Privacy Policy

This Privacy Policy explains how Tavondi collects, uses, stores and protects the personal data of users of the website tavondi.com and the related services.

It also aims to inform users of their rights in accordance with the General Data Protection Regulation (GDPR), the UK GDPR where applicable, and any applicable data protection laws.

By using the website and the Tavondi services, the user acknowledges that they have read this Privacy Policy.

The controller of the personal data collected through the website is ROLLING BAY LIMITED, a company registered in England and Wales under number 13943053.

Registered office: Office 3, Suite A, 13 Reeves Way, South Woodham Ferrers, CM3 5XF, United Kingdom.

Contact address: contact@tavondi.com

For any request, users are invited to use the chat available on the website as a priority.

3.1 – Categories of data collected

In connection with the use of the Tavondi services, the following categories of data may in particular be collected:

• identification data, such as first name, last name, email address and telephone number,
• connection data, such as IP address, browser used, date and time of connection and pages viewed,
• payment and invoicing information, it being specified that full bank card details are not stored directly by Tavondi,
• data relating to requests submitted to the service, history of exchanges and usage preferences,
• technical and security data necessary for the proper operation of the website and for the prevention of unauthorised access.

3.2 – Purposes of processing

These data may be collected and processed for the following purposes:

• managing user accounts, subscriptions and subscribed services,
• providing, organising, performing and improving the services offered,
• ensuring the monitoring of payments, transactions and invoicing,
• communicating with users, in particular in connection with customer support, service notifications and important information,
• ensuring website security, preventing fraud, detecting abusive use and protecting access,
• personalising certain content or services according to expressed preferences,
• sending administrative, contractual or legal information where required by law or where necessary,
• offering promotions, updates or marketing communications where the user has validly consented or where applicable law permits it.

The processing of personal data carried out by Tavondi is based, depending on the case, on one or more of the following legal bases:

• the performance of a contract or of pre-contractual measures, in particular for the management of subscriptions, services, payments and user requests,
• compliance with legal and regulatory obligations, in particular in relation to accounting, tax, security or retention of certain information,
• the legitimate interests of Tavondi, in particular to ensure website security, prevent fraud, improve services, manage the user relationship and defend its rights,
• the user’s consent, where required, in particular for certain cookies, certain personalisation operations or certain marketing communications.

Where processing is based on consent, the user may withdraw that consent at any time, without affecting the lawfulness of any processing carried out before such withdrawal.

5.1 – Hosting

Personal data are hosted on servers located in Ireland and the Netherlands.

5.2 – Security

Tavondi implements appropriate technical and organisational measures in order to ensure a level of security appropriate to the risks, including:

• encryption of exchanges using secure protocols,
• access control and access limitation measures,
• monitoring and protection measures against unauthorised access,
• internal procedures designed to preserve the confidentiality, integrity and availability of data.

Despite these precautions, no transmission or storage system can guarantee absolute security. Tavondi nevertheless endeavours to protect personal data in accordance with reasonably applicable standards.

6.1 – Recipients of data

The personal data collected may be disclosed, to the extent strictly necessary, to the following categories of recipients:

• authorised internal Tavondi teams,
• technical service providers involved in hosting, maintenance, security, communication tools, support or website management,
• payment or invoicing providers involved in the secure processing of transactions,
• partners or providers involved in the performance of a service requested by the user, where necessary,
• administrative authorities, courts or competent bodies where required by law or where a legally grounded request is made.

Tavondi does not sell its users’ personal data to third parties.

6.2 – Transfers outside the European Economic Area

As far as possible, data are processed and hosted within the European Economic Area.

If a transfer of data outside the European Economic Area is necessary, Tavondi will ensure that such transfer is based on a protection mechanism compliant with the applicable regulations, such as an adequacy decision, appropriate contractual clauses or any other legally recognised safeguard.

Personal data are retained only for as long as necessary for the purposes for which they were collected, subject to legal obligations requiring longer retention.

For information purposes:

• data relating to the user account and the contractual relationship are retained for the duration of the active relationship and thereafter for a limited period necessary for handling requests, evidencing rights and protecting Tavondi’s interests,
• transaction and invoicing data may be retained for the period required by applicable accounting, tax and legal obligations,
• connection data, technical logs and security elements are retained for a limited period appropriate to their purpose,
• data used for marketing purposes are retained for a proportionate period, unless the user objects or withdraws consent where consent is required.

At the end of the applicable retention periods, data are deleted or securely anonymised, unless intermediate retention is necessary due to a legal obligation or for the establishment, exercise or defence of legal claims.

In accordance with the applicable regulations, each user has, subject to the conditions provided by law, the following rights:

• the right of access to their personal data,
• the right to rectify inaccurate or incomplete data,
• the right to erasure of their data in the cases provided for by the regulations,
• the right to restriction of processing in certain situations,
• the right to object to the processing of their data, in particular for reasons relating to their particular situation or in relation to marketing,
• the right to data portability where applicable,
• the right to withdraw consent at any time where processing is based on consent,
• the right to give instructions regarding the fate of their data after death, where the applicable regulations so provide.

Any request to exercise rights may be sent to: contact@tavondi.com

Tavondi will endeavour to respond as soon as possible and at the latest within the applicable legal time limit, except in the case of complex requests or a high number of requests justifying an extension permitted by law.

The user also has the right to lodge a complaint with the competent data protection supervisory authority.

9.1 – Use of cookies

The website uses cookies and similar technologies in order to ensure its proper operation, measure audience, improve user experience, remember certain preferences and, where applicable, provide adapted content or offers.

9.2 – Categories of cookies that may be used

Depending on the configuration of the website, the cookies used may include:

• cookies strictly necessary for the operation of the website,
• audience measurement cookies,
• personalisation cookies,
• advertising or targeting cookies, subject to the user’s consent where such consent is required.

9.3 – Management of preferences

The user may manage their cookie preferences via the banner or consent management tool displayed on the first visit or made accessible afterwards, or via their browser settings. Where consent is required, it may be refused or withdrawn at any time.

9.4 – Retention period relating to cookies

Cookies and other trackers are not retained beyond a period proportionate to their purpose. Where consent is required, the choice expressed by the user is kept for a limited period. The periods applicable to trackers and associated data are determined according to their purpose, nature and applicable regulatory requirements.

Tavondi may amend this Privacy Policy at any time in order to reflect legal, regulatory, technical or processing practice developments.

In the event of a material change, the user may be informed by any appropriate means, including by email, website notification or the highlighting of a new version of the Policy.

The applicable version is the one published on the website on the date of consultation.

For any question relating to this Privacy Policy or to exercise a right relating to personal data protection, the user may contact Tavondi. For any request, users are invited to use the chat as a priority.

Email address: contact@tavondi.com