Privacy Policy
Effective from: 23.02.2026 Last updated: 23.02.2026
1. Data Controller
Time for Luxury Website: https://timeforluxury.eu E-mail: info@timeforluxury.eu
For questions regarding the processing of personal data, please contact: info@timeforluxury.eu
2. What Personal Data We Collect and Why
2.1 User Account Creation and Management
- Data: name, e-mail address, phone number, username, password (encrypted)
- Purpose: account creation, login, user identification
- Legal basis: performance of a contract
- Retention period: until the account is deleted
2.2 Publishing Advertisements
- Data: seller’s name, e-mail address, phone number, advertisement content (watch description, images, price, location)
- Purpose: publishing and managing advertisements on the website
- Legal basis: performance of a contract
- Retention period: until the advertisement is deleted; expired advertisements are deleted 36 months after expiration
2.3 Contact Forms and Messaging
- Data: name, e-mail address, message content
- Purpose: enabling communication between users, customer service
- Legal basis: performance of a contract and legitimate interest
- Retention period: up to 2 years
2.4 Comments
- Data: name, e-mail address, website address, comment content, IP address
- Purpose: displaying comments, preventing spam
- Legal basis: legitimate interest
- Retention period: the comment and its metadata are retained indefinitely to identify and approve follow-up comments automatically
2.5 Payment Processing (if applicable)
- Data: payment information is sent directly to the payment service provider; we do not store card or bank details
- Purpose: collection of advertising fees
- Legal basis: performance of a contract
- Payment provider: Montonio
2.6 Website Usage Statistics
- Data: IP address, browser type, operating system, pages visited, time of visit
- Purpose: improving website performance, developing the user interface
- Legal basis: consent or legitimate interest
- Retention period: up to 36 months
- Services used: Google Analytics
2.7 Automatic Translation
- Data: advertisement content (title and description)
- Purpose: automatic translation of advertisements into other languages
- Legal basis: legitimate interest
- Third party: DeepL SE (Germany) – text is sent to the DeepL API for translation. DeepL Pro API does not store the sent texts or use them for training. See DeepL privacy policy: https://www.deepl.com/privacy
- Retention period: the translation cache is stored in the website’s database until the cache is cleared
3. Cookies
Our website uses cookies. A cookie is a small text file that your browser stores on your device.
3.1 Strictly Necessary Cookies (no consent required)
| Cookie | Purpose | Duration |
|---|---|---|
| wordpress_logged_in_* | Login identification | Session / 2 weeks |
| wordpress_sec_* | Login security | Session |
| wp-settings-* | Saving user preferences | 1 year |
| flavor_lang | Remembering language preference | 1 year |
| pll_language | Polylang language selection | 1 year |
| complianz_* | Storing cookie consent | 1 year |
3.2 Välttämättömät evästeet Cookies
| Cookie | Purpose | Duration |
|---|---|---|
| comment_author_* | Remembering the commenter’s name | 1 year |
| comment_author_email_* | Remembering the commenter’s e-mail | 1 year |
3.3 Analytical Cookies (consent required)
| Cookie | Purpose | Duration |
|---|---|---|
| _ga, _ga_* | Google Analytics – anonymous usage statistics | 2 years |
| _gid | Google Analytics – session distinction | Session |
4. Who We Share Your Data With
Your personal data may be shared with the following third parties:
| Service Provider | Purpose | Data Location |
|---|---|---|
| Web Hosting: Zone | Website hosting and data storage | EU |
| DeepL SE | Automatic translation of ads | Germany (EU) |
| Google Analytics | Website usage statistics | USA (EU–US Data Privacy Framework) |
| Montonio | Payment processing | EU |
| E-mail service: Zone | System notifications, alerts | EU |
Data is transferred to third countries (outside the EU/EEA) only if an adequate level of data protection is guaranteed (e.g., EU–US Data Privacy Framework, standard contractual clauses).
We do not sell or pass your personal data to third parties for marketing purposes.
5. How Long We Retain Data
| Data Brand | Retention Period |
|---|---|
| User account data | Until the account is deleted |
| Advertisement data | Until the ad is deleted + 36 months in archive |
| Comments | Indefinitely |
| Payment data (billing) | 7 years (requirement of the Accounting Act) |
| Log files and IP addresses | Up to 12 months |
| Cookies | As per the table above |
After the retention period expires, data is deleted or anonymized.
6. Your Rights
In accordance with the General Data Protection Regulation (GDPR) and the Estonian Personal Data Protection Act (IKS), you have the following rights:
- Right of access – you can request information about what personal data we process about you (GDPR Art. 15)
- Right to rectification – you can demand the correction of inaccurate data (GDPR Art. 16)
- Right to erasure – you can demand the deletion of your data if there is no legal basis for processing (GDPR Art. 17)
- Right to restriction of processing – you can demand the restriction of data processing in certain cases (GDPR Art. 18)
- Right to data portability – you can request your data in a structured, commonly used, and machine-readable format (GDPR Art. 20)
- Right to object – you can object to the processing of data based on legitimate interest (GDPR Art. 21)
- Right to withdraw consent – if the processing is based on your consent, you can withdraw it at any time (GDPR Art. 7(3))
To exercise your rights, please contact: info@timeforluxury.eu
We will respond to your request within 30 days. We may request additional information to verify your identity.
7. Filing a Complaint
If you believe that the processing of your personal data is not in compliance with the law, you have the right to file a complaint with the Data Protection Inspectorate (Andmekaitse Inspektsioon):
Data Protection Inspectorate Tatari 39, 10134 Tallinn, Estonia Phone: +372 627 4135 E-mail: info@aki.ee Website: https://www.aki.ee
8. Data Security
We implement appropriate technical and organizational measures to protect your personal data from unauthorized access, alteration, disclosure, or destruction, including:
- SSL/TLS encryption for all web traffic
- Hashing and secure storage of passwords
- Regular software updates
- Restricted access to personal data
9. Children’s Data
Our service is not directed at children under the age of 16. We do not knowingly collect personal data from children under 16. If we learn that we have collected data from a child under 16 without parental consent, we will delete it as soon as possible.
10. Changes to the Privacy Policy
We have the right to change the privacy policy at any time. In the event of significant changes, we will notify users through the website. We recommend reviewing the privacy policy regularly.
This privacy policy has been prepared in accordance with the EU General Data Protection Regulation (GDPR) (EU) 2016/679 and the Estonian Personal Data Protection Act (IKS).