GDPR

GDPR Compliance & Privacy Notice

 

Thank you for shopping with Torinka.com ("Torinka", "we", "us", "our"). Your privacy is important to us. This Privacy Notice explains how we collect, use, disclose, retain, and protect your personal data when you visit torinka.com, purchase our home‑furniture and décor products, or otherwise interact with us. It is drafted to meet the requirements of the UK GDPR, the Data Protection Act 2018, and—where applicable—the EU GDPR.

Legal disclaimer: This document is provided for general informational purposes only and does not constitute legal advice. We recommend that you obtain professional advice to ensure that your privacy notice fully complies with all applicable laws.

1. Who is the Data Controller?

Torinka LLC
258 Hoover St, Lebanon, MO 65536, United States

Email: contact@torinka.com

2. What personal data do we collect?

Category

Examples

Collected when

Identity & Contact Data

name, billing & delivery address, telephone, email

you place an order, create an account, join our mailing list

Transaction Data

products purchased, payment card last 4 digits, order value, VAT number

you complete checkout

Technical Data

IP address, browser type & version, time‑zone setting, cookie ID, device identifiers

you browse the site

Usage Data

pages viewed, clicks, referring URLs, error logs

you interact with the site

Marketing Preferences

opt‑in/opt‑out status, communication channel choices

you set your preferences

We do not intentionally collect special category (sensitive) personal data.

3. For what purposes—and on what legal bases—do we process your data?

Purpose

Legal basis (UK GDPR Art. 6)

Process and deliver your order (including payments, shipping, returns, warranties)

Contract (Art. 6 (1)(b))

Create and manage your customer account

Contract (Art. 6 (1)(b))

Respond to your enquiries or complaints

Legitimate interests (Art. 6 (1)(f))—to provide efficient customer service

Send service emails (e.g. order confirmations, shipment updates)

Legitimate interests (Art. 6 (1)(f))

Send marketing emails or SMS

Consent (Art. 6 (1)(a))

Prevent fraud and secure our services

Legitimate interests (Art. 6 (1)(f))—protect our business & customers

Maintain business records & meet tax obligations

Legal obligation (Art. 6 (1)(c))

Analyse site performance & improve products

Legitimate interests (Art. 6 (1)(f))

Where we rely on legitimate interests, we balance those interests with your fundamental rights and freedoms.

4. Cookies & Similar Technologies

We use first‑party and third‑party cookies to operate our site, remember your basket, analyse traffic, and deliver personalised ads. For full details—and to manage your preferences—please see our separate Cookie Notice.

5. How do we share your data?

We share data only when necessary:

·       Service providers (payment processors, fulfilment centres, IT‑hosting, email/SMS platforms).

·       Professional advisors (lawyers, accountants, auditors).

·       Regulators & law enforcement when required by law or to protect our rights.

All third parties are bound by contracts requiring them to safeguard your data and use it only for specified purposes.

6. International transfers

Your data may be transferred to—and processed in—the United States and other countries outside the UK/EEA that do not have the same data‑protection laws. When we do so, we ensure appropriate safeguards, such as UK Addendum to the EU Standard Contractual Clauses (SCCs) or an adequacy decision, are in place.

7. Data retention

We keep your personal data only as long as necessary for the purposes set out above, including to comply with legal, accounting, or reporting obligations. Typical retention periods:

·       Orders & invoices – 7 years after the end of the financial year.

·       Customer accounts – active until you request deletion; then anonymised within 30 days.

·       Marketing consents – until withdrawal or 24 months of inactivity.

8. Your data‑protection rights

Under the UK/EU GDPR you have the right to:

1.     Access your personal data.

2.     Rectify inaccurate or incomplete data.

3.     Erase data ("right to be forgotten").

4.     Restrict processing.

5.     Data portability.

6.     Object to processing (including direct marketing).

7.     Withdraw consent at any time.

8.     Lodge a complaint with a supervisory authority.

For UK customers, the supervisory authority is the Information Commissioner’s Office (ICO). See www.ico.org.uk.

9. How to exercise your rights

Email us at contact@torinka.com or write to the address in section 1. We aim to respond within one month. We may need to verify your identity. Requests are normally free; a reasonable fee may apply for manifestly unfounded or excessive requests.

10. Security measures

We implement administrative, technical, and physical controls—such as HTTPS encryption, access controls, and periodic security assessments—to protect your data against unauthorised access, alteration, or loss.

11. Children

Torinka.com is not directed to, and we do not knowingly collect data from, children under 16. If you believe a child has provided us data, please contact us, and we will delete it.

12. Changes to this notice

We may update this notice from time to time. Any significant changes will be posted on this page and—where appropriate—sent to you by email. Please review regularly.

13. Contact us

For questions about this notice or our privacy practices, contact our Data Protection Officer (DPO) at contact@torinka.com or the postal addresses in section 1.

© 2025 Torinka LLC All rights reserved.