EXCLUSIVE SITEWIDE OFFER:Add 2 Items, Pay Only for 1

Privacy Policy

This Privacy Policy is last updated on 22 January 2023 and concerns TOMO BOTTLE LLC’s website located at https://tomobottle.com/ (the “Website”) and the provision of its goods and services. 

Bearing in mind safety, we follow the rules of applicable law, including Regulation of the European Parliament and of the Council 2016/679 of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46 / EC (General Regulation on Data Protection). By visiting and using the Website and its associated products and services, you agree to the collection and use of information in accordance with this Privacy Policy. 

Please review the Terms and Conditions and this Privacy Policy carefully. If you do not wish to abide by these terms you may not use the Website and/or associated services. You agree that by using TOMO Services, you acknowledge that you permit TOMO to use your Personal Data in the United States, and every other country where TOMO operates. Bear in mind that the privacy laws and regulations in specific countries (including the rights of authorities to access your personal data), may be different from those of your country of residence. 

Age

The Website and its associated products and services are not intended for individuals under the age of eighteen (18), and TOMO does not knowingly collect or solicit any information from anyone under the age of eighteen (18).

By using the Website, you represent that you are at least the age of majority in your state or province of residence, or that you are the age of majority in your state or province of residence and you have given us your consent to allow any of your minor dependents to use this Website.

Terms and definitions used in this Privacy Policy

The words of which the initial letter is capitalized have meanings defined under the following conditions. The following definitions shall have the same meaning regardless of whether they appear in singular or in plural.

 For the purposes of this Privacy Policy:

"GDPR" means EU Regulation 2016/679 on the protection of natural persons with regard to the processing of Personal Data and on the free movement of such data, and repealing Directive 95/46/EC.

"CCPA" means the California Consumer Privacy Act of 2018. 

"TOMO" referred to as "we", "us" or "our" in this Agreement, refers to TOMO BOTTLE LLC. For the purpose of GDPR, TOMO is a Data Controller.

"Data Controller", for the purposes of the GDPR, refers to TOMO as the legal person which alone or jointly with others determines the purposes and means of the processing of Personal Data. 

"Personal Data" is any information that relates to an identified or identifiable individual, in this case – you, a data subject. For the purposes of GDPR, Personal Data means any information relating to you such as a name, an identification number, location data, online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity. 

"Service" collectively refers to the Website and the goods and services offered by TOMO through the Website.

"Service Provider" means any natural or legal person who processes the data on behalf of TOMO as Data Controller. It refers to third-party companies or individuals employed by TOMO to facilitate the Service, to provide the service on behalf of TOMO, to perform services related to the Service or to assist TOMO in analyzing how the Service is used. For the purpose of GDPR, Service Providers are considered Data Processors.

"Consumer", for the purpose of CCPA, means a natural person who is a California resident. A resident, as defined in the law, includes (1) every individual who is in the USA for other than a temporary or transitory purpose, and (2) every individual who is domiciled in the USA, who is outside the USA for a temporary or transitory purpose.

“Special Categories of Data” refers to data connected to a person’s racial or ethnic origin, political views, religious or philosophical beliefs, membership of professional organizations, state of health, sexual life, criminal history, administrative detention, putting a person under restraint, plea bargains, abatement, recognition as a victim of crime or as a person affected, also biometric and genetic data that allow to identify a natural person by the above features.

"Device" means any device that can access the service such as a computer, a cell phone or a digital tablet.

"Do Not Track" (DNT)” is a concept that has been promoted by US regulatory authorities, in particular the U.S. Federal Trade Commission (FTC), for the Internet industry to develop and implement a mechanism for allowing internet Users to control the tracking of their online activities across Websites.

“Direct marketing” refers to offering goods, services, employment or temporary jobs by mail, telephone calls, e-mail or other means of telecommunication.

"you"/”User” means the individual accessing or using the Website and its associated Services, or other legal entity on behalf of which such individual is accessing or using the Website and its associated Services, as applicable. Under GDPR you can be referred to as the Data Subject.

Controller of Personal Data

The controller of your data collected under this Privacy Policy is TOMO BOTTLE LLC, a limited liability company registered in compliance with the laws of the state of Wyoming, the United States of America, with its headquarters in 123 Fuller Drive, West Hartford, CT, 06117, United States. (“TOMO”).

Purpose of processing Personal Data and legal basis for processing 

Legal bases for each processing activity are specified in the relevant sections below. When we process Personal Data for our legitimate interests, we make sure to consider and balance any potential impact on a Data Subject, and the Data Subject’s rights under data protection laws. Thus, our legitimate business interests do not automatically override your interests. We will not process personal data for activities where our interests are overridden by the impact on the data subject unless we have the consent or are otherwise required or permitted to by law.

We do not process any Special Categories of Data.

Providing the data indicated below is voluntary, but without providing it, it may not be possible to use the Website with regard to the functionalities that require it, and/or the Services of TOMO when the Personal Data is processed for the performance of the contract between you and TOMO. 

Information we automatically collect 

We automatically collect some specific information (device information) when you visit our website/store. Such information includes: info about your web browser, IP address, time zone, and some of the cookies installed on your device. Furthermore, as you surf through the Website, we collect information about the individual web pages or products viewed by you, we also save what websites or search terms/keywords that referred you to the Website, as well the information about how you interact with these pages and TOMO Website.  

When you visit the TOMO Website, we also automatically collect device-specific information when you install, access, or use our Services – this includes information such as the hardware model, operating system information, app version, app usage and debugging information, browser information, IP address, and device identifiers.  

All this information is used in preventing fraud and keeping the Services secure. We also use it to analyze and understand how the Services work for members and visitors, and to provide advertising across your devices, and to ensure a more personalized experience for you.  

To learn more about these online tools and how we use them, see our Cookies & Similar Technologies Policy and  sections about how we use, share & disclosure your Personal Data herein. 

Cookies 

Here is a list of cookies that we use. We’ve listed them here so you that you can choose if you want to opt-out of cookies or not. 

_session_id, unique token, sessional, allows Shopify to store information about your session (referrer, landing page, etc). 

_shopify_visit, no data held, Persistent for 30 minutes from the last visit, used by our website provider’s internal stats tracker to record the number of visits _shopify_uniq, no data held, expires midnight (relative to the visitor) of the next day, counts the number of visits to a store by a single customer. 

Cart, unique token, persistent for 2 weeks, Stores information about the contents of your cart. 

_secure_session_id, unique token, sessional. 

storefront_digest, unique token, indefinite If the shop has a password, this is used to determine if the current visitor has access. 

In providing the Services to you, we use cookies and similar technologies. Please read our TOMO Cookies & Similar Technologies Policy for a more detailed explanation of the technologies we use, and how to opt out when applicable. 

Consent 

How do you get my consent? 

When you provide us with personal information to complete a transaction, verify your credit card, place an order, arrange for a delivery or return a purchase, we imply that you consent to our collecting it and using it for that specific reason only. 

If we ask for your personal information for a secondary reason, like marketing, we will either ask you directly for your expressed consent, or provide you with an opportunity to say no. 

How do I withdraw my consent? 

If after you opt-in, you change your mind, you may withdraw your consent for us to contact you, for the continued collection, use or disclosure of your information, at any time, by contacting us at support@tomobottle.com. 

Source of Personal Data we process 

Generally, the Personal Data we process is obtained directly from you. However, there are situations in which we may also be in possession of your Personal Data through other legitimate means: 

* Our partners and/or you if you are designated as an authorized person or business contact for our partners. 

* Shopify - if we provide you with our Services. our store is hosted on Shopify Inc. They provide us with the online e-commerce website that allows us to sell our products and services to you.Your data is stored through Shopify’s data storage, databases and the general Shopify application. They store your data on a secure server behind a firewall. 

* Public sources and/or you If you are our employee/consultant/independent contractor. 

* Recruitment platforms if you allow recruitment platforms to share your Personal Data with us. 

* Social network - depending on your social network settings. For example, when you follow us via social media platforms, such as LinkedIn and Facebook, we can receive Personal Data from these social media platforms related to your profile. 

Payment information 

If you choose a direct payment gateway to complete your purchase, then Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.   

All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, Mastercard, American Express and Discover.   

PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.   

For more insight, you may also want to read Shopify’s Terms and Conditions - https://www.shopify.com/legal/terms, or Privacy Statement https://www.shopify.com/legal/privacy

Retention of your Personal Data 

TOMO will retain your Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy. we will retain and use your Personal Data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies. We will delete your personal information as soon as it is no longer needed for the specific purpose. 

Disclosure of your Personal Data 

We do not sell or share your Personal Data with anyone outside TOMO. However, we may disclose or share data with the following categories of recipients for the following purposes: 

* Support services - we may use third parties for support services to the Website, such as social network providers, marketing agencies and IT suppliers. All such third parties may require to protect your Personal Data and only process it as per our instructions. 

* Power our online store - we use Shopify to power our online store; to learn more about how Shopify uses your Personal Data, checkout this link: https://www.shopify.com/legal/privacy

* Third-party websites - our Website may contain links to third-party websites; if you follow these links, you exit our Website. While these third-party websites are selected with care, we cannot accept liability for the use of your Personal Data by these third parties. 

* Public authorities - if we are required by law, court order or any other order of public authorities, we may share your Personal Data with public authorities or governmental organizations. We may also do so to protect our legal rights. 

* Sharing with affiliate companies and ownership change of TOMO - we may share your Personal Data with our affiliate company if this is necessary for the purposes listed above. If ownership of TOMO changes as a result of a merger, acquisition, transfer, sale of assets, reorganization or bankruptcy your Personal Data may be transferred to the successor entity. 

* Researches - for research purposes we may use third party software such as Google Analytics. Learn more about how Google uses your Personal Data here: https://www.google.com/intl/en/policies/privacy/. If you wish to opt-out of Google Analytics, you can do so here: https://tools.google.com/dlpage/gaoptout

* With your consent, we may disclose your Personal Data for any other purpose. 

Your rights 

You may contact us (please see Clause “How to contact us” below) to exercise any of the rights you are granted under applicable data protection laws, which includes the following:   

Right to access - you may ask us whether or not we process any of your Personal Data and, if so, receive access to that Personal Data in the form of a copy. When complying with an access request, we will provide you with additional information necessary for you to exercise the essence of this right. You also have the right to request TOMO to disclose what Personal Data it collects, uses, discloses, and sells; and the right, at any time, to direct TOMO if it sells your Personal Data to third parties not to sell your Personal Data (“right to opt-out”).   

Right to rectification - you may have your Personal Data rectified in case of inaccuracy or incompleteness. Upon request, we will correct inaccurate Personal Data about you and, taking into account the purposes of the processing, complete incomplete Personal Data, which may include the provision of a supplementary statement.   

Right to restriction of processing - you may obtain a restriction of the processing of your Personal Data, which means that we suspend the processing of your data for a certain period of time. Upon your request, the decision to restrict the processing of data upon the submission of the relevant request is valid until the decision to correct, update, add, delete and destroy the data by us. Circumstances which may give rise to this right include situations where the accuracy of your Personal Data was contested but some time is needed for us to verify their (in)accuracy. This right does not prevent us from continuing storing your Personal Data. We will inform you before the restriction is lifted.   

Right to erasure - you may have your Personal Data erased, which means the deletion of your data by us and, where possible, by any other controller to whom your data has previously been made public by us. Erasure of your Personal Data only finds a place in certain cases, prescribed by law and listed under article 17 of the GDPR. Due to the way we maintain certain services, it may take some time before backup copies are erased.   

Right to data portability - you may request us to provide you with your Personal Data in a structured, commonly used and machine-readable format and to have such data transmitted directly to another controller, where technically feasible. Upon request and where this is technically feasible, we will transmit your Personal Data directly to the other controller.   

Right to object - you may object to the processing of your Personal Data, which means you may request us to no longer process your Personal Data. This applies in case the ‘legitimate interests’ ground constitutes the legal basis for processing. 

Right to object to profiling – when we process your Personal Data based on our legitimate interests or when the processing is necessary for the performance of a task carries out in the public interest, you can object to the processing that also includes to object to profiling. 

Right to object to processing for direct marketing – when we process your Personal Data for Direct Marketing purposes, you can object to the processing, including profiling to the extent that it is related to Direct Marketing.    

Opt-Out for Direct Marketing - you may opt out at any time from the use of your Personal Data for direct marketing purposes by contacting us. In such case, we will cease processing your Personal Data. With your consent, we may send promotional and non-promotional push notifications or alerts to your mobile device. You can deactivate these messages at any time by changing the notification settings on your mobile device.   

Refusal of consent - you may, at any time, without explanation, and without affecting the lawfulness of processing based on the consent before your withdrawal/refusal, to refuse the consent given by you to us and to request the termination of the processing and/or the destruction of the Personal Data collected by us based on your consent. We will stop the data processing and/or destroy the processed data in accordance with your request, if there is no other basis for data processing. The effect of the foregoing does not apply to the information processed about the fulfillment of your monetary obligations with your own consent. 

Right to Know - if you are resident in California, you are at liberty to request the disclosure of the specific pieces and/or categories of personal information that the we have collected about you, the categories of sources for that personal information, the business or commercial purposes for collecting the information, the categories of personal information that we have disclosed, and the categories of third parties with which the information was shared.  

Right to Opt-Out - to the extent that TOMO “sells” personal information and that term is defined under the CCPA, California residents have the right to opt-out of the “sale” of data at any time (see below for more information). We do not sell personal information to anyone for money or monetary value. However, the term “sale” is defined broadly under the California Consumer Privacy Act. To the extent that the CCPA interprets “sale” to include interest based advertising or other data uses, we will comply with the applicable law as to those activities. You can opt-out by doing so through your account privacy settings or the general privacy settings link at the foot of our homepage and most pages on our Website (the right to opt-out of interest-based advertising is available to every TOMO member).  

General term for response - unless otherwise specified herein, request, TOMO will correct, update, add, block, erase or destroy the data or inform you of the reason for refusal without undue delay.   

Right of appeal - you may apply to the Personal Data Protection Service or the court in case of violation of your rights provided by applicable law. 

Request - To exercise any of the above rights, please make your request to us in writing or by telephone using the contact details set out herein. 

Identification of the applicant - In order to properly route and manage your request, please identify yourself in as much detail as possible. If we have reasonable doubts about the applicant's identity, we will request additional information to confirm the claimed identity. 

Response by us - We will provide you with the response and any requested information in electronic form, unless your request is to receive the response/information in another form. 

In case of refusal - In case of refusal to meet your request, we will inform you of the reasons for this decision and inform you that you have the opportunity to submit a complaint to the Personal Data Protection Service or to the courts and demand the protection of your rights in court. 

Payment - Your exercise of data subject rights is free of charge. However, in cases where your claims/demands are manifestly unfounded or excessive, especially in cases of repeated nature, we reserve the right to refuse to fulfill such requests.   

You may exercise any of the above rights without fear of being discriminated against. 

Under conditions, we are entitled to deny or restrict your rights as described above. In any case, we will carefully assess whether such an exemption applies and inform you accordingly.   

We will use the information you provide to make your rights requests to verify your identity, identify the Personal Data we may hold about you and act upon your request. You are required to verify your email in order for us to proceed with your rights requests. 

We may, for example, deny your request for access when necessary to protect the rights and freedoms of other individuals or refuse to delete your Personal Data in case the processing of such data is necessary for compliance with legal obligations. 

Right to restrict or object to our processing of Personal Data 

You have the right to restrict or object to the processing of your personal information at any time, on reasonable grounds relating to your particular situation, unless the processing is required by law. In such case, we will no longer process or restrict the processing of the personal data, unless we can demonstrate compelling legitimate grounds for the processing or for the establishment, exercise or defense of legal claims. 

Email & messages  

You are at liberty to control the types of communications which we can have with you through your account settings. We may send you messages about the Services or your activity while interacting with the Services. Some messages are required or service related (e.g. legal notices), while others are optional such as newsletters. If you wish to discontinue the use of the Services or want to stop receiving service-related messages (except for legally required notices), you can close your account by contacting us through support@tomobottle.com

Additional disclosures for California residents

Notice of Collection:  

Adding to the rights described above, the CCPA requires disclosure of the categories of personal information collected over the past 12 months. The categories of personal information that we have collected (as described by the CCPA) are:   

* Identifiers, which include name, email address, shop name, IP address, and an ID or number assigned to your account.  

* Additional individual records like phone number, billing address, or credit or debit card information. This category includes personal information protected under pre-existing California law (Cal. Civ. Code 1798.80€), and overlaps with other categories listed here.  

* Demographics, such as your age or gender – this category includes data that may qualify as protected classifications under other California or federal laws.  

* Commercial information – this includes purchases and engagement with the Services.  

* Internet activity, including your interactions with our Services and what led you to our Services.  

* Sensory visual data, such as pictures posted on our Service.  

* Geolocation data provided through location enabled services such as WiFi and GPS.  

* Inferences, including information about your interests, preferences and favorites.   

Mobile message Service Terms and Conditions

The TOMO BOTTLE mobile message service (the "Service") is operated by TOMO BOTTLE LLC. Your use of the Service constitutes your agreement to these terms and conditions (“Mobile Terms”). We may modify or cancel the Service or any of its features without notice. We may also modify these Mobile Terms at any time and your continued use of the Service following the effective date of any such changes shall constitute your acceptance of such changes.  

We do not charge for the Service, but you are responsible for all charges and fees associated with text messaging imposed by your wireless provider. Message and data rates may apply.  

Text messages may be sent using an automatic telephone dialing system or other technology. Your consent to receive autodialed marketing text messages is not required as a condition of purchasing any goods or services. If you have opted in, the Service provides updates, alerts, information, promotions, specials, and other marketing offers (e.g., cart reminders) from TOMO BOTTLE via text messages through your wireless provider to the mobile number you provided. Message frequency varies. Text the single keyword command STOP to cancel at any time. You'll receive a one-time opt-out confirmation text message. If you have subscribed to other TOMO BOTTLE mobile message programs and wish to cancel, you will need to opt out separately from those programs by following the instructions provided in their respective mobile terms. For Service support or assistance, email support@tomobottle.com.  

We may change any short code or telephone number we use to operate the Service at any time and will notify you of these changes. You acknowledge that any messages, including any STOP or HELP requests, you send to a short code or telephone number we have changed may not be received and we will not be responsible for honoring requests made in such messages.  

The wireless carriers supported by the Service are not liable for delayed or undelivered messages. You agree to provide us with a valid mobile number. You agree to maintain accurate, complete, and up-to-date information with us related to your receipt of messages, including, without limitation, notifying us immediately if you change your mobile number.  

You agree to indemnify, defend, and hold us harmless from any third-party claims, liability, damages or costs arising from your use of the Service or from you providing us with a phone number that is not your own.  

You agree that we will not be liable for failed, delayed, or misdirected delivery of any information sent through the Service, any errors in such information, and/or any action you may or may not take in reliance on the information or Service.  

Currency conversion 

By using our Website, you (the visitor) agree to allow third parties to process your IP address, in order to determine your location for the purpose of currency conversion. You also agree to have that currency stored in a session cookie in your browser (a temporary cookie which gets automatically removed when you close your browser). We do this in order for the selected currency to remain selected and consistent when browsing our website so that the prices can convert to your (the visitor) local currency. 

Third-party services 

In general, the third-party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us. 

However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions. For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers. 

In particular, remember that certain providers may be located in or have facilities that are located in a different jurisdiction than either you or us. So, if you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located. 

As an example, if you are located in Canada and your transaction is processed by a payment gateway located in the United States, then your personal information used in completing that transaction may be subject to disclosure under United States legislation, including the Patriot Act. 

Once you leave our store’s website or are redirected to a third-party website or application, you are no longer governed by this Privacy Policy or our website’s Terms and Conditions. 

How to contact us 

If you would like to: access, correct, amend or delete any personal information we have about you, register a complaint, or simply want more information Contact TOMO Support team through support@tomobottle.com

If you have an unresolved privacy or data use concern that we have not taken care of satisfactorily, you can contact us any time and we will do our best to help you resolve it. 

If you have unresolved concerns, you also have the right to contact the data protection authorities and courts. 

Do Not Track 

Generally, we do not track you over time and across third party websites to provide targeted advertising and therefore we do not respond to Do Not Track (DNT) signals.   

Personal Data transfers to third countries 

TOMO may transfer your Personal Data to countries other than your country of residence, including but not limited to countries outside the European Economic Area. International transferring occurs in the course of providing your services. Partners or Service Providers may have operations in countries across the world. The laws of these countries may not afford the same level of protection to your Personal Data. 

TOMO ensures that proper and required protection is in place to comply with the requirements for the international transfer of Personal Data under applicable privacy laws. For transfers of Personal Data outside the European Economic Area, TOMO may use European Commission approved Standard Contractual Clauses as safeguards. The European Commission approved standard contractual clauses are available here.  

Complaints 

If you need to complain about our use of personal data, please send an email with the details of your complaint to support@tomobottle.com. We will look into and respond to any complaints we receive. 

You also have the right to lodge a complaint with the Personal Data authorities and courts.   

Data security 

We value the security of your personal information; and in the light of this, we take active steps in following generally accepted industry standards to protect your personal information which you have with us. To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed. 

One of the ways by which we keep you covered is through encryption – this is commonly used in protecting your credit card details. Please note that, no method of transmission of data via the internet or method of electronic storage is flawlessly secure. 

 If you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards. 

Therefore, while we do all we can to keep your personal information safe, we cannot guarantee its total security.  

Your account is protected by a password. We therefore urge you to protect your account from unauthorized access by choosing a strong password which you can easily remember and signing out after using TOMO Services.  

Amendment to this Privacy Policy 

We may update and/or change the terms of this Privacy Policy; thus, we encourage you to review this Privacy Policy from time to time for the latest information and terms. you can always check the “last updated” date at the top of this document to see when the Privacy Policy was last amended.   

Changes and clarifications will take effect immediately upon their posting on the website. If we make material changes to this policy, we will notify you here that it has been updated, so that you are aware of what information we collect, how we use it, and under what circumstances, if any, we use and/or disclose it. 

If our store is acquired or merged with another company, your information may be transferred to the new owners so that we may continue to sell products to you. 

Purpose of processing Personal Data and legal basis for processing
Personal Data TOMO Processes Purpose of Processing Legal Basis of Processing
Your first and last name, citizenship, billing address, phone number, email address, payment information. 1. Processing, confirming and fulfilling your order, including confirming your payment, informing you of the status of your order. 1. Data processing is necessary in accordance with Article 6 (1) (b) of GDPR to consider the application of the data subject, to provide him/her with services
2. Customer support and general assistance (answering any questions or complaints). 2. It is in our legitimate interest to assist you with any issues related to our products, website and services, pursuant to Article 6 (1) (f) of GDPR.
3. Detect and prevent fraud or other crimes. 3. It is in our legitimate interest to protect TOMO from fraud, and it is also our statutory duty to report crime in accordance with Article 6 (1) (f) of GDPR.
4. Production of accounting records and books. Providing necessary information to competent authorities and public institutions during official investigations/procedures. 4. Fulfillment of the obligations stipulated by the law in accordance with Article 6 (1) (c) of GDPR.
5. To defend or enforce our rights in court (including recovery / reimbursement of amounts due). 5. Our legitimate interest is to exercise our rights and defend ourselves against any claims against us in court in accordance with Article 6 (1) (f) of GDPR
Your first and last name, phone number, email address. Asking you to complete a questionnaire about goods or services purchased on our website. We may use the services of third parties to send you said questionnaires and aggregate responses. Our legitimate interest is to monitor and improve the quality of our products and services, in accordance with Article 6 (1) (f) of GDPR.
Date of birth. Verifying your age and verifying that you are not under the age of 18. It is in our legitimate interest to verify your ability to enter into a contract with us in accordance with Article 6 (1) (f) of GDPR.
Your name and email and/or phone number, language and country preferences you have. For marketing purposes, to email you about promotions and offers. Sending emails and text messages according to your preferences. Your consent given in accordance with Article 6 (1) (a) of GDPR when choosing to receive our newsletter. You may unsubscribe from receiving such marketing communications at any time.
User’s public IP address and other information we collect automatically. For the list, please see the section below. Preventing fraud and keeping the Services secure. Also, to analyze and understand how the Services work for members and visitors, and to provide advertising across your devices, and to ensure a more personalized experience for you. Your consent given in accordance with Article 6 (1) (a) of GDPR.

Individuals whose personal data we obtain in connection with providing products to our clients   

Providing our clients with information about us and our services   

In accordance with applicable law, we use client contact details to provide information that we think will be of interest about us and our services. For example, industry updates and insights, other services that may be relevant and invites to events. The legal basis of this is your consent (Article 6 (1) (a) of GDPR). 

Providing products 

Generally, if we provide service to you, we collect  your: 

* your first and last name 

* billing address 

* phone number 

* email address 

* payment information 

The purpose of processing of the data listed above is to make steps at your request before concluding an agreement and then to provide the services to you (Article 6 (1) (b), of GDPR). 

Complying with any requirement of law and regulation 

As we are subject to legal, regulatory and professional obligations, we need to keep certain records to demonstrate that our products and services are provided in compliance with those obligations and those records may contain personal data. 

The legal basis of this is to fulfill legal obligations (Article 6 (1) (c) of GDPR).  If Personal Data are processed for the purposes other than specified above we will rely on the legitimate interest basis or the consent, if we asked the data subject for the consent.  

 Data retention  

We retain the personal data processed by us for as long as is considered necessary for the purpose for which it was collected (including as required by applicable law or regulation).   In the absence of specific legal, regulatory or contractual requirements, our baseline retention period for records and other documentary evidence created in the provision of services does not exceed 10 years.  See more information, including about your rights, in our Privacy Policy. 

Contractors 

Receiving services 

We process personal data in relation to our suppliers, freelancers and consultants as necessary to receive the services. For example, where a supplier is providing us with outsourced services, we will process personal data about those individuals that are providing services to us. This personal data is the following: 

* full name 

* residing address 

* citizenship 

* email address 

* phone number 

* payment information 

In this case, we rely on the legitimate interest basis such as such as the organization of the entire company activity for the purpose of carrying out the activity, initiating and conducting litigation by courts of law and (possibly) other public authorities (Article 6 (1) (f) of GDPR), or the consent, if we asked the data subject for the consent (Article 6 (1) (a) of GDPR). 

Data retentions 

We retain the personal data processed by us for as long as is considered necessary for the purpose for which it was collected (including as required by applicable law or regulation).   In the absence of specific legal, regulatory or contractual requirements, our baseline retention period for records and other documentary evidence created in the provision of services does not exceed 10 years.  See more information, including about your rights, in our Privacy Policy.

Website visitors 

Third Party Links  

The Websites may link to third-party sites not controlled by TOMO and which do not operate under TOMO privacy practices. When you link to third-party sites, TOMO’s privacy practices no longer apply. We encourage you to review each third-party site's privacy policy before disclosing any personally identifiable information. 

Collection of personal information through the Website 

We automatically collect some specific information (device information) when you visit our website/store. Such information includes: info about your web browser, IP address, time zone, and some of the cookies installed on your device. Furthermore, as you surf through the Website, we collect information about the individual web pages or products viewed by you, we also save what websites or search terms/keywords that referred you to the Website, as well the information about how you interact with these pages and TOMO Website.  

When you visit the TOMO Website, we also automatically collect device-specific information when you install, access, or use our Services – this includes information such as the hardware model, operating system information, app version, app usage and debugging information, browser information, IP address, and device identifiers.  

All this information is used in preventing fraud and keeping the Services secure. We also use it to analyze and understand how the Services work for members and visitors, and to provide advertising across your devices, and to ensure a more personalized experience for you.  

To learn more about these online tools and how we use them, see our Cookies & Similar Technologies Policy and  sections about how we use, share & disclosure your Personal Data in our Privacy Policy. 

We collect the information above either directly from you or by combining information we collect via the Websites with personal information we collect and maintain through other channels (such as client relationship management systems or identification and access management systems, including IP addresses) or as we may lawfully collect from social media or other third-party sites. 

Below are examples of how you may provide personal information to us via Websites: 

* searching and browsing for content 

* subscribing to or ordering newsletters and/or publications 

* registering for online services 

* participating in "join our mailing list" initiatives 

* participating in bulletin boards, discussion or message forums 

* entering Quick Surveys, Quizzes or Benchmarking Surveys 

* registering for events and conferences 

* submitting resumes or work history information 

* contacting us for further information 

* visiting our Websites while logged into a social media platform, and/or 

* providing us with business cards or other contact information   

The legal basis of this processing is your consent (Article 6 (1) (a) of GDPR). 

You may reject cookies at any time. See more information, including about your rights, in our Privacy Policy and our Cookies & Similar Technologies Policy

Marketing 

Where we are legally required to obtain your explicit consent to provide you with marketing materials, we will only provide you with such marketing materials if you have provided consent for us to do so.  

If you opt into any subscriptions, you will receive automated emails when content is updated. If you opt into any newsletters, you will receive curated emails known as newsletters. If you select any preferences such as issues, topics, subjects or industries, you may receive email communications related to those self-selected topics. 

The legal basis of this processing is your consent when choosing to receive our newsletter (Article 6 (1) (a) of GDPR). 

Unsubscribe 

If you want to unsubscribe from mailing lists or any registrations, you should look for and follow the instructions we have provided within the appropriate area(s) of the Websites or in the relevant communications to you. 

If you do not wish to receive emails or marketing communications from us, you can at any time contact us to request that such communications cease. If you wish to unsubscribe or no longer receive only certain communications, please identify such communications in your request. 

If you choose to unsubscribe from any or all mailings, we may retain information sufficient to identify you so that we can honor your request. 

Data retentions  

We retain the personal data processed by us for as long as is considered necessary for the purpose for which it was collected (including as required by applicable law or regulation).   In the absence of specific legal, regulatory or contractual requirements, our baseline retention period for records and other documentary evidence created in the provision of services does not exceed 10 years.  See more information, including about your rights, in our Privacy Policy . 

Others who get in touch with us 

Data Collection

We collect personal data such as name, contact details and contents of the communication when an individual gets in touch with us with a question, complaint, or comment. 

In these cases, the individual is in control of the personal data shared with us and we will only use the data for the purpose of responding to the communication and handling the matter as appropriate. The personal data referred above may include name, employer name, contact title, phone, email and other business contact details.  

If personal data are processed for the other purposes specified above we will rely on the legitimate interest basis or the consent, if we asked the data subject for the consent (Article 6 (1) (f) of GDPR, Article 6 (1) (a) of GDPR). 

Data retentions 

We retain the personal data processed by us for as long as is considered necessary for the purpose for which it was collected (including as required by applicable law or regulation).  

In the absence of specific legal, regulatory or contractual requirements, our baseline retention period for records and other documentary evidence created in the provision of services does not exceed 10 years.  See more information, including about your rights, in our Privacy Policy. 

×