Privacy Policy
Last updated: February 21, 2026
1. Introduction and Data Controller
World of Tabs ("we", "us", or "our"), powered by Tensorial, is committed to protecting your personal data and your privacy. This Privacy Policy explains what information we collect, how we use it, with whom we share it, and what rights you have in relation to your data when you use our website and services at worldoftabs.com ("the Service").
This policy is intended to comply with the General Data Protection Regulation (GDPR) (EU 2016/679), the UK GDPR, the California Consumer Privacy Act / California Privacy Rights Act (CCPA/CPRA), the Lei Geral de Proteção de Dados (LGPD) (Brazil), and other applicable global privacy laws.
For privacy-related enquiries, contact us at: [email protected].
2. Information We Collect
2.1 Information Collected Automatically
When you use the Service, we and our third-party partners automatically collect certain technical information, including:
- IP address (anonymised where required by law);
- Browser type and version;
- Operating system;
- Referring URL and exit pages;
- Pages viewed, time spent, and interactions with the Service;
- Device type and screen resolution;
- General geographic location (country and city level, derived from IP).
2.2 Cookies and Similar Technologies
We use cookies and similar tracking technologies (pixel tags, web beacons) placed by us and our third-party partners. See Section 4 for full details.
2.3 Information You Provide
We do not currently require registration or account creation. We do not intentionally collect sensitive personal data such as health information, financial data, or government identification numbers.
3. How We Use Your Information
We use collected data for the following purposes and on the following legal bases:
| Purpose | Legal Basis (GDPR/UK GDPR) | CCPA Category |
|---|---|---|
| Operating and maintaining the Service | Legitimate interest (Art. 6(1)(f)) | Internet or network activity |
| Analytics – understanding how the Service is used | Consent (Art. 6(1)(a)) / Legitimate interest | Internet or network activity |
| Serving personalised advertisements (Google AdSense) | Consent (Art. 6(1)(a)) | Internet or network activity; Inferences |
| Security, fraud prevention, and abuse detection | Legitimate interest (Art. 6(1)(f)) | Internet or network activity |
| Compliance with legal obligations | Legal obligation (Art. 6(1)(c)) | N/A |
4. Cookies
We use the following categories of cookies:
- Strictly necessary cookies – essential for the Service to function. No consent required.
- Analytics cookies – set by Google Analytics to measure Service usage (pages viewed, session length, etc.). These require your consent in jurisdictions where consent is mandatory (EEA, UK, Switzerland).
- Advertising cookies – set by Google AdSense and its advertising partners to deliver interest-based ads and measure their effectiveness. These require your consent where applicable.
Users in the EEA, UK, and Switzerland are presented with a consent management tool upon their first visit. You may update your cookie preferences at any time via the consent banner or your browser settings.
To opt out of Google Analytics across all websites, use the Google Analytics Opt-out Browser Add-on. To manage Google advertising preferences, visit Google Ads Settings. To opt out of interest-based advertising more broadly, visit aboutads.info or networkadvertising.org.
5. Third-Party Services
We use the following third-party services that may process your personal data:
- Google Analytics (Google LLC / Google Ireland Limited) – analytics. Data may be transferred to the United States. Google Privacy Policy.
- Google AdSense (Google LLC / Google Ireland Limited) – advertising. Data may be transferred to the United States. Google Privacy Policy.
We do not sell your personal data to any third party. We are not responsible for the data practices of third-party services.
6. International Data Transfers
We operate globally. If you are located in the EEA, UK, or Switzerland, your data may be transferred to countries outside those regions (including the United States) that may not provide the same level of data protection. Where such transfers occur, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs) adopted by the European Commission, or equivalent mechanisms under applicable law.
7. Data Retention
Server log data is retained for up to 90 days. Analytics and advertising data is retained in accordance with the policies of Google Analytics and Google AdSense respectively (typically 14 months for Analytics). We will retain data for no longer than is necessary for the purposes described in this policy, unless a longer retention period is required by law.
8. Your Privacy Rights
Depending on your jurisdiction, you may have the following rights:
EEA, UK, and Switzerland (GDPR / UK GDPR)
- Right of access – to obtain a copy of the personal data we hold about you;
- Right to rectification – to have inaccurate data corrected;
- Right to erasure ("right to be forgotten") – to request deletion of your data;
- Right to restriction of processing;
- Right to data portability;
- Right to object to processing based on legitimate interest or for direct marketing;
- Right to withdraw consent at any time, without affecting the lawfulness of processing prior to withdrawal;
- Right to lodge a complaint with your national supervisory authority (e.g., ICO in the UK, CNIL in France, AEPD in Spain).
California Residents (CCPA / CPRA)
- Right to know what personal information is collected, used, shared, or sold;
- Right to delete personal information we hold about you;
- Right to correct inaccurate personal information;
- Right to opt out of the sale or sharing of personal information. We do not sell your personal information. We do share data with advertising partners (Google AdSense) for cross-context behavioural advertising, which you may opt out of via the mechanisms in Section 4;
- Right to limit use and disclosure of sensitive personal information (we do not collect sensitive personal information as defined under CPRA);
- Right to non-discrimination for exercising your privacy rights.
To submit a verifiable consumer request, contact us at [email protected]. We will respond within the timeframe required by applicable law (45 days under CCPA, 30 days under GDPR).
Brazil (LGPD)
Brazilian users have rights analogous to those under the GDPR, including access, correction, deletion, portability, and the right to information about data sharing. Requests can be submitted to [email protected].
9. Children's Privacy
The Service is not directed at children under the age of 13 (or 16 in certain EEA member states). We do not knowingly collect personal data from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately so we can delete it.
10. Security
We implement appropriate technical and organisational measures to protect your personal data against accidental or unlawful destruction, loss, alteration, or unauthorised disclosure. However, no method of transmission over the internet is completely secure, and we cannot guarantee absolute security.
11. Changes to This Policy
We may update this Privacy Policy from time to time. Where we make material changes, we will update the date at the top of this page. Where required by applicable law, we will provide more prominent notice or obtain your consent. We encourage you to review this page periodically.
12. Contact and Data Protection Officer
For any questions, requests, or complaints relating to this Privacy Policy or our data practices, contact us at:
If you are in the EEA and believe we have not addressed your concern adequately, you have the right to lodge a complaint with your local data protection authority.