data, and understands that doing so is critical to helping them preserve the trust and confidence of customers. Shopify has designed its platform to allow merchants to operate anywhere in the world.

The GDPR doesn't require personal data to be stored in Europe. The GDPR requires only that if the personal data of European residents is transported outside of Europe, then that personal data must be adequately protected.

Shopify protects personal data according to the requirements of the GDPR as it is transferred to the United States and Canada and stored.

GDPR-compliant features are built into Shopify's platform, including features to enable them to offer customers transparency into and control over their personal data, and technical measures to ensure that customers’ personal data is protected as it crosses borders. Shopify believes in making it easy for us to use their platform in a manner that complies with privacy and data protection laws like the GDPR.

For more information on Shopify's role on the GDPR, see here.

What European Countries are Part of GDPR?

GDPR covers all of the European Union Member States, which includes: Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, and Sweden.

The United Kingdom is still part of the EU and thus governed by GDPR. This includes: Channel Isles, England, Northern Ireland, Scotland, and Wales.
GDPR also includes European Economic Area Countries, such as Iceland, Lichtenstein, and Norway. 

The GDPR places equal liability on data controllers (the organization that owns the data) and data processors (outside organizations that help manage that data). A third-party processor not in compliance means our organization is not in compliance. The new regulation also has strict rules for reporting breaches that everyone in the chain must be able to comply with. Organizations must also inform customers of their rights under GDPR.

Please see DPO's privacy policy and other related documents below:

For potential customers located in Africa, having access to mobile money wallets, we have the option of payment via M-Pesa, tigo pesa, MTN Money, Airtel Money and others across Eastern and Western Africa.



We are delighted to announce that we now accept payments in Bitcoin and Ethereum for all purchases of our artwork. As part of our commitment to providing convenient and flexible payment options, we are pleased to extend this offering to our customers who prefer to use cryptocurrency for their transactions.

To make a purchase using Bitcoin or Ethereum, simply send us an email to request our unique recipient address. We assure you that the transaction process is secure and user-friendly, ensuring a seamless and hassle-free experience for our customers.

Money orders

For customers who do not have access to credit cards, PayPal, or mobile money wallets, we offer the option to make payments via money orders through popular services such as Moneygram, Western Union, Remitly, or Worldremit. However, it's important to note that this payment option is only available in rare instances. Furthermore, for customers residing in African countries where mobile money wallets are not accessible, we also accept fund transfers through Ecobank's Rapidtransfer money service or UBA Bank's Africash (where available) as alternative options. We understand the importance of providing multiple payment methods to accommodate the diverse needs of our customers in different regions. We strive to make our payment processes as convenient and accessible as possible, and we are constantly evaluating and exploring additional payment options to improve our services and better serve our valued customers.


Our company relies on DHL Express for the majority of our international shipments. DHL is a global leader in freight security and boasts over 100 highly secure locations worldwide. Their advanced risk assessment techniques ensure that every shipment is well-protected.

DHL's comprehensive approach to security includes an incident reporting room that monitors potential threats in real-time, as well as close partnerships with law enforcement authorities around the world. This allows them to respond quickly and effectively to any security issues that may arise.

While DHL is our primary shipping partner, we also work with other reputable carriers such as Skynet, Aramex, and FedEx to ensure that our customers receive their shipments promptly and securely.

Each of these carriers has its own strengths and advantages, and we carefully select the carrier that is best suited to each individual shipment.


Contact us for additional information related to your privacy and security:

Contact DPO Group for more information on their compliance with GDPR and security:

Other related pages:


Size Guide

Centimeters (CM)

Inches (IN)

50CM x 40CM

19 11/16 in X 15 3/4 in

50CM x 50CM

19 11/16 in X 19 11/16 in

60CM x 60CM

23 5/8 in X 23 5/8 in

70CM x 50CM

27 9/16 in X 19 11/16 in

80CM x 60CM

31 1/2 in X 23 5/8 in

100CM x 80CM

39 3/8 in X 31 1/2 in

140CM x 110CM

55 1/8 in X 43 5/16 in