Privacy Policy of ToltIQ, Inc. 

Effective Date: May 19, 2025 

1. Introduction 

ToltIQ, Inc., together with its affiliates ("ToltIQ," "we," "our," or "us") is committed to protecting the privacy and security of the personal information we process. This Privacy Policy outlines how we collect, store, use, disclose, and protect the personal information we handle through our websites that link to this notice, our services and operations as a SaaS platform provider and our marketing and sales activities (collectively, our "Services"). Our policy complies with applicable data protection laws, including the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other relevant global privacy regulations. 

This policy applies to the processing of personal information in all jurisdictions in which ToltIQ operates, including the United States, European Union, and other international regions. This document sets out the principles and practices that govern the collection, use, storage, and disclosure of personal information by ToltIQ. 

2. Scope 

This Privacy Policy applies to all personal information collected, used, disclosed, and processed by ToltIQ in connection with our business, including: 

  • Personal information of customers, users, and employees. 
  • Information provided through the use of our platform and services. 
  • Personal information collected through our websites and any affiliated tools, applications, or features. 
  • Communications and interactions with us. 

By using our Services or interacting with us, you consent to the data practices described in this policy. 

3. Personal Information We Collect 

We may collect the following types of personal information ("Personal Information"): 

  • Personal Identifiable Information (PII): Name, address, phone number, email address, job title, and employer. 
  • Financial Information: Billing address, details and transaction history. 
  • Account Information: Username, password, and account activity data. 
  • Technical Information: IP addresses, device identifiers, browser type, operating system, and data related to system usage and access. 
  • Usage Data: Information on how users interact with our platform, including access logs, features used, and error logs. 
  • Third-Party Data: Information provided by third-party services integrated with our platform (e.g., authentication providers). 

4. How We Use Personal Information 

We do not sell your Personal Information. ToltIQ may use Personal Information for the following purposes: 

  • Providing Services: To facilitate the use of our platform and Services, create and manage accounts, and process transactions. 
  • Improving Services: To optimize our platform, develop new features, and conduct data analytics. 
  • Communications and Support: To respond to inquiries, send service updates, and provide customer support. 
  • Legal and Compliance: To comply with legal obligations and legal process and to protect our rights, privacy, safety or property and/or that of our affiliates, you or other third parties; to prevent fraud, criminal activity or misuse of the Services and to ensure the security of our IT systems, architecture and network. 
  • Marketing: To send marketing communications, subject to applicable opt-in/opt-out regulations. 
  • We will not use Personal Information for any purpose incompatible with the original purpose of collection, unless legally permitted. 

5. Legal Basis for Data Processing 

GDPR Compliance: For users in the European Economic Area (EEA), we rely on the following legal bases to process your Personal Information: 

  • Consent: Where we have obtained explicit consent from you. 
  • Contract Necessity: Where processing is necessary for the performance of a contract with you.
  • Legal Obligation: Where processing is necessary to comply with a legal obligation.
  • Legitimate Interests: Where processing is necessary for the legitimate business interests of ToltIQ, except where such interests are overridden by your rights and freedoms. 

CCPA (California) Compliance: For California residents, ToltIQ complies with the CCPA by ensuring that you are informed of: 

  • The categories of Personal Information we collect. 
  • The purposes for which the Personal Information is used. 
  • The rights to access, correct, or delete Personal Information. 

6. Data Sharing and Disclosure 

In certain circumstances, we may share Personal Information with the following third parties: 

  • Vendors, Service Providers and Subprocesses: To third-party vendors who assist with business operations (including providers of hosting services, cloud services providers, other information technology service providers and analytics platforms). A list of our third party subprocesses can be found here:  https://www.toltiq.com/subprocessor-list    
  • Business Partners: In connection with joint services or co-marketing activities, where applicable. 
  • Regulators and Authorities: When required by law, legal process, or to protect the rights, property, or safety of ToltIQ or others. 
  • Corporate Transactions: In the event of a merger, acquisition, or sale of all or part of our business, your information may be transferred as part of the transaction. 
  • We will not sell or rent Personal Information to third parties for marketing purposes.

 7. International Data Transfers 

ToltIQ has its headquarters in the United States. Information we collect about you will be processed in the United States. By using our website, you acknowledge that your Personal Information will be processed in the United States. The United States has not sought nor received a finding of "adequacy" from the European Union under Article 45 of the GDPR. Pursuant to Article 46 of the GDPR, ToltIQ is providing for appropriate safeguards by entering binding, standard data protection clauses, enforceable by data subjects in the EEA and the UK. These clauses have been enhanced based on the guidance of the European Data Protection Board and will be updated when the new draft model clauses are approved. 

Depending on the circumstance, we also collect and transfer to the U.S. Personal Information with consent; to perform a contract with you; or to fulfill a compelling legitimate interest of the company in a manner that does not outweigh your rights and freedoms. ToltIQ endeavors to apply suitable safeguards to protect the privacy and security of your Personal Information and to use it only consistent with your relationship with the company and the practices described in this Privacy Policy. ToltIQ also enters into data processing agreements and model clauses with its vendors whenever feasible and appropriate. Since it was founded, ToltIQ has received zero government requests for information. 

For more information or if you have any questions, please contact us at legal@ToltIQ.com.

8. Data Retention and Deletion 

Your Personal Information is stored by ToltIQ on the servers of the cloud-based database management services ToltIQ engages, located in the United States. ToltIQ retains service data for the duration of the client's business relationship with us and for a period of time thereafter, to analyze the data for our own operations, and for historical and archiving purposes associated with our services. ToltIQ retains prospect data until such time as it no longer has business value and is purged from our systems. All Personal Information that ToltIQ controls may be deleted upon verified request from Data Subjects or their authorized agents. For more information on where and how long your Personal Information is stored, and for more information on your rights of erasure and portability, please contact us at: legal@ToltIQ.com. 

GDPR and other countries' privacy laws provide certain rights for data subjects. Data Subject rights under GDPR include the following: 

9. Data Security 

ToltIQ implement robust security measures to protect Personal Information, including: 

  • Encryption: all Personal Information is encrypted both at rest and in transit. 
  • Access Controls and authentication mechanisms: Strict access controls are enforced to limit data access to authorized personnel only. 
  • Regular security assessments and audits. 
  • Data Breach Response: We maintain an incident response plan to address any data breach or security incident, including prompt notification of affected individuals and regulatory authorities where required. 
  • Employee privacy training and awareness programs. 

Despite our efforts, no data transmission over the internet or storage system can be guaranteed to be 100% secure. We encourage you to take steps to protect your own data, such as using strong passwords and logging out of your account after use. You should only access the Services within a secure environment. 

10. For individuals in the EU and UK - Data Subject Rights 

  • Right to be informed. 
  • Right of access. 
  • Right to rectification. 
  • Right to erasure. 
  • Right to restrict processing. 
  • Right of data portability. 
  • Right to object. 
  • Rights related to automated decision making including profiling. 

This Privacy Policy is intended to provide you with information about what Personal Information ToltIQ collects about you and how it is used. 

If you wish to confirm that ToltIQ is processing your Personal Information, or to have access to the Personal Information ToltIQ may have about you, please contact us at legal@ToltIQ.com, or you may use the following links: 

For data subjects located in the EU click HERE.
For data subjects located in the UK click HERE.

You may also request information about: the purpose of the processing; the categories of Personal Information concerned; who else outside ToltIQ might have received the data from us; what the source of the information was (if you didn't provide it directly to us); and how long it will be stored. You have a right to correct (rectify) the record of your Personal Information maintained by ToltIQ if it is inaccurate. You may request that we erase that data or cease processing it, subject to certain exceptions. You may also request that ToltIQ ceases using your data for direct marketing purposes. In many countries, you have a right to lodge a complaint with the appropriate data protection authority if you have concerns about how ToltIQ processes your Personal Information. When technically feasible, we will - at your request - provide your Personal Information to you. 

Reasonable access to your Personal Information will be provided at no cost. If access cannot be provided within a reasonable time frame, ToltIQ will provide you with a date when the information will be provided. If for some reason access is denied, ToltIQ will provide an explanation as to why access has been denied. 

For questions or complaints concerning the processing of your Personal Information, you can email us at legal@ToltIQ.com. Alternatively, if you are located in the European Union, you can also have recourse to the European Data Protection Supervisor or with your nation's data protection authority. 

Our EU Representative: 

Under Article 27 of the GDPR, we have appointed an EU Representative to act as our data protection agent. Our nominated EU Representative is: 

Instant EU GDPR Representative Ltd. 
Adam Brogden contact@gdprlocal.com
Tel 35315549700 
INSTANT EU GDPR REPRESENTATIVE LTD 
Office 2, 
12A Lower Main Street, Lucan Co. Dublin K78 X5P8 
Ireland 

Our UK Representative: 

Under Article 27 of the UK Data Privacy Act, we have appointed a UK Representative to act as our data protection agent. Our nominated UK Representative is: GDPR Local Ltd. 

Adam Brogden
contact@gdprlocal.com 
Tel 44 1772 217800 

1st Floor Front Suite 

27-29 North Street, Brighton 

England

11. Cookies and Tracking Technologies 

ToltIQ uses cookies and similar tracking technologies to enhance user experience, analyze usage, and provide personalized content. You can manage cookie preferences through your browser settings. We make available a comprehensive Cookie Policy that describes the cookies and tracking technologies used on our website and provides information on how users can accept or reject them. To view the notice, click HERE. 

12. Third-Party Websites 

Our platform may contain links to third-party websites or services that are not affiliated with us. Once you have used these links to leave our Services, any information you provide to these third parties is not covered by this Privacy Policy and we cannot guarantee the safety and privacy of your information. ToltIQ is not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies before providing any Personal Information. 

13. Children's Privacy 

Our Services are not directed at individuals under the age of 16, and we do not knowingly collect Personal Information from minors. If we become aware of such data collection, we will take immediate steps to delete it. 

14. Changes to This Privacy Policy 

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements or operational needs. Any changes will be posted on our website, and we will notify you of any material changes by email or through our platform. Please review the policy periodically for updates. 

15. Contact Us 

If you have any questions or concerns about this Privacy Policy or how your data is handled, please contact us at: legal@ToltIQ.com 

PRIVACY POLICYTERMS OF USECOOKIE POLICY


© 2025 ToltIQ