Privacy Policy

Tocca, Inc. (“Tocca,” “we,” “our,” or “us”) is committed to protecting your privacy. This Privacy Policy explains how your personal information is collected, used, and disclosed by Tocca. This Privacy Policy applies to our website, Tocca.com, and our event platform (collectively, our “Service”). By accessing or using our Service, you signify that you have read, understood, and agree to our collection, storage, use, and disclosure of your personal information as described in this Privacy Policy and our Terms of Service.

1. TOCCA’S END-USER DATA

a. WHAT INFORMATION DO WE COLLECT AND FOR WHAT PURPOSE?
The categories of information we collect may include:
● Information you provide to us directly. We may collect personal information, such as your name, phone number, company information, location, and email address when you create a profile, or otherwise communicate with us. We may also collect any communications between you and Tocca and any other information you provide to Tocca.
● Data collected through the use of the Service. We collect information about how you use the Service, your actions on the Service, and content you post to the Service, including your interaction with others on the Service, photos and videos you post to the Service, and any content you provide through in-app messages, chat, or other functionality (“User Content”). Please remember that Tocca may, but has no obligation to, monitor, record, and store User Content in order to protect your safety or the safety of other users, to assist with regulatory or law enforcement efforts, or to protect and defend our rights and property. By using the Service, you consent to the recording, storage, and disclosure of such communications you send or receive for these purposes.

● Information we receive from third-party sites you connect to our Service. We may receive personal information about you from third parties and combine that with information we collect through our Service. For example, we may obtain information when you log in to the Service through a third-party social network or authentication service, such as Facebook or Google. These services will authenticate your identity and provide you the option to share certain personal information with us, which could include your name, email address, address book and contacts, or other information. Similarly, when you interact with us through a social network or other third-party service, such as when you like, follow, or share Tocca content on LinkedIn, Facebook, Twitter, or other sites, we may receive information from the social network, including your profile information, picture, user ID associated with your social media account, and any other information you permit the social network to share with third parties. The data we receive from these third-party sites is dependent upon that third party’s policies and your privacy settings on that third-party site. You should always review and, if necessary, adjust your privacy settings on third-party websites and services before linking or connecting them to our website or Service.

● Information we receive from third parties. From time to time, we may receive information about you from third parties and other users. We may also collect information about you that is publicly available.

We use this information to operate, maintain, and provide to you the features and functionality of the Service, as well as to communicate directly with you, such as to send you email messages and push notifications, and permit you to communicate with others on the Service or on social media or invite others to join the Service. We may also send you Service-related emails or messages (e.g., account verification, change or updates to features of the Service, technical and security notices). For more information about your communication preferences, see “Control Over Your Information” below.

b. HOW WE USE COOKIES AND OTHER TRACKING TECHNOLOGY TO COLLECT INFORMATION.
We, and our third-party partners, automatically collect certain types of usage information when you visit our Service, read our emails, or otherwise engage with us. We typically collect this information through a variety of tracking technologies, including cookies, web beacons, embedded scripts, location-identifying technologies, file information, and similar technology (collectively, “tracking technologies”). We may collect analytics data or use third-party analytics tools such as Google Analytics to help us measure traffic and usage trends for the Service and to understand more about the demographics of our users. You can learn more about Google’s practices at http://www.google.com/policies/privacy/partners and view its currently available opt-out options at https://tools.google.com/dlpage/gaoptout. We may also work with third-party partners to employ technologies, including the application of statistical modeling tools, which permit us to recognize and contact you across multiple devices. Although we do our best to honor the privacy preferences of our users, we are unable to respond to Do Not Track signals set by your browser at this time.
We use or may use the data collected through tracking technologies to: (a) remember information so that you will not have to re-enter it during your visit or the next time you visit the site; (b) recognize and contact you across multiple devices; (c) provide and monitor the effectiveness of our Service; (d) monitor aggregate metrics such as total number of visitors, traffic, usage, and demographic patterns on our Service; I diagnose or fix technology problems; and (f) otherwise to plan for and enhance our Service.
If you would prefer not to accept cookies, most browsers will allow you to: (i) change your browser settings to notify you when you receive a cookie, which lets you choose whether or not to accept it; (ii) disable existing cookies; or (iii) set your browser to automatically reject cookies. Please note that doing so may negatively impact your experience using the Service, as some features and services on our Service may not work properly. Depending on your mobile device and operating system, you may not be able to delete or block all cookies. You may also set your email options to prevent the automatic downloading of images that may contain technologies that would allow us to know whether you have accessed our email and performed certain functions with it.

c. LEGAL BASIS FOR PROCESSING YOUR DATA IF YOU ARE A RESIDENT OF THE EU
If you are a resident of the EU, the purposes for which we process your personal data are:
1) the provision of personal data by you may be necessary for the performance of any contractual relationship we have with you;
2) where it is necessary for compliance with our legal obligations laid down by EU law;
3) where in our legitimate interests (provided these are not overridden by your interests and fundamental rights and freedoms – this includes our own legitimate interests and those of other entities and branches in our group of companies) such as:
a) to contact you and respond to your requests and enquiries;
b) for business administration, including statistical analysis;
c) to provide the Services to you; and
d) for fraud prevention and detection; and
e) to comply with applicable laws, regulations or codes of practices.
We may also process your personal data on the basis of your freely given, specific, informed and unambiguous consent. You should be aware that you are entitled under Data Protection Law to withdraw your consent where that has been given, at any time. If you do this and we have no alternative lawful reason to process your personal data, this may affect our ability to provide you with rights to use the Services.

d. SHARING OF YOUR INFORMATION
We may share your personal information in the instances described below. For further information on your choices regarding your information, see the “Control Over Your Information” section below.
We may share your personal information with:
● Other users of the Service. You control who you want to communicate with and what information you share;
● Third parties at your request. For example, you may have the option to share your activities and User Content on the Service with your contacts through email, text, or on various social media sites;
● Companies organizing or sponsoring the events that you attend by using our Service;
● Other companies and brands owned or controlled by Tocca, Inc. and other companies owned by or under common ownership as Tocca, which also includes our subsidiaries (i.e., any organization we own or control) or our ultimate holding company (i.e., any organization that owns or controls us) and any subsidiaries it owns. These companies will use your personal information in the same way as we can under this Privacy Policy;
● Third-party vendors and other service providers that perform services on our behalf, as needed to carry out their work for us, which may include providing mailing services, providing tax and accounting services, contest fulfilment, web hosting, or providing analytic services;
● Other parties in connection with a company transaction, such as a merger, sale of company assets or shares, reorganization, financing, change of control or acquisition of all or a portion of our business by another company or third party, or in the event of a bankruptcy or related or similar proceedings; and
● Third parties as required by law or subpoena or if we reasonably believe that such action is necessary to (a) comply with the law and the reasonable requests of law enforcement; (b) to enforce our Terms of Service or to protect the security or integrity of our Service; and/or (c) to exercise or protect the rights, property, or personal safety of Tocca, our visitors, or others.
We may also share information with others in an aggregated or otherwise anonymized form that does not reasonably identify you directly as an individual.

2. CUSTOMERS’ END USER DATA
In providing our Service, our customers may upload data to our Service, which may include personal information or data about our customers’ end users (all of which we call “End User Data”). End User Data is owned and controlled by our customers, and any End User Data that we maintain or process we consider to be strictly confidential. We collect and process End User Data solely on behalf of our customers, and in accordance with our agreements with our customers. We do not use or disclose End User Data except as authorized and required by our customers and as provided for in our agreements with our customers.

3. CONTROL OVER YOUR INFORMATION
Profile and Data Sharing Settings. You may update your profile and account information, such as your user name and profile photo, and may change some of your data sharing preferences on your Settings page.
How to control your communications preferences: You can stop receiving promotional email communications from us by clicking on the “unsubscribe link” provided in such communications. We make every effort to promptly process all unsubscribe requests. You may not opt out of service-related communications (e.g., account verification, transactional communications, changes/updates to features of the Service, technical and security notices).
Modifying or deleting your information: If you have any questions about reviewing, modifying, or deleting your information, you can contact us directly at the address provided at the end of this Privacy Policy. We may not be able to modify or delete your information in all circumstances. Please note that Tocca does not own or control the End User Data uploaded to our Service by our customers and cannot modify or delete End User Data except at the request of our customer, or as permitted by our Terms of Service.
4. HOW WE STORE AND PROTECT YOUR INFORMATION
Data storage and transfer: Your information collected through our Service may be stored and processed in the United States or any other country in which Tocca or its affiliates or service providers maintain facilities. If you are located in the European Union or other regions with laws governing data collection and use that may differ from U.S. law, please note that we may transfer information, including personal information, to a country and jurisdiction that does not have the same data protection laws as your jurisdiction, and you consent to the transfer of information to the U.S. or any other country in which Tocca or its parent, subsidiaries, affiliates, or service providers maintain facilities and the use and disclosure of information about you as described in this Privacy Policy. Such transfers are made pursuant to appropriate safeguards. If you wish to enquire further about these transfers, please contact us using the details set out at the end of this Privacy Policy.
Keeping your information safe: We care about the security of your information and employ physical, administrative, and technological safeguards designed to preserve the integrity and security of all information collected through our Service. However, no security system is impenetrable, and we cannot guarantee the security of our systems 100%. In the event that any information under our control is compromised as a result of a breach of security, we will take reasonable steps to investigate the situation and, where appropriate, notify those individuals whose information may have been compromised and take other steps, in accordance with any applicable laws and regulations.
Customer Agreements and End User Data: Our obligations with respect to End User Data are defined in our agreement with our customers and are not included in this Privacy Policy. Each customer will remain responsible for the privacy and security of the End User Data it collects and processes and for compliance with applicable data protection laws that may apply to the collection, processing and disclosure of End User Data through the Service. Any End User Data that has been submitted by our customers or that Tocca may otherwise have access to through the Service shall be retained, stored, and deleted according to our agreements with our customers.

5. FOR RESIDENTS IN THE EU AND SWITZERLAND
If you are a resident of the EU or Switzerland, you have the following rights in respect of your personal data that we hold:
• Right of access. The right to obtain access to your personal data;
• Right to rectification. The right to obtain rectification of your personal data without undue delay where that personal data is inaccurate or incomplete;
• Right to erasure. The right to obtain the erasure of your personal data without undue delay in certain circumstances, such as where the personal data is no longer necessary in relation to the purposes for which it was collected or processed;
• Right to restriction. The right to obtain the restriction of the processing undertaken by us on your personal data in certain circumstances, such as where the accuracy of the personal data is contested by you, for a period enabling us to verify the accuracy of that personal data;
• Right to portability. The right to portability allows you to move, copy or transfer personal data easily from one organization to another; and
• Right to object. You have a right to object to processing based on legitimate interests and direct marketing.
If you wish to exercise one of these rights, please contact us using the contact details provided at the end of this Privacy Policy.
You also have the right to lodge a complaint to your local data protection authority. Further information about how to contact your local data protection authority is available at http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm.

6. CHILDREN’S PRIVACY
Tocca does not knowingly collect or solicit any information from anyone under the age of 13 on this Service. In the event that we learn that we have inadvertently collected personal information from a child under age 13, we will delete that information as quickly as possible. If you believe that we might have any information from a child under 13, please contact us at the address provided at the end of this Privacy Policy.

7. RELATIONSHIP WITH THIRD PARTY WEBSITES AND SERVICES
The Service may contain links to and from third-party websites of our business partners and social media sites and our users may post links to third-party websites. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for their policies. We strongly recommend that you read their privacy policies and terms and conditions of use to understand how they collect, use, and share information. We are not responsible for the privacy practices or the content on the websites of third-party sites.

8. HOW TO CONTACT US
If you have any questions about this Privacy Policy or the Service, please contact us at privacy@tocca.io.

9. CHANGES TO OUR PRIVACY POLICY
We may modify or update this Privacy Policy from time to time to reflect the changes in our business and practices, so you should review this page periodically. When we change the policy in a material manner, we will let you know and update the ‘last modified’ date at the bottom of this page. If you object to any changes, you may close your account. Continuing to use our Service after we publish changes to this Privacy Policy means that you are consenting to the changes.

This Privacy Policy was last modified on August 21st, 2020.