Politique de confidentialité

Last Updated: February 28, 2025

At WMB Maps, operated by Thorough Solutions OÜ, we are committed to protecting the privacy and security of our customers' personal data. This Privacy Policy explains how we collect, use, store, and protect your personal data when you visit worldmapblank.com (the "Website"), make a purchase, or otherwise interact with us.

We comply with the General Data Protection Regulation (GDPR) and other relevant EU and non-EU data protection laws to ensure the security and lawful processing of personal information.

By using this Website, you consent to the practices outlined in this Privacy Policy. If you do not agree with these terms, please discontinue use of the Website.

1. Data Controller

The data controller responsible for processing your personal data is:

Business Name: Thorough Solutions OÜ
Address: Ahtri 12, c/o E-Residency Hub, 15551 Tallinn, Estonia
Registration Number: 16274952
Email: info@thorough-solutions.com
Phone: +372 602 77 67

2. Data Protection Officer

Our Data Protection Officer (DPO) oversees this Privacy Policy and ensures compliance with applicable data protection laws. You may contact the DPO using the details provided above.

3. Personal Data We Collect

We collect personal data under the following circumstances:

When You Purchase a Product

  • Identity Data: Name, username, or similar identifier
  • Contact Data: Billing address, shipping address, email, and phone number
  • Financial Data: Credit card details and payment information (processed securely by third-party payment providers)
  • Transaction Data: Details about payments, refunds, and order history

When You Use the Website

  • Technical Data: IP address, browser type and version, time zone settings, device information, and browsing behavior
  • Usage Data: Information about how you interact with the Website, products, and services
  • Profile Data: Purchases, interests, feedback, and survey responses

When You Leave a Comment

  • Comment Data: Name, email address, IP address, and optionally, your website URL

When You Contact Us

  • Communication Data: Name, email address, and IP address when contacting us via our contact form or email

When You Download Free Maps

We do not collect personal data if you only download free maps. However, third-party tools may collect anonymized data about your usage.

Data Collected by Third-Party Services

We use third-party services such as Google Analytics, Google Search Console, and Ezoic Inc. to analyze website usage. Additionally, our print-on-demand providers (Gelato, Printful, and Printify) collect and process shipping information for order fulfillment.

This data is anonymized and aggregated where possible, meaning we do not personally identify you using such data.

4. How We Use Personal Data

We use collected data to:

  • Process and fulfill orders, including shipping and payment processing
  • Communicate with you regarding order updates, returns, and refunds
  • Improve website content, usability, and functionality
  • Prevent fraud and ensure website security
  • Respond to inquiries sent via our contact form or email
  • Conduct marketing and promotional activities (with your consent)
  • Comply with legal obligations

5. Legal Basis for Processing Personal Data

We process personal data under the following lawful bases:

  • Performance of a Contract – When fulfilling an order or providing a service
  • Legitimate Interests – For fraud prevention, customer service, and improving our services
  • Compliance with Legal Obligations – When required by tax or consumer protection laws
  • Consent – When you opt-in to marketing communications

6. Data Processing Agreements

We have agreements in place with all third-party service providers who process personal data on our behalf, ensuring compliance with GDPR and other relevant data protection regulations.

These agreements stipulate that third parties must:

  • Process personal data only on our instructions
  • Implement adequate security measures to protect your data

7. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including legal, accounting, and reporting requirements.

When we no longer require your data, we securely delete or anonymize it. You may also request data deletion at any time (see Section 10: "Your Rights").

8. Data Security

We implement appropriate technical and organizational security measures to protect your personal data from:

  • Unauthorized access
  • Loss, alteration, or disclosure
  • Cyber threats and malicious attacks

Despite our best efforts, no system is 100% secure. We recommend using secure communication channels when sharing sensitive data.

9. Data Breach Notification

If a data breach occurs that may affect your rights or privacy, we will:

  • Notify the relevant authorities within 72 hours (if required by law)
  • Inform you promptly if your data is impacted

10. Your Rights Under GDPR

You have the following rights regarding your personal data:

  • Right to Access – Request a copy of your personal data
  • Right to Rectification – Correct inaccurate or incomplete data
  • Right to Erasure – Request deletion of your data under certain conditions
  • Right to Restriction – Limit processing of your personal data in specific situations
  • Right to Data Portability – Obtain a copy of your data in a structured format
  • Right to Object – Object to data processing for marketing or other purposes
  • Right to Withdraw Consent – Revoke consent for marketing communications

To exercise these rights, please contact us via our contact form. We will respond within one month, unless an extension is necessary due to complexity.

11. International Data Transfers

We may transfer personal data outside the European Economic Area (EEA). When doing so, we ensure adequate safeguards, including:

  • Adequacy Decisions – Only transferring data to countries deemed safe by the European Commission
  • Standard Contractual Clauses (SCCs) – Using EU-approved agreements with third-party providers
  • Binding Corporate Rules – Ensuring appropriate safeguards for international data transfers

12. Automated Decision-Making and Profiling

We do not use automated decision-making or profiling that significantly impacts users. If this changes, we will inform you and ensure human intervention is available.

13. Third-Party Links

Our Website may contain links to third-party websites, plug-ins, or applications. Clicking on those links may allow third parties to collect or share your data. We are not responsible for the privacy practices of third-party websites. Please also refer to our Affiliate Disclosure. and our Cookie Policy.

14. Personal Data from Children

This Website is not intended for children under the age of 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us immediately so we can remove it.

15. Changes to This Privacy Policy

We regularly review this Privacy Policy and may update it to reflect changes in our data practices or legal requirements. Any updates will be posted on this page, and we will update the "Last Updated" date accordingly.

If significant changes occur, we will notify users where required by law.

16. Contact Information

If you have any questions about this Privacy Policy or wish to exercise your rights, please contact us via our contact form.

For further details, please also review our Terms of Service, Refund Policy, Cookie Policy, and Shipping Policy.