Toasty Use Cookies

we use cookies to personalize and improve your experience on our site and to serve you with relevant advertising. visit our policy for more information on our data collection practices.

Learn More

Privacy Policy

Updated Aug 2024

Toasty (“we,” “us” or “our”) understands the importance of your personal privacy; therefore,
we have created this Privacy Policy so that the users (“users,” “you,” “your” or “client”) know how we use and disclose your information when you make it available to us. The Privacy Policy below discloses Toasty’s practices regarding information collection and usage of the website (https://toastycard.com/), the mobile website, and the mobile application (collectively, the “Websites”) and the service and the solution provided thereon (the “Service”).

PLEASE READ THIS PRIVACY POLICY CAREFULLY. BY ACCESSING OR USING THE SERVICE, YOU ACKNOWLEDGE THAT YOU HAVE READ, UNDERSTAND, AND AGREE TO BE BOUND BY ALL THE TERMS OF THIS PRIVACY POLICY AND OUR TERMS OF USE. IF YOU DO NOT AGREE TO SUCH TERMS, EXIT THIS PAGE AND DO NOT ACCESS OR USE THE SERVICE.

Key aspects of our privacy practices described in this Privacy Policy include the following points:

  • Personal Information we collect when you visit our website
  • Choices on collection/use of information
  • Information we collect from client’s company
  • Non-Personal Information we collect when you visit our website
  • Information usage
  • Cookies and similar technologies
  • Managing cookies
  • Analytics and conversion tracking
  • Consent to Transfer of Information
  • Security
  • Privacy Notice for California residents
  • Information for California residents
  • Other California privacy rights

We continually strive to find new ways to enhance your experience with the Service and we may modify this Privacy Policy from time to time to reflect changes in our privacy practices. You are encouraged to review this Privacy Policy periodically and to check the “Last Updated” date at the top of the Privacy Policy for the most recent version.

Terms of Use. Use of the Service is subject to our Terms of Use which is hereby incorporated and made part of our Site disclosures which shall include this Privacy Policy the Terms of Use and any other disclosures posted to the Site (collectively the “Site Disclosures”). By using the Service, you agree to be bound by our Site Disclosures.

Age. The Service is not directed to children under the age of eighteen (18) or the age of majority where you reside, whichever is younger. If you become aware that your child has provided us with personal information, please contact us at the email address listed below. If we become aware that a child under this age has provided us with personal information, we will take steps to remove such information and terminate the child’s account.

Use and processing of information:

We may use the information we collect in the following ways:
To identify you when you visit our websites.
To provide products and Services or to redeem rewards.
To improve our Services and product offerings, including analytics.
To offer you recommendations and tailor the Services to your preferences.
To respond to inquiries related to support, employment opportunities, or other requests.
To send marketing and promotional materials, including information relating to our products, Services, sales, or promotions, to personalize the advertisements you see on our Services and third-party online properties, and to measure the effectiveness of our advertising. We may share your information with business partners, online advertising partners, and social media platforms for this purpose.
For internal administrative purposes, as well as to manage our relationships.
To protect and secure our Services, assets, network, and business operations, and to detect, investigate, and prevent activities that may violate our policies or be fraudulent or illegal.
To comply with legal process, such as warrants, subpoenas, court orders, and lawful regulatory or law enforcement requests and to comply with applicable legal requirements, including “know-your-customer” due diligence and other anti-money laundering or OFAC compliance obligations.

Although the sections above describe our primary purpose in collecting your information, in many situations we have more than one purpose. Our collection and processing of your information is based in different contexts upon your consent, our need to perform a contract, our obligations under law, and/or our legitimate interest in conducting our business.

Updating, Deleting and Correcting Your Information:

Updating, Deleting and Correcting Your Information
You may review, correct and delete certain information about you by editing your information under the “Account Details” section of your account.
You must promptly update your information if it changes or is inaccurate. Upon your request, we will close your Account and remove your profile information from view as soon as reasonably possible. We may retain information from closed Accounts in order to comply with the law, prevent fraud, collect any Fees owed, resolve disputes, troubleshoot problems, assist with any investigations of any user, enforce our Terms of Use, and/or for any other purposes otherwise permitted by law that we deem necessary in our sole discretion. You should understand, however, that once you transmit Personal Information through the Site, you may not be able to change or remove it. Once we have deleted or removed your Account, you agree that we will not be responsible to you for retaining information related to your Account. If you decide at any time that you no longer wish to receive communications from us, please follow any unsubscribe instructions that may be provided in our communications to you, or update your user preferences by logging into your user account on the website(s). Please note that we may use your Personal Information to contact you with important notifications, such as notices with respect to safety, or changes to our terms, conditions, and policies; you may not opt out of these notifications. Please also note that we may continue to use your Personal Information for statistical or other purposes as we see fit after you unsubscribe from any communications and/or terminate your use of the Site.

Application of this Privacy Policy:

This policy applies where we are acting as a data controller with respect to your personal data, in other words, where we determine the purposes and means of the processing of that personal data.

This policy applies where we are collecting Personally Identifiable Information (as further described below) from individuals and / or sole proprietors and does not apply to the collection of data from corporate entities. This policy applies however we collect Personally Identifiable Information, however accessed and / or used, whether via personal computers, mobile devices or otherwise.

In the event while using the Service you may be directed to other websites that are operated and controlled by third parties that are beyond our control. This policy does not apply to the privacy practices of these third-party websites

Personal Information That We Collect:

We may ask you to, or you may voluntarily submit personal information when you are using our Service. The personal information which you may provide to us could include, but are not limited to:

  • Your name / Your company name
  • Your postal address
  • Your company’s business registration number
  • Your company’s EIN Tax number
  • Your email address
  • Your LinkedIn profile URL
  • Your telephone number
  • Your date of birth, age, gender
  • Your payment information
  • Your employment letter
  • Other technical information, etc.

Retention and Disposal of Personal Data or Personal Information

  1. Period of collection/processing of credit information and such: 3 Years
  2. Records of consumer complaints or dispute handling: 3 years
  3. Records of payment and supply of goods, etc.: 5 years
  4. Records of contracts or withdrawals: 5 Years
  5. Display/Advertising Articles: 6 Months

Choices on Collection/Use of Information.

You can always choose not to provide certain information, although a certain level of information is required to engage and participate in the Service.

Information We Collect From Client’s Company:

When a Customer Company indicates interest in our Service, we collect the following information via our sign-up form could include, but are not limited to:

  • Registered business legal name & DBA if applicable
  • Primary business address
  • Business contact information
  • Business Tax ID#/Company Registration #
  • Documents showing establishment of the business….etc

Non-Personal Or Aggregate Information That We Collect:

When you access our service, we may automatically collect non-personal information from you, such as IP host address, web pages viewed, browser type, operating system, referring service, search information, device type, page views, usage and browsing habits on the Service and similar data. We may also aggregate demographic information collected from our users (such as the number of users in a particular geographical location) in a manner which does not identify any one individual. We may also aggregate information collected offline in connection with the Service, obtain non-personal information from third party sources and develop aggregate information by anonymizing previously collected personal information.

It is possible at times when collecting non- personal information through automatic means that we may unintentionally collect or receive personal information that is mixed in with the non- personal information. While we will make reasonable efforts to prevent such incidental data collection, the possibility still exists. If you believe that we have inadvertently collected your personal information, please notify us at support@toastycard.com.

Information Usage:

We will only use your personal information as described below, unless you have specifically consented to another type of use, either at the time the personal information is collected from you or through some other form of consent from you or notification by you:

  • If necessary for payment
  • In connection with providing the Service.
  • To respond to your inquiries or requests.
  • To send you emails from time to time about our services, but we will not provide your personal information to third parties for them to contact you directly unless otherwise permitted by this Privacy Policy or you provide your consent.
  • With third parties (collectively, the “Third Party Vendors”) to further the purpose for which you provided such information to us. For example, we may share your information with Elastic Email, for the purpose of sending emails.
  • As required by law or legal process.
  • To investigate suspected fraud, harassment or other violations of any law, rule or regulation, or the terms or policies for our services or our sponsors.
  • In connection with the sale or merger or change of control of the website or the division responsible for the services with which your personal information is associated.
  • With an affiliate of the website who is in the same corporate family as us as long as their privacy practices are substantially similar to ours.

Non- personal or aggregate information may be used by us for any purposes permitted by law and may be shared with any number of parties, provided that such information shall not specifically identify you.

Cookies and Similar Technologies:

“Cookies” are pieces of information that may be placed on your computer by a service for the purpose of facilitating and enhancing your communication and interaction with that service. Many services use cookies for these purposes.

We may use cookies (and similar items such as clear gifs, web beacons, tags, etc.) on our service to provide a personalized experience and for other purposes to make your visit more convenient or to enable us to enhance our service. We may also use and place cookies (and similar items) on your computer from our third-party service providers in connection with the Service, such as an analytics provider that helps us manage and analyze service usage, as described in more details below. In addition, our advertisers and business partners may set cookies and similar items on your computer when you use our service.

Managing cookies

Most browsers allow you to refuse to accept cookies and to delete cookies. The methods for doing so vary from browser to browser, and from version to version. You can however obtain up-to-date information about blocking and deleting cookies via these links:

  1. Chrome https://support.google.com/chrome/answer/95647?hl=en
  2. Firefox https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences
  3. Opera http://www.opera.com/help/tutorials/security/cookies/
  4. Microsoft Edge https://support.microsoft.com/en-us/search?query=enable%20cookies%20in%20edge
  5. Apple https://www.apple.com/legal/privacy/en-ww/

Analytics and Conversion Tracking:

We may use analytics services that use cookies, JavaScript, and similar technologies to help us analyze how users use our Service. The information generated by these services about your use of the Service (including your IP address or a truncated version of your IP address) is transmitted to and stored by third-party analytics providers. Those service providers will use this information for the purpose of evaluating your, and other users’ use of the Service, compiling reports for us on website activity and providing other services relating to website activity and internet usage.

We may collect information about your computer, including your IP address, operating system, and browser type, for system administration and to create reports. This is statistical data about our users’ browsing actions and patterns and does not identify any individual.

When you visit or log in to our website, cookies and similar technologies may be used by our online data partners or vendors to associate these activities with other personal information they or others have about you, including by association with your email. We (or service providers on our behalf) may then send communications and marketing to these email. You may opt out of receiving this advertising by visiting https://app.retention.com/optout.

Opt out of selling, sharing and targeted advertising

Toasty does not sell personal information to third parties: we’re not a data broker and we don’t put personal information on the open market. However, we may share personal information with certain third parties to do targeted advertising or data analytics, which under California and certain other state privacy laws could be characterized as “selling,” “sharing,” or “targeted advertising”. If you’re a US user and want to opt out of such data sharing, you can do so by pressing the button below.

Consent to Transfer of Information.

Your information may be transferred to, and maintained on, servers and databases located outside of your state, province, country or other governmental jurisdiction where the privacy laws may not be as protective as your jurisdiction. Please be advised that we may transfer your information to and from any state, province, country or other governmental jurisdiction, and process it elsewhere. Your consent to this Privacy Policy followed by your submission of such information represents your agreement to any such transfer.

Security:

The security of your personal and business information is very important to us. When we collect your personal and business information online, we use reasonable efforts to protect it from unauthorized access. However, due to the inherent and open nature of the Internet, we cannot guarantee that your personal and business information will be completely free from unauthorized access by third parties such as hackers and your use of our service which demonstrates your assumption of this risk. We have put in place reasonable physical, electronic, and managerial procedures to safeguard the information we collect. Only those employees who need access to your information in order to perform their duties are authorized to have access to your personal and business information. For more information on protecting your privacy, please visit www.ftc.gov/privacy.

Information for California Residents:

California law indicates that organizations should disclose whether certain categories of information are collected, “sold” or transferred for an organization’s “business purpose” (as those terms are defined under California law).

If you are a California resident, you have the following rights for purposes of the personal information covered by this Privacy Notice.

  • Right to Know About Personal Information Collected, Disclosed, or Sold and Right to Access. You have the right to request that we disclose the following information about your personal information we collect, use, and disclose.
  • Right to Deletion of Personal Information. You have the right to request deletion of your personal information we collected from you.
  • Right to Non-Discrimination for Exercise of California Privacy Rights. We may not discriminate against you because of your exercise of any of the foregoing rights, or any other rights under the California Consumer Privacy Act.

We may, however, charge different prices or rates, or provide a different level or quality of goods or services, if that difference is reasonably related to the value provided to Toasty by your personal information.

Other California Privacy Rights.

California’s “Shine the Light” law (Civil Code Section § 1798.83) permits users of our Site that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please contact us via email, or write to us at the address below.

Do Not Sell or Share My Personal Information

Privacy disclosures for specific jurisdictions
European Economic Area, United Kingdom, and Switzerland

We process “personal data,” as that term is defined in the European Union’s GeneralData Protection Regulation (“GDPR”).

Processing personal information by the Company shall be lawful only if and to the extent that at least one of the following applies:

  • A user has given consent to the processing of his or her personal information.
  • Processing is necessary for the performance of a contract to which a user is party or in order to take steps at the request of a user prior to entering into a contract:
    • Member management, identification, etc.
    • Performance of a contract in relation to providing the services required by users, payment and settlement of fees, etc.
  • Processing is necessary for compliance with a legal obligation to which the Company is subject
    • Compliance with relevant law, regulations, legal proceedings, requests by the government
  • Processing is necessary in order to protect the vital interests of users, or other natural persons
    • Detection of, prevention of, and response to fraud, abuse, security risks, and technical issues that may harm users or other natural persons
  • Processing is necessary for the performance of a task carried out in the public interest or in the excise of official authority vested in the Company
User’s right when applying GDPR

The users or their legal representatives, as main agents of the information, may exercise the rights regarding the collection, use and sharing of personal information by the Company. Details can be found in "05. User Rights", and for requests for rights, please check the contact information of the EU deputy in "07. Contact information of Company".

Your rights under the GDPR: Users who are located in the European Economic Area (“EEA”), U.K., or Switzerland have the right to lodge a complaint about our data collection and processing actions with the supervisory authority concerned. Contact details for data protection authorities are available here.

If you are located in the EEA, U.K., or Switzerland, you have the following rights:

  • Access and portability: Request access to personal data we hold about you or request transmission of your data to a third party.
  • Correction: Request that we rectify inaccurate or incomplete personal data we store about you.
  • Erasure: Request that we erase personal data when such data is no longer necessary for the purpose for which it was collected, when you withdraw consent and no other legal basis for processing exists, or when you believe that your fundamental rights to data privacy and protection outweigh our legitimate interest in continuing the processing.
  • Restriction of processing: Request that we restrict our processing of personal data if there is a dispute about the accuracy of the data; if the processing is unlawful; if the processing is no longer necessary for the purposes for which it was collected but is needed by you for the establishment, exercise or defense of legal claims; or if your request to object to processing is pending evaluation.
  • Objection to processing: Object to processing of your personal data based on our legitimate interests or for direct marketing (including profiling). We will no longer process the data unless there are compelling legitimate grounds for our processing that override your interests, rights, and freedoms, or for the purpose of asserting, exercising, or defending legal claims.
  • Transfers: Obtain information about and a copy of the safeguards we use to transfer personal data across borders.

Please contact us at privacy@toastycard.com to exercise these rights.

California

Your California privacy rights; “Shine the Light” law

California residents are entitled once a year, free of charge, to request and obtain certain information regarding our disclosure, if any, of certain categories of personal information to third parties for their own direct marketing purposes in the preceding calendar year. We do not share your personal information with third parties for third parties’ direct marketing purposes.

California Consumer Privacy Act (CCPA)

The California Consumer Privacy Act (“CCPA”) gives California residents the rights to receive certain information regarding the collection, use, and disclosure of information about them, as well as rights to know/access, correct, delete, and limit the use and disclosure of sensitive personal information and opt out of the sale or sharing of personal information. You have the right to be free from discrimination based on your exercise of your CCPA rights. To the extent that we collect personal information that is subject to the CCPA, that information, our practices, and your rights are described below.

Notice at collection regarding the categories of personal information collected

You have the right to receive notice of certain information about our data collection, use, and disclosure. The following table summarizes the categories of personal information we collect; the categories of sources of that information; whether we disclose, sell, or share that information to service providers or third parties, respectively; and the criteria we use to determine the retention period for such information. The categories we use to describe personal information are those enumerated in the CCPA. We collect this personal information for the purposes described above in “Use and Processing of Information.”

Please note that because this list is comprehensive, it may refer to types of information that we collect and share about people other than yourself. For example, while we transfer credit card or debit card numbers for our business purpose in order to process payments for orders placed with us, we do not collect or transfer credit card or debit card numbers of individuals that submit questions through our website’s “contact us” page.

Categories of personal information that we collect Source
We disclose for business purposes to:
We “share” or “sell” as defined in the CCPA to:
Identifiers – such as name, postal address, phone number, email address, account name, signature, or other similar identifiers
You; our enterprise clients
s Service providers

Product and service fulfillment companies

Internet service providers

Payment Processors and financial institutions

Government entities, law enforcement, lawyers, auditors, consultants and other parties as required by law

Data analytics providers
Business partners
Financial information – such as bank account number, credit or debit card number, or other financial information
You
Service providers

Payment Processors and financial institutions

Government entities, law enforcement, lawyers, auditors, consultants and other parties as required by law
Not sold/shared
Commercial information – such as information about
products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies
You; our analytics and advertising partners
Service providers

Product and service fulfillment companies

Payment processors and financial institutions

Government entities, law enforcement, lawyers, auditors, consultants and other parties as required by law

Data analytics providers
Not sold/shared
Network activity data – internet or other electronic network activity information, such as IP address, Device identifier (e.g., MAC), Cookie or tracking pixel information, Information about your interaction with our website, app, email correspondence, or products, browsing history, search history, and information regarding an individual’s interaction with an internet website, application, or advertisement
You; our analytics and advertising partners
Service providers

Product and service fulfillment companies

Internet service providers

Government entities, law enforcement, lawyers, auditors, consultants and other parties as required by law

Data analytics providers
Advertising partners
Professional/ employment information – such as occupation
You; our analytics and advertising partners
Service providers

Government entities, law enforcement, lawyers, auditors, consultants and other parties as required by law
Not sold/shared
Inferences – drawn from any of the information listed above to create a profile
You; our analytics and advertising partners
Service providers

Government entities, law enforcement, lawyers, auditors, consultants and other parties as required by law

Data analytics providers
Not sold/shared

We determine the retention period for each of the categories of personal information listed above based on (1) the length of time we need to retain the information to achieve the business or commercial purpose for which it was obtained, (2) any legal or regulatory requirements applicable to such information, (3) internal operational needs, and (4) any need for the information based on any actual or anticipated investigation or litigation.

Entities to whom we disclose information for business purposes are Service Providers, which are companies that we engage to conduct activities on our behalf. We prohibit Service Providers from using personal information for any purpose that is not related to our engagement.

Entities to whom we “sell” or with whom we “share” information are third parties. Under the CCPA, a business “sells”personal information when it discloses personal information to a company for monetary or other benefit. A company may be considered a third party either because we disclose personal information to the company for something other than an enumerated business purpose under California law, or because its contract does not prohibit it from using personal information for purposes unrelated to the service it provides to us. A business “shares” personal information when it discloses personal information to a company for purposes of cross-context behavioral advertising.

Your rights under the CCPA

  • Opt out of sale or sharing of personal information: You have the right to opt out of our sale or sharing of your personal information to third parties. To exercise this right, please visit our Do Not Sell or Share My Personal Information webpage or contact us. Your right to opt out does not apply to our disclosure of personal information to Service Providers.
  • Limit the use of your sensitive personal information: You have the right to limit our use and disclosure of your sensitive personal information if we use such information to infer characteristics about you. We do not use your sensitive personal information for this purpose. Your right to limit our use and disclosure of such information is subject to exception.
  • Know and request access to and correction or deletion of personal information: You have the right to request access to personal information collected about you and information regarding the source of that personal information, the purposes for which we collect it, and the third parties and service providers to whom we sell, share, or disclose it. You also have the right to request in certain circumstances that we correct personal information that we have collected about you and to delete personal information that we have collected directly from you. Please contact us to exercise these rights.
Colorado, Connecticut, Utah, and Virginia

Residents of the states of Colorado, Connecticut, Utah, and Virginia have the following rights:

Opt out of “sales” of personal information and use of their personal information for “targeted advertising,” and “profiling” as those terms are defined under applicable law.
Opt out

Confirm processing of and access to personal information under certain circumstances.

Correct personal information under certain circumstances. (Residents of Colorado, Connecticut, and Virginia only.

Delete personal information under certain circumstances.
Residents of these states can exercise their rights by contacting us.

Nevada

Nevada residents have certain rights to request that we do not sell your “covered information” to third parties including: (1) first and last name; (2) physical address; (3) e-mail address; (4) telephone number; (5) social security number; (6) identifier that allows a specific person to be contacted; or (7) any other information concerning a customer collected from the customer through our Internet website or online service and maintained in combination with an identifier in a form that makes the information personally identifiable.
To exercise your right to opt out of the sale of Covered Information under Nevada law, please contact us.

Customer Service. If you have any comments or questions regarding this Privacy Policy or wish to report any violation of this Privacy Policy, you may contact us at the address below.

Email: [support@toastycard.com]. Regular mail: [8 The Green, Ste A, Dover, DE, 19901].