Effective Date: September 4, 2025
TeaTapee.com (“we,” “us,” or “our”) respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, use our products, or otherwise interact with us. It also describes your privacy rights and how the law protects you.
1. Information We Collect
We may collect, use, store, and transfer the following categories of personal data:
1.1 Identity Data
First name, last name.
1.2 Contact Data
Email address, shipping address, billing address, phone number.
1.3 Transaction Data
Order details, payment method, products purchased, transaction dates.
1.4 Technical Data
IP address, browser type and version, time zone, location, operating system, device identifiers.
1.5 Usage Data
Pages visited, links clicked, time spent on pages, search terms, interaction with features.
1.6 Marketing & Communications Data
Preferences for receiving marketing communications, communication history.
1.7 Third-Party Data
Information from social media platforms when you log in via OAuth and from our payment processors for transaction verification.
2. How We Use Your Information
We use your personal data to:
- Process and deliver your orders, manage payments, and send invoices.
- Create and maintain your TeaTapee.com account and provide customer support.
- Improve and personalize our website, products, and services.
- Send marketing communications (only if you’ve opted in), newsletters, and promotional offers, with opt-out options.
- Conduct analytics, detect trends, and enhance user experience.
- Comply with legal obligations, enforce our Terms of Service, and protect against fraud.
3. Payment Security
We maintain the highest standards to secure your payment data:
3.1 Encryption in Transit
All communications between your browser and our servers use TLS 1.3 encryption. Every page where you enter sensitive data enforces HTTPS.
3.2 Encryption at Rest
Stored payment information is encrypted using AES-256, an industry-standard block-cipher approved by cybersecurity authorities.
3.3 Tokenization
Raw credit- or debit-card numbers are never stored on our systems. Our Payment Service Provider (PSP) converts card data into unique tokens immediately upon entry, preventing unauthorized access or reuse.
3.4 PCI DSS Compliance
We adhere to Payment Card Industry Data Security Standard (PCI DSS) v4.0. Our infrastructure undergoes regular security assessments, vulnerability scans, and penetration tests.
3.5 Fraud Detection & Monitoring
Real-time transaction monitoring employs machine-learning models and rule-based systems to identify and block suspicious activity.
4. Data Security Measures
We implement robust security measures to protect your data:
- Firewalls and intrusion detection/prevention systems.
- Role-based access controls and multi-factor authentication for employees.
- Secure software development practices: regular code reviews, vulnerability scanning, and patch management.
- Documented incident response procedures to quickly address any breach.
5. Cookies & Tracking Technologies
We use cookies and similar technologies to enhance your experience:
- Essential Cookies: Required for core site functionality.
- Performance Cookies: Collect anonymous usage statistics.
- Marketing Cookies: Deliver personalized advertising (with opt-out).
You can manage cookie preferences through your browser settings or our in-site controls.
6. Data Retention
We retain personal data only as long as necessary for the purposes collected, including to satisfy legal, accounting, or reporting obligations. When no longer needed, data is securely deleted or anonymized.
7. International Data Transfers
Your data may be processed or stored outside your home country. In such cases, we safeguard transfers using Standard Contractual Clauses (SCCs) or other approved mechanisms to ensure adequate protection.
8. Your Legal Rights
Under applicable data protection laws, you may have the right to:
- Access and receive a copy of your personal data.
- Correct inaccurate or incomplete data.
- Erase your data (“right to be forgotten”) where permitted.
- Restrict or object to certain processing activities.
- Port your data in a structured, machine-readable format.
- Withdraw consent at any time (without affecting processing prior to withdrawal).
To exercise any right, please contact us at atyourservice@teatapee.com. You may also lodge a complaint with a supervisory authority.
9. Third-Party Links
Our site may link to third-party websites. We have no control over their practices and are not responsible for their privacy policies. We encourage you to review any external site’s policy before providing personal data.
##10. Children’s Privacy
Our services are not directed to individuals under 16 years of age. We do not knowingly collect personal data from children under 16. If we learn that we have inadvertently done so, we will delete that data promptly.
##11. Changes to This Privacy Policy
We may update this policy to reflect operational, legal, or technical changes. Material changes will be posted here with a revised “Effective Date.” Please review this policy periodically.
##12. Contact Us
If you have questions, concerns, or wish to exercise your privacy rights, please contact:
Privacy Officer
TeaTapee.com
Email: atyourservice@teatapee.com
By using TeaTapee.com, you agree to the collection and use of information outlined in this Privacy Policy. Your privacy and data security are our highest priorities.
