Last Updated on April, 14, 2025
TPD PRO is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform, available at https://tpdpro.eu.
We are fully compliant with the General Data Protection Regulation (GDPR) and strive to uphold the highest standards in data protection.
1. Who We Are
TPD PRO is a SaaS platform designed to simplify and automate EU-CEG submissions for electronic cigarettes and nicotine-containing products.
Our legal entity:
SIA FLEXLAB
Registered address: Katlakalna iela 9a, Riga, LV-1073
Email: [email protected]
2. Information We Collect
We collect the following types of personal and business-related data:
Account Information
Full name
Company name
Email address
Phone number (optional)
Billing and payment details
Usage Data
Login activity
Features used
Time spent on the platform
Error reports and logs
Files and Submissions
Product data, formulations, ingredient lists, toxicological profiles, XML files for EU-CEG submissions
3. How We Use Your Information
We use your data to:
Provide access to the platform and its features
Generate and manage TPD/EU-CEG submissions
Improve user experience and system functionality
Respond to support requests
Comply with legal obligations
Send service-related communications (updates, invoices, security notices)
We do not sell or share your data for advertising purposes.
4. Legal Basis for Processing
We process your personal data under the following legal bases:
Performance of a contract (Article 6.1.b GDPR)
Legal obligation (Article 6.1.c GDPR)
Legitimate interest (Article 6.1.f GDPR) – e.g., to improve security or detect abuse
5. Data Storage and Security
All data is stored securely on servers located within the European Union. We implement industry-standard security measures, including:
SSL/TLS encryption
Secure authentication and session management
Regular vulnerability assessments
Only authorized personnel have access to your data, and all access is logged and monitored.
6. Data Retention
We retain your data:
As long as your account is active
As required for legal and accounting purposes (up to 10 years in some cases)
You can request deletion of your account and associated data at any time by contacting us.
7. Your Rights (Under GDPR)
You have the right to:
Access your personal data
Correct inaccurate data
Request deletion of your data
Restrict or object to processing
Data portability
Lodge a complaint with a supervisory authority
To exercise your rights, please email us at [email protected].
8. Third-Party Services
We may use the following third-party processors, all GDPR-compliant:
Payment processors (e.g., Stripe, Paddle)
Cloud hosting providers (e.g., AWS, Hetzner, or others based in EU)
Analytics tools (used anonymously)
We ensure all third parties provide adequate protection and data handling guarantees.
9. Cookies
We use only essential cookies for:
Session management
Security authentication
Saving your preferences
No tracking or third-party advertising cookies are used.
You can manage cookies via your browser settings.
10. Changes to This Policy
We may update this Privacy Policy from time to time. Any changes will be posted on this page with a revised “Effective date.”
11. Contact Us
If you have any questions or concerns about this policy, please contact:
Email: [email protected]
