Tanzua.com
Back home

Legal

Privacy Policy

Last updated April 25, 2026

This policy explains what data Tanzua collects when you use our AI shopping agent, why we use it, and the choices and rights you have.

1. What we collect

  • Account information — your name, email address, and password hash.
  • Shopping data — addresses, orders, returns, wishlist, and preferences you set.
  • Conversations — messages you exchange with Tanzua's AI agent so we can keep your chat history and improve responses.
  • Device and usage data — browser type, OS, hashed IP address, and basic interaction events for security and analytics.

We do not store full payment card numbers. Card data goes directly to Stripe; we only retain the brand and last 4 digits to help you identify the card on file.

2. Why we use your data

  • To create and operate your account and process orders.
  • To personalize product recommendations and remember your preferences.
  • To prevent fraud, abuse, and unauthorized access.
  • To communicate about your orders, account, and (with consent) marketing.
  • To meet legal, tax, and accounting obligations.

3. Sharing

We share data only with processors required to run Tanzua, including Stripe for payments, our cloud and email providers, and shipping carriers. These processors are contractually bound to use your data only on our behalf. We do not sell your personal data.

4. Your rights

You can review, correct, export, or delete your data at any time from Settings → Privacy. We honor regional privacy rights including the EU GDPR and California's CCPA/CPRA.

5. Marketing communications

Marketing emails are sent only if you opt in. You can unsubscribe at any time using the link in any marketing email or from Settings → Notifications. Transactional messages (order updates, security alerts) are not marketing and cannot be turned off while you have an active account.

6. Data retention

We keep order and tax records for as long as legally required (typically seven years). Conversational and preference data is retained until you delete it or close your account. After account deletion, we purge personal data within 30 days, except where law requires us to keep it.

7. Security

We use industry-standard encryption in transit and at rest, role-based access controls, and audit logging. No system is perfectly secure, so please use a strong unique password and enable two-factor authentication in Settings → Security.

8. Children

Tanzua is not directed at children under 16 and we do not knowingly collect personal data from them. If you believe a child has signed up, contact us and we will delete the account.

9. Changes to this policy

We may update this policy. Material changes will be announced by email or in-app notice and reflected in the "Last updated" date above.

Privacy questions? Email us at support@tanzualtd.com.