Tolt Privacy Policy

Hello. We are Tolt, Inc. (known by humans as Tolt).
Here's how we protect your data and respect your privacy.

Privacy Policy

Privacy Policy for Tolt, Inc.
Effective Date: 01.07.2023

This Privacy Policy outlines how Tolt, Inc. ("Tolt," "we," "us," or "our"), a company registered in Delaware, USA, collects, uses, and shares information from users ("you") of our website and services designed to help businesses launch and manage affiliate programs ("Services"). This policy applies to interactions with our digital properties and through the use of our Services but does not extend to third-party websites or services that may be linked to or from our Services.

Tolt, Inc. Contact Information:
Email: compliance@tolt.io
Address: 2093 Philadelphia Pike, #2726, Claymont, DE 19703

Information Collection:Information You Provide:
This includes contact and demographic information (name, email, company name, website URL) you provide when using our Services, such as during signup or communication with us.

Information from Use of Services:
We use third-party analytics tools (Google Analytics, Mixpanel, RudderStack, PostHog) and our tracking technology to collect information about your interaction with our Services. This data includes usage details and interactions with our affiliate tracking features but does not include personal information, with exceptions for specific functionalities where your email address may be shared with Mixpanel, PostHog, and Tolt.

Automated Collection: Through cookies and similar tracking technologies, we collect information about your use of our Services, including device information, location data, and interaction with our digital properties.

Use of Information:
We use the collected information to provide and enhance our Services, including service delivery, communication, marketing, and improvement of our offerings. Additionally, we utilize this information for analytics purposes to better understand how our Services are used and to tailor our marketing efforts.

Information Sharing and Disclosure:
We share information with third-party service providers that support our Services' delivery, such as analytics and marketing tools. These providers include Mixpanel, Google Analytics, PostHog, Meta, Google, Twitter, and Tolt. Personal information is not shared except as necessary for specific service functionalities.

User Rights and Choices:You have rights regarding your personal information, including accessing, correcting, or deleting your data. To exercise these rights, please contact us using the information provided above.

Data Security:
We employ various security measures, including encryption and secure server practices, to protect your information. However, no security measures are infallible.

International Data Transfers:
Your information may be transferred to and processed in countries other than your own, including the United States and European countries, where our service providers operate.

Children's Privacy:
Our Services are not intended for individuals under 16 years of age, and we do not knowingly collect personal information from children under 16.

Data Retention:
We retain your information as long as your account is active or as necessary to provide our Services, with personal information deleted within 30 days of account cancellation.

Changes to This Privacy Policy:
We may update this policy from time to time. Changes will be notified through email communication and updated on our digital properties.

Compliance with Regulations:
We strive to comply with relevant regulations, including GDPR and CCPA, and are committed to safeguarding your privacy rights.

Your Consent:
By using our Services, you consent to our collection, use, and sharing of your information as described in this Privacy Policy.

Contact Us:
For questions or concerns about our privacy practices, please contact us at compliance@tolt.io.

California Consumer Privacy Act (CCPA)

CCPA Policy Addendum for Tolt, Inc.
This CCPA Disclosure supplements our Privacy Policy and applies solely to California residents. It provides information about the personal information we collect, use, and share, and your rights regarding that information.

Your Rights under the CCPA:

Right to Know:

You have the right to request information about the personal information we collect, use, and disclose over the past 12 months, including the categories of personal information and the sources from which we collected it.

Right to Delete:
You can request the deletion of your personal information that we have collected, subject to certain exceptions.

Right to Opt-Out:
You have the right to opt-out of the sale of your personal information. Tolt, Inc. does not sell personal information in the traditional sense but may share information with third-party service providers for business purposes that could be broadly defined as a "sale" under CCPA. You can direct us not to sell your personal information.

Non-Discrimination:
You will not receive discriminatory treatment for exercising your CCPA rights.

Exercising Your CCPA Rights:
To exercise your CCPA rights, please contact us via the following methods:
Email: compliance@tolt.io
Address: 2093 Philadelphia Pike, #2726, Claymont, DE 19703

Please provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative.

General Data Protection Regulation (GDPR)

GDPR Policy Addendum for Tolt, Inc.

This GDPR Disclosure is designed for users residing in the European Economic Area (EEA) and supplements our Privacy Policy. It explains your rights under the GDPR and our commitment to protecting your personal data.

Your Rights under the GDPR:

Right of Access:

You have the right to obtain confirmation as to whether or not personal data concerning you is being processed, and, where that is the case, access to the personal data.

Right to Rectification:
You have the right to have inaccurate personal data about you rectified and incomplete personal data completed.

Right to Erasure (Right to be Forgotten):
You have the right to have your personal data erased under certain circumstances.

Right to Restriction of Processing:
You have the right to restrict the processing of your personal data under certain conditions.

Right to Data Portability:
You have the right to receive your personal data in a structured, commonly used, and machine-readable format and have the right to transmit that data to another controller.

Right to Object:
You have the right to object to the processing of your personal data under certain circumstances, including direct marketing.

Right to Withdraw Consent:
Where the processing of personal data is based on consent, you have the right to withdraw consent at any time.

Exercising Your GDPR Rights:
To exercise your rights under the GDPR, please contact us via:Email: compliance@tolt.io
Address: 2093 Philadelphia Pike, #2726, Claymont, DE 19703

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights).

Transfers of Personal Data:Personal data collected by Tolt, Inc. may be stored or processed outside of the EEA for the purposes described in our Privacy Policy. We ensure that such transfers are compliant with the GDPR and that your personal data is protected according to European standards.

Cookies

Cookie Usage Notice

We utilize cookies on our site to enrich your experience and tailor our services to your interests. These cookies support various functions, including:

Google Analytics:
For analyzing site usage patterns to optimize our content and user experience.

Tolt Tracking:
To accurately track and attribute affiliate program activities.

Intercom:
To enable real-time support and enhance user engagement.

Magic.Link:
To streamline your sign-in process with secure, passwordless authentication.

Meta and Google:
For social media integrations and targeted advertising, ensuring relevance and personalization.

You have the right to obtain confirmation as to whether or not personal data concerning you is being processed, and, where that is the case, access to the personal data.


How we track and protect referral data

Referral Tracking Service Policy

Introduction:
At Tolt, Inc., we are committed to upholding the highest standards of data integrity and privacy. Our referral tracking service is designed to empower businesses by providing precise and valuable insights into their referral programs. This policy outlines our practices concerning the collection, use, and protection of referral data.

Data Collection:
We collect referral data to help our clients understand the effectiveness of their marketing efforts and to reward their affiliates accurately. The data collected includes:

Clicks and impressions on referral links
- Tolt employs a CDN JavaScript script, Tolt.js, for seamless integration into your website. This script activates when a visitor accesses your site through a valid affiliate link, creating a unique click ID stored as a cookie specific to your domain. This ensures privacy, as the cookie is only accessible on your site, and we do not interact with other cookies.

tolt_referral = RANDOMLY_GENERATED_ID

Conversion tracking data from completed actions or sales
- Tolt captures event data via webhooks from third-party providers (e.g., Stripe, Paddle, Chargebee) for events linked to referred users who arrive through an affiliate link. This includes tracking payments, subscriptions, refunds, and more, which is essential for accurate commission calculation.

Data Retention for Referred Users:
Data from these webhook events, specifically related to referred users, is retained for a 7-day period for debugging and event tracking purposes, after which it is automatically deleted to uphold our commitment to data minimization and privacy.

Data Use:
The referral data we collect is used exclusively for the following purposes:
To calculate and track affiliate commissions
To analyze and report on the performance of referral campaigns
To enhance and optimize the referral programs of our clients

Data Protection:
We take the security of referral data seriously. To protect this data, we implement:
Encryption of data in transit and at rest
Regular security audits and monitoring
Access controls to ensure that only authorized personnel can view sensitive data

Data Sharing:
Referral data is only shared with you as the admin and is never sold to third parties.
Affiliates have access to the referral email(redacted) and paid amount.

Changes to This Policy:
We reserve the right to modify this policy at any time. Any changes will be effective immediately upon posting the revised policy, and we will take reasonable steps to inform users of any significant changes.

Contact Us:
For questions or concerns about our privacy practices, please contact us at compliance@tolt.io.

How we track and protect referral data - API

Referral Tracking Service Policy

Introduction:
At Tolt, Inc., we are committed to upholding the highest standards of data integrity and privacy. Our referral tracking service is designed to empower businesses by providing precise and valuable insights into their referral programs. This policy outlines our practices concerning the collection, use, and protection of referral data.

Data Collection:
We collect referral data to help our clients understand the effectiveness of their marketing efforts and to reward their affiliates accurately. The data collected includes:

Clicks and impressions on referral links
- Tolt employs a CDN JavaScript script, Tolt.js, for seamless integration into your website. This script activates when a visitor accesses your site through a valid affiliate link, creating a unique click ID stored as a cookie specific to your domain. This ensures privacy, as the cookie is only accessible on your site, and we do not interact with other cookies.

tolt_referral = RANDOMLY_GENERATED_ID

Conversion tracking data from completed actions or sales
- When utilizing Tolt's API, we empower you with full control over the event data you choose to send to us.
Unlike direct webhook integrations, we do not automatically capture data from third-party providers such as Stripe, Paddle, or Chargebee. It is the responsibility of you, the admin, to send us relevant events such as subscriptions, cancellations, and other user activities essential for the operation of your affiliate program.

This approach gives you the flexibility to determine the extent and type of referral data you share. Instead of sending referral emails or other direct identifiers, you have the option to use anonymized IDs, ensuring user privacy and compliance with your data protection standards.

By handing the reins of data transmission to you, we ensure that Tolt's API usage aligns with your internal data governance policies and respects the privacy of your users, while still providing the robust functionality needed for accurate commission calculations and referral tracking.

Data Retention for Referred Users:
Data from these webhook events, specifically related to referred users, is retained for a 7-day period for debugging and event tracking purposes, after which it is automatically deleted to uphold our commitment to data minimization and privacy.

Data Use:
The referral data we collect is used exclusively for the following purposes:
To calculate and track affiliate commissions
To analyze and report on the performance of referral campaigns
To enhance and optimize the referral programs of our clients

Data Protection:
We take the security of referral data seriously. To protect this data, we implement:
Encryption of data in transit and at rest
Regular security audits and monitoring
Access controls to ensure that only authorized personnel can view sensitive data

Data Sharing:
Referral data is only shared with you as the admin and is never sold to third parties.
Affiliates have access to the referral email(redacted), username or ID and paid amount.

Changes to This Policy:
We reserve the right to modify this policy at any time. Any changes will be effective immediately upon posting the revised policy, and we will take reasonable steps to inform users of any significant changes.

Contact Us:
For questions or concerns about our privacy practices, please contact us at compliance@tolt.io.