Toasty cares about the privacy of its users. It is Toasty’s policy to respect the privacy of its users in the data we collect, store and use.
2. Purpose of this Policy
3. Definition and nature of personal data and information
Whenever you use the digital platform available at https://toasty.ai (hereafter referred to as the "Platform"), for the purposes of using the provided virtual meeting services, we may request some personal information.
We also collect some of your personal data when you register directly on the Platform to participate in a meeting, or when a meeting host wishes to provide you with our services at a meeting for which you are registered.
The term "personal data" refers to any and all information which enables an individual to be identified, including but not limited to your first and last names, postal address, email address, telephone number, data of action and behavior on the Platform, as well as any other information about you which you may choose to provide us with.
Other data and information which does not allow you to be personally identified may be generated based on your usage of the services offered by the Platform. The Policy does not cover all the uses of those anonymous data.
4. Collection and handling of personal data
Under GDPR, Toasty’s main legal basis for collecting personal data is consent. By using the Toasty service, you understand and consent to the collection and handling of your personal data.
Because Toasty is a platform for professional commercial usage, Toasty’s legal basis for collecting and processing data may also fall under the categories of fulfilment of a legal contract or as a legitimate interest to fulfil a requested service.
Your personal data may be collected and handled for the following purposes:
(i) To manage your access to and use of the services available on the Platform.
(ii) To carry out customer management operations relating to contracts, orders, deliveries, invoices, follow-up with customers, etc.
(iii) To compare against other user data to compile a list of other users for you to interact with.
(iv) To allow other users of the service and registered to the same meeting to request to interact with you.
(v) To issue newsletters, invitations and promotional advertisements. You can opt-out of this usage at any time.
(vi) To sent you suggestions for networking connections with other users of the Platform
(vii) To analyse Platform usage and monitor technology used for delivering our services.
(viii) To manage reviews on products, services or content.
(ix) To manage unpaid invoices and potential disputes regarding the use of our products and services.
(x) To adhere to our legal and regulatory obligations.
For all personal data we collect, we will advise whether the data is mandatory to deliver the service for you or can be optionally provided to improve your experience.
We may collect your data indirectly from meeting hosts which you are attending in order to communicate and deliver the service to you. We may also collect your data from other users of the Platform, including by their providing us access to a contact list or similar.
5. Sharing of the collected data
Our company's staff, auditing authorities and our subcontractors will have access to your personal data.
For the purposes of the meeting service, we will also provide your personal data to the hosts of meetings for which you are registered and for which you have used the services of the Platform. The meeting host may access and use this data for the same purposes and under the same conditions as those referred to in this Policy. The meeting host remains solely responsible for their respect of their own legal and declarative obligations with regard to their processing of your personal data, which they carry out themselves, with their own means and for their own requirements. We are only responsible for our own use of your personal data, excluding any other use by the meeting host.
We may also provide your data to government officers or legal instruments for the sole purpose of meeting applicable regulatory and legal obligations.
Your personal data will not be shared with any other third party, with the exception of the hosts of meetings for which you are registered and for whom we are using your data to provide our services.
Furthermore, we may share with the meeting hosts for which you are registered data about how you used the services as provided by the Platform, including interactions with other users.
6. Linked content and services
7. Data retention Your personal data shall not be retained any longer than is necessary for the management of our business with you. However, data proving the existence of a right or a contract must be kept in order to adhere to legal obligations and shall be held for the term stipulated by the applicable law.
Data regarding the services, operations or commercial prospecting for customers may be held for a period of 3 years after the termination of all business relationship.
Personal data regarding prospective customers may be held from 3 years from when it was first collected, and we may contact prospective customers again after this time to confirm whether they still wish us to keep their data for commercial solicitation.
Personal data that is collected and held for the purposes of improving our services, including usage and interaction data, will be kept for a maximum of up to 2 years.
8. Security and hosting We take all reasonable precautions and appropriate measures to maintain the security and confidentiality of your personal data.
The data collected and used in the delivery of our services are hosted by Amazon Web Services located in Hong Kong.
You may configure your browser to refuse the storage of cookies, however your experience of the services provided by the Platform may be degraded.
Providing your personal data and using the services we offer represents your express consent for the collection and use of this data as described in this Policy.
11. Access to your personal data
You are able to access, update or delete your personal data provided to us via your account online. You may also make requests related to your personal data to firstname.lastname@example.org. Toasty is fully compliant with GDPR requirements to respond to any request to provide or delete your personal data within the required timeframes.
12. Recognition and upholding of rights of EU citizens under GDPR
13. Appointment of Data Protection Officer
Toasty’s appointed Data Protection Officer is Marco Au, co-founder and Chief Technical Officer. Marco can be contacted at email@example.com
We reserve the right to amend this Policy at any moment, at our sole discretion, either in its entirety or in part. Such amendments shall come into effect once the new Policy is published. Your use of the Platform following the entry into effect of these amendments, shall constitute acknowledgement and acceptance of the new Policy. Failing that, and if you are not in agreement with the new Policy, you should refrain from accessing the Platform.