TivimatePro is fully committed to complying with the General Data Protection Regulation (GDPR) and the UK Data Protection Act 2018. This page explains how we protect your personal data and respect your rights as a data subject.
1. What is GDPR?
The General Data Protection Regulation (GDPR) is a European Union regulation that came into effect on 25 May 2018. It gives individuals greater control over their personal data and imposes strict requirements on organisations that collect and process personal information. The UK has adopted similar provisions through the UK Data Protection Act 2018.
2. Data Controller
For the purposes of GDPR, TivimatePro acts as the Data Controller for the personal data we collect from our customers. Our contact details are:
- Organisation: TivimatePro
- Email: contact@tivimatepro.shop
- Address: London, United Kingdom
3. Lawful Basis for Processing
We only process your personal data when we have a valid lawful basis under GDPR Article 6:
- Consent: When you explicitly agree to data processing (e.g., marketing emails)
- Contract: To fulfil our subscription service agreement with you
- Legal Obligation: To comply with tax, accounting, or regulatory requirements
- Legitimate Interest: To improve our services and prevent fraud
4. Your Rights Under GDPR
As a data subject, you have the following rights:
Right to Access (Article 15)
You can request a copy of all personal data we hold about you, free of charge, within one month of your request.
Right to Rectification (Article 16)
You can request correction of inaccurate or incomplete personal data we hold about you.
Right to Erasure – “Right to be Forgotten” (Article 17)
You can request deletion of your personal data when it is no longer necessary for the purpose it was collected, subject to legal obligations we may have.
Right to Restrict Processing (Article 18)
You can request that we limit how we use your data while we verify accuracy or address your concerns.
Right to Data Portability (Article 20)
You can request to receive your personal data in a structured, commonly used, machine-readable format and transfer it to another service.
Right to Object (Article 21)
You can object to processing of your personal data based on legitimate interests or for direct marketing purposes.
Right to Withdraw Consent
Where we rely on your consent, you can withdraw it at any time without affecting the lawfulness of previous processing.
5. Data We Collect
We collect only the data necessary to provide our service:
- Identity Data: Name, username
- Contact Data: Email address, phone number (for WhatsApp support)
- Financial Data: Payment method details (processed via secure third parties)
- Transaction Data: Purchase history, subscription details
- Technical Data: IP address, browser type, device information
- Usage Data: How you use our website and service
6. Data Storage & Security
We implement appropriate technical and organisational measures to protect your data:
- SSL/TLS encryption for all data transmissions
- Secure server hosting with industry-standard protections
- Limited access to personal data on a need-to-know basis
- Regular security audits and updates
- Employee training on data protection
- Incident response procedures for data breaches
7. Data Retention
We retain your personal data only as long as necessary:
- Active Subscriptions: For the duration of your subscription
- Inactive Accounts: 12 months after last activity, then anonymised or deleted
- Financial Records: 7 years (legal requirement for tax/accounting)
- Marketing Data: Until you withdraw consent
8. International Data Transfers
If we transfer your data outside the UK or European Economic Area (EEA), we ensure appropriate safeguards are in place, such as:
- Standard Contractual Clauses approved by the European Commission
- Adequacy decisions for countries with equivalent data protection
- Binding Corporate Rules for intra-group transfers
9. Data Breach Notification
In the event of a personal data breach that poses a risk to your rights:
- We will notify the relevant supervisory authority within 72 hours
- We will inform affected individuals without undue delay
- We will provide details of the breach and steps being taken
10. How to Exercise Your Rights
To exercise any of your GDPR rights, contact us at contact@tivimatepro.shop with the subject line “GDPR Request”. Please include:
- Your full name and registered email address
- The specific right you wish to exercise
- Any additional information to help us verify your identity
- The data or processing activity in question
We will respond to your request within one calendar month. Complex requests may take longer, in which case we will notify you of the delay and reasons.
11. Right to Lodge a Complaint
If you believe we have not handled your data properly, you have the right to lodge a complaint with the supervisory authority:
UK Information Commissioner’s Office (ICO):
Website: ico.org.uk
Helpline: 0303 123 1113
12. Children’s Data
Our service is not intended for individuals under 18. We do not knowingly collect data from children. If we discover such data has been collected, we will delete it promptly.
13. Updates to This Policy
We may update our GDPR Compliance information periodically. Significant changes will be communicated via email or prominent website notice.
14. Contact Our Data Protection Team
For all GDPR-related inquiries:
- Email: contact@tivimatepro.shop
- Subject Line: “GDPR Request” or “Data Protection Inquiry”
- Address: London, United Kingdom