Privacy Policy
1. Introduction
At Tohyou (“we,” “us,” “our”), accessible via tohyou.com, we hold your privacy in the highest regard. This Privacy Policy outlines our unwavering commitment to protecting the personal data and privacy rights of our users, in full compliance with the General Data Protection Regulation (EU) 2016/679 (“GDPR”), the California Consumer Privacy Act of 2018 (“CCPA”), and other applicable data protection measures. By using our website or services, you acknowledge and agree to the practices described herein.
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to all users who access or use our website, services, or digital platforms associated with tohyou.com. Tohyou is the data controller with respect to the personal data collected, processed, and stored through its platforms. As a data controller, Tohyou determines the purposes and means of processing the personal data of individuals in accordance with its responsibilities and obligations under relevant data protection law.
3. Categories of Data Processed
We may collect and process the following categories of personal data:
a. Usage Data
Information such as your IP address, browser type, geographical location, operating system, and page views. This data helps us understand how visitors use tohyou.com and improve performance and user experience.
b. Account Data
Details you provide upon creating an account, including your full name, email address, phone number, mailing address, and other identifiers.
c. Profile Data
Information regarding your preferences, behaviors on the platform, purchase history, and interests as expressed during use.
d. Communication Data
Records of all correspondence with our support or communication systems, including support inquiries, interaction history, and submitted requests.
e. Technical Data
Device identifiers, access times, hardware configurations, network and software information collected automatically during your use of our platform.
f. Transaction Data
Details relating to any payments made or received through our services, including billing addresses, delivery details, and payment confirmation references (excluding sensitive payment credentials such as full credit card numbers).
g. Preference Data
Information relating to your expressed marketing preferences, opt-ins/opt-outs of communications, and other consent-based choices.
4. Legal Bases for Processing
We process your personal data under the following legal bases as permitted under applicable law:
– Legitimate Interests: In order to operate our services, prevent fraud, ensure platform security, and improve offerings, in a way that does not override your fundamental rights and freedoms.
– Performance of a Contract: When processing is necessary for delivering services you have requested.
– Consent: Where you have actively given consent, such as for marketing communications.
– Legal Obligation: To comply with regulatory and statutory requirements.
5. Your Rights
Subject to applicable laws, you are entitled to exercise the following rights:
– Right of Access: Obtain confirmation as to whether we process your data and access a copy of that information.
– Right to Rectification: Request correction of inaccurate or incomplete personal data.
– Right to Erasure (Right to be Forgotten): Request deletion of your data when no longer necessary or lawfully required.
– Right to Restriction of Processing: Restrict the processing of your personal data under certain conditions.
– Right to Data Portability: Receive your personal data in a structured, commonly used, machine-readable format and transfer it to another controller.
– Right to Object: Object to processing based on legitimate interests or direct marketing.
– Rights under CCPA: California residents may request information about personal data collected in the past 12 months, opt out of the sale of their data (we do not sell personal data), and request deletion in compliance with the CCPA.
To exercise any of these rights, please contact us at: [email protected].
6. Security Measures
We implement appropriate technical and organizational security measures to safeguard your personal data, including but not limited to:
– End-to-end encryption during data transmission
– Strict access control protocols and role-based user access
– Routine vulnerability assessments and system updates
– Regular data backups and disaster recovery policies
– Staff training on privacy and data protection obligations
7. International Transfers
Given the global nature of the internet, your data may be processed in countries outside your country of residence. Where such transfers occur, we ensure an adequate level of protection using:
– Standard Contractual Clauses (SCCs) approved by the European Commission
– Compliance with applicable regional privacy laws
– Additional contractual, technical, and organizational safeguards to protect your information
8. Data Retention
We retain personal data strictly for as long as necessary to fulfill the purposes for which it was collected, or to comply with legal, regulatory, or contractual obligations. Specific retention periods include:
– Usage Data: 12 months
– Account and Profile Data: As long as the account remains active or until deletion request
– Communication Data: 36 months after last contact
– Transaction Data: 7 years for financial compliance
– Preference Data: Until consent is withdrawn
After such timeframes, your data will be securely deleted or anonymized for analytical use.
9. Cookie Policy
We use cookies and similar technologies on tohyou.com to enhance user experience, analyze site performance, and support security and marketing efforts.
Types of cookies we use include:
– Essential Cookies: Required for the functioning of the site (e.g., login, session management)
– Functional Cookies: Enhance usability, such as remembering your preferences
– Analytics Cookies: Help us understand user behavior and improve functionality (e.g., Google Analytics)
– Performance Cookies: Monitor and improve load speeds and responsiveness
10. Cookie Management and Compliance
In compliance with GDPR and CCPA, we provide users with clear options to manage cookie preferences. You can:
– Adjust your browser settings to reject or delete specific cookies
– Use the cookie consent management tool on our site to opt in or out of non-essential cookies
– Revoke or change cookie consent at any time from the website footer links
11. Children’s Privacy
Tohyou does not knowingly collect data from children under the age of 13. If we identify that data from a minor has been inadvertently collected without proper parental consent, we will take appropriate measures to delete such information promptly. If you believe a child under 13 has provided us with personal data, please contact us at [email protected].
12. Policy Updates and Notifications
We may revise this Privacy Policy from time to time in response to legal, technical, or operational changes. Any material changes will be communicated prominently via tohyou.com or directly to users where necessary. Continued use of our website and services constitutes acceptance of any modifications to this Policy.
13. Contact
If you have questions, concerns, or would like to exercise your data protection rights in relation to this Privacy Policy, please contact us via email at:
We are committed to protecting your rights and transparency in how we handle your data. Our team is available to assist you with any privacy-related queries or needs regarding the use of tohyou.com.