Privacy Policy
Last updated: February 7, 2026
Your privacy is of great importance to TMB Bookshop. This Privacy Policy explains how we collect, use, share, and protect your personal data in compliance with the General Data Protection Regulation (GDPR) and the Belgian Privacy Act of 30 July 2018.
1. Scope of Application
This Privacy Policy applies to all personal data that TMB Bookshop collects through its affiliate website. Our website provides book recommendations and reviews with affiliate links to retailers. We do not sell products directly or process orders.
2. Data Controller
TMB Bookshop
Transmobiel Belgium
P. Van der Taelenstraat 40 A
B-2840 Rumst, Belgium
BE0790.005.117
Contact: Please use our online contact form
3. What Personal Data We Collect
As an affiliate website, we collect limited personal data:
3.1 Information You Provide Directly:
- Contact inquiries: Name, email address, telephone number, message content (only if you contact us)
3.2 Information Collected Automatically:
- Website usage data: IP address (anonymized), browser type, device information, pages visited, time spent on pages, referring URL, clickstream data
- Cookies: See Section 7 for details
We do NOT collect or store:
- Payment information
- Shipping addresses
- Purchase history
- Newsletter subscription data
4. Purposes and Legal Bases for Processing
| Purpose | Legal Basis (GDPR) | Data Used |
|---|---|---|
| Responding to inquiries | Legitimate interest (Art. 6(1)(f) GDPR) | Name, email, inquiry content |
| Website analytics and improvement | Consent (Art. 6(1)(a) GDPR) | Usage data, anonymized IP address |
| Affiliate commission tracking | Consent (Art. 6(1)(a) GDPR) | Click data, anonymized browsing behavior |
| Compliance with legal obligations | Legal obligation (Art. 6(1)(c) GDPR) | Various, as required by law |
Our legitimate interest for responding to inquiries is to provide customer support and maintain our business relationship with visitors.
5. How We Share Your Personal Data
We do not sell your personal data. We may share data with:
5.1 Affiliate Networks and Retailers:
When you click on affiliate links on our website, you are redirected to third-party retailers. These third parties may collect data about your browsing and purchases:
- Awin: Tracks affiliate referrals through cookies. Awin operates as an independent data controller. See Awin's privacy policy
- Amazon Associates: Tracks clicks and purchases through cookies when you use Amazon links. Amazon operates as an independent data controller. See Amazon's privacy policy
- Other affiliate retailers: May use similar tracking mechanisms. Please review their respective privacy policies.
Important: Once you click an affiliate link and leave our website, the privacy policy of the destination retailer applies. We are not responsible for their data practices.
5.2 Analytics and Tracking Services (Data Processors)
- Google Analytics 4: Collects anonymized website usage data to help us understand visitor behavior and improve our content. Google acts as a data processor under our instructions. See Google's privacy policy and How Google uses data
- Microsoft Clarity: Records anonymized user sessions and creates heatmaps to help us optimize website layout and user experience. Microsoft acts as a data processor. See Microsoft's privacy policy
5.3 Legal Requirements:
We may disclose your data if required by law, court order, or to protect our legal rights.
6. International Data Transfers
Some of our service providers (Google, Microsoft) may process data outside the European Economic Area (EEA). We ensure that:
- Transfers comply with GDPR Chapter V requirements
- Adequate safeguards are in place (Standard Contractual Clauses, adequacy decisions, or Data Privacy Framework)
- Data is protected to equivalent standards as required by EU law
7. Cookies
Please refer to our Cookie Policy
8. Data Retention
We retain personal data only as long as necessary:
| Data Type | Retention Period | Justification |
|---|---|---|
| Contact inquiry data | 3 years after last contact | Legitimate interest in maintaining support history |
| Analytics data | 14 months | Google Analytics configuration |
| Affiliate click data | As determined by affiliate networks | Managed by third-party controllers |
After these periods, data is securely deleted or anonymized.
9. Your Rights Under GDPR
You have the following rights regarding your personal data:
- 1. Right to access (Art. 15 GDPR): Request a copy of your personal data
- 2. Right to rectification (Art. 16 GDPR): Correct inaccurate data
- 3. Right to erasure (Art. 17 GDPR): Request deletion of your data
- 4. Right to restriction (Art. 18 GDPR): Limit how we use your data
- 5. Right to data portability (Art. 20 GDPR): Receive your data in a structured format (applies to contact inquiries)
- 6. Right to object (Art. 21 GDPR): Object to processing based on legitimate interests
- 7. Right to withdraw consent (Art. 7(3) GDPR): Withdraw consent at any time for analytics and affiliate cookies
- 8. Right not to be subject to automated decision-making (Art. 22 GDPR): We do not use automated decision-making or profiling
How to exercise your rights: Contact us via the online contact form. We will respond within one month. To verify your identity, we may request additional information.
For data held by affiliate networks: For data collected by Awin, Amazon, or other retailers through affiliate links, please contact them directly using their privacy policy contact information.
10. Security Measures
We apply appropriate technical and organizational measures to protect personal data against unauthorized access, loss, or misuse, in accordance with applicable data protection laws.
11. Questions and Complaints
Questions: Contact us using the online contact form.
Complaints: You have the right to lodge a complaint with the supervisory authority:
Belgian Data Protection Authority (APD/GBA)Drukpersstraat 35
1000 Brussels, Belgium
Website: www.dataprotectionauthority.be
Email: contact@apd-gba.be
Phone: +32 2 274 48 00
12. Changes to This Privacy Policy
We may update this Privacy Policy periodically to reflect changes in our practices, legal requirements, or service providers. The "Last updated" date at the top indicates when changes were made.