Toskr Privacy Policy

GetThru products are built on best in class security practices to keep you protected at all times.

Overview

We take your privacy very seriously, and we never rent or sell personal data for any purpose to anyone.  While we use your data to process transactions for you, interact with you at your request, or to assist our customers who contact you, we have set ourselves very strict rules to ensure that your data is kept private and secure, and never sold or rented. We make it easy for you to request what information we have about you, and make it easy for you to request that we delete that information.   Whether you are a customer, an end consumer that is contacted by one of our customers, or a casual visitor to our website, we keep your personal data secure using industry accepted procedures and controls. There are many specifics to our privacy policy.  If you want to learn more, you can read about the details below.  

Applicability And Scope Of Policy

The Toskr, Inc. team and our ThruText.io, ThruTalk.io and GetThru.io websites (“We”) take your privacy very seriously, and make every reasonable effort to safeguard your personal data and to comply with all applicable laws, policies, and regulations related to the collection, storage and processing of personal information.

This privacy policy is intended to inform you of what information we collect, how this information is used, and what steps we take to protect this information. This policy covers our websites, web applications and is applicable worldwide. If you have any questions or concerns about our privacy policy and protections, please contact us at support@getthru.io.

This policy outlines our data handling practices and how we collect and use the Personal Data you provide during your online and offline interactions with us. As used in this Privacy Policy, “Personal Data” means any information that can be used to individually identify a person, and may include, but is not limited to, name, email address, postal or other physical address, credit or debit card number, title, and other personally identifiable information.

This policy is effective as of January 1, 2020 and may be updated from time to time for reasons such as operational practices or regulatory changes, so we recommend that you review our Privacy Policy when returning to our website. When our privacy policy changes, we will post a notice at the home page for our websites and applications.  If you object to any changes of our privacy policy, you may discontinue visiting the website and suspend usage of any of our applications.  

What Information Do We
Receive Or Collect? 

Who

Data We Collect/Receive

How We Share Information

VISITORS & NEWSLETTER REQUESTORS
  • Device, browser and platform information
  • Visitor behavior data
  • We do not share this information with third-parties, other than with third-party processors as part of supplying information or services. As a visitor, when you give us your data, you agree to share that data with us for the purpose of supplying you with the information or service you seek.
  • We do not share this information with third-parties. See below for More Information About Google Analytics.
CUSTOMER ORGANIZATIONS AND THEIR ADMINISTRATORS
  • Identifier information
  • Target Contact Data
  • Information regarding application usage and user behavior
  • We do not share this information with third-parties, other than with third-party processors as part of supplying our application or service. This information is available to your administrators and agents. By signing up, you agree that this information is available to our support staff. This information is never released to a text/talk target unless you take action to release it to them.
  • We do not share this information with third-parties other than with third-party processors as part of supplying our application or service. This data is available to your administrators and agents and our support staff.
  • We do not share this information with third-parties. See below for More Information About WalkMe.
CUSTOMERS’ USERS
  • Identifier information
  • Target Contact Data
  • Content information and meta-data of text / talk communications
  • We do not share this information with third-parties, other than with third-party processors as part of supplying our application or service. This information is available to the administrators and agents of the customer organization for which you work or volunteer. By agreeing to text/talk for an organization, you agree that this information is available to that organization and to our support staff. This information is never released to a text/talk target unless you take action to release it to them.
  • We do not share this information with third-parties, other than with third-party processors as part of supplying our application or service. This data is available to your organization’s administrators and agents and our support staff.
  • We do not share this information with third-parties, other than with third-party processors as part of supplying our application or service. By using our service, you agree that this information is available to the agents of the organization you represent and to their administrators and our support staff. Any personal information that you send in conversation with target contacts can be read or used by the administrators of the organization for which you volunteer or work.
  • We do not share this information with third-parties. See below for More Information About WalkMe.
CUSTOMERS’ TARGET CONTACTS
  • Target Contact Data
  • Content information and meta-data of text / talk communications
  • Information about responses
  • We receive this information from our Customers and share it only with them and their agents and administrators. We do not share this information with third-parties.
  • We do not share this information with third-parties, other than with third-party processors as part of supplying our application or service. By using our service, you agree that this data is available to the agents and administrators of the organization you represent and to our support staff.
  • This data is used solely for providing the service and applications to our customers and will be shared with their agents and administrators.

How We Use Your Information That We Receive Or Collect?

Whether you are a Visitor, a Customer, a Customer’s Agent or a Customer’s Target Contact, we never sell your information, and we use the data we receive or collect to respond to your requests for services or information, and only in accordance with this Privacy Policy. 

For each type of information, we receive or collect, we use it according to the table below:

Who

Data We Collect/Receive

How We Use The Information

VISITORS & NEWSLETTER REQUESTORS
  • Device, browser and platform information
  • Visitor behavior data
  • This data is used to offer you optimized experiences based on your device or location, and to respond to your requests. For example, if you signed up for one of our email newsletters, we will send the newsletter to you; or if you request a demo, we will schedule the demo with you.
  • This data is used to generate reports for website optimization.
CUSTOMER ORGAN-IZATIONS AND THEIR ADMIN-ISTRATORS
  • Identifier information
  • Target Contact Data
  • Information regarding application usage and user behavior
  • This data is stored within the application and used for display and identification purposes within communications with text/talk contacts or during the administration of your text/talk program. Your phone number is used with the calling feature, and made available to your program administrators. Your email address is used as your login user name and is stored within your user record. We use this email address to send you information about your account, notifications about your assignments, and password reset notifications.
  • This data is received from you and used to provide the service for which you registered. It is stored in your organization’s contact records and used for display purposes within communications with texting contacts, for identification purposes within the app, to facilitate texts and phone calls, or to populate scripts that your administrators have created. All data uploaded is available to any of your organization’s administrators. Data added to a script is available to user accounts assigned to those contacts within your organization.
  • We use this information for analyzing our websites and applications to improve the customer experience.
CUSTOMERS’ USERS
  • Identifier information
  • Target Contact Data
  • Content information and meta-data of text / talk communications
  • Information regarding application usage and user behavior
  • This data is stored within the application and used for display and identification purposes within communications with text/talk contacts or during the administration of your text/talk program. Your phone number is used with the calling feature, and made available to your program administrators. Your email address is used as your login user name and is stored within your user record. We use this email address to send you information about your account, notifications about your assignments, and password reset notifications
  • This data is received from you and used to provide the service for which you registered. It is stored in your organization’s contact records and used for display purposes within communications with texting contacts, for identification purposes within the app, to facilitate texts and phone calls, or to populate scripts that your administrators have created. All data uploaded is available to any of your organization’s administrators. Data added to a script is available to user accounts assigned to those contacts within your organization
  • Used for the provisioning of our apps/services to our customers and shared with their agents or administrators. Meta-data is used for analytical purposes and for optimizing and improving our service
  • We use this information for analyzing our websites and applications to improve the customer experience
CUSTOMERS’ TARGET CONTACTS
  • Target Contact Data
  • Content information and meta-data of text / talk communications
  • Information about responses
  • This data is received from our Customer Organizations and used to facilitate texting or calling campaigns or information dissemination
  • Used for the provisioning of our apps/services to our customers and shared with their agents or administrators. Meta-data is used for analytical purposes and for optimizing and improving our service
  • This data is used solely for the provisioning of our apps/services to our customers and will be shared with their agents or administrators

Do We Share This Information With Anyone?

We do not sell your information to any third party.  We limit sharing of information to the extent possible any only share to be able to respond to your service or information requests, or to third parties for the purposes of analyzing website and application usage and improving visitor and customer experience and improving our applications and services.  Specifics on the sharing of your information is given in the table below:

Who

Data We Collect/Receive

How We Use The Information

VISITORS & NEWSLETTER REQUESTORS
  • Device, browser and platform information
  • Visitor behavior data
  • We do not share this information with third-parties, other than with third-party processors as part of supplying information or services. As a visitor, when you give us your data, you agree to share that data with us for the purpose of supplying you with the information or service you seek.
  • We do not share this information with third-parties. See below for More Information About Google Analytics.
CUSTOMERS’ USERS
  • Identifier information
  • Target Contact Data
  • Content information and meta-data of text / talk communications
  • We do not share this information with third-parties, other than with third-party processors as part of supplying our application or service. This information is available to the administrators and agents of the customer organization for which you work or volunteer. By agreeing to text/talk for an organization, you agree that this information is available to that organization and to our support staff. This information is never released to a text/talk target unless you take action to release it to them.
  • We do not share this information with third-parties, other than with third-party processors as part of supplying our application or service. This data is available to your organization’s administrators and agents and our support staff.
  • We do not share this information with third-parties, other than with third-party processors as part of supplying our application or service. By using our service, you agree that this information is available to the agents of the organization you represent and to their administrators and our support staff. Any personal information that you send in conversation with target contacts can be read or used by the administrators of the organization for which you volunteer or work.
  • We do not share this information with third-parties. See below for More Information About WalkMe.
CUSTOMERS’ TARGET CONTACTS
  • Target Contact Data
  • Content information and meta-data of text / talk communications
  • Information about responses
  • We receive this information from our Customers and share it only with them and their agents and administrators. We do not share this information with third-parties.
  • We do not share this information with third-parties, other than with third-party processors as part of supplying our application or service. By using our service, you agree that this data is available to the agents and administrators of the organization you represent and to our support staff.
  • This data is used solely for providing the service and applications to our customers and will be shared with their agents and administrators.

More Information about Google Analytics

Google Analytics does not allow the collection of Personal Identifiable Information; therefore, we do not link the Personable Identifiable Data mentioned above to the data collected by Google Analytics. To understand which data is collected as well as how they collect and save it, check these links for their Terms of Service and their Safeguarding Policy.

More Information about WalkMe

To better understand which data is collected as well as how they collect and save it, please review their Privacy Policy and What data does WalkMe collect.

Customer / Organization Responsibilities:

Your organization, agents, administrators, users and volunteers must access and use the information you collect, send, provide or receive from using our applications and services only as allowed and described in your own privacy policy and only for your own legitimate business purposes. Training of your staff, agents, administrators, users and volunteers is your responsibility. 

Data Sharing with third-party processors:

We may share Personal Data within Toskr and with third party service providers, business partners, service vendors and/or authorized third-party agents or contractors for purposes of data processing or storage and to provide requested services, products or transactions, including processing orders, processing credit card transactions, providing our services, and providing customer support. For example, if you are a ThruText Customer and we use a third-party to manage the texting service, certain private information, such as phone number, may be transferred to that third-party for the sole purpose of providing our service to you.

In addition, we may transfer to a third-party processor standard personal information for the purposes of processing transactions, performing investigations of fraud, breaches, or technical issues, etc. For example, if we took credit card information online to process a transaction for our service, we would transfer that information to a credit card processor to complete the transaction.  In these cases, we only use the information to complete the transaction you request, and we reasonably determine that the third-party and processes the information only within the confines of our instruction and agreement.

If any of the circumstances specified above do require us to transfer information to a third-party, we will only do so under the following conditions:

Further, we will take reasonable and appropriate steps to ensure that the 3rd party effectively processes the personal information transferred in a manner consistent with our privacy policy.

Other than explicitly mentioned in this privacy policy, we do not share, trade, disclose, or sell your personal information to any 3rd parties for any purposes, including advertising.

Legal Protections and Law Enforcement:

We may access, use, preserve, transfer and disclose to third parties your Personal Information to: (1) satisfy any applicable law, regulation, subpoena, governmental request, or legal process if required by law; (2) protect and/or defend this Privacy Policy or other policies or terms of use applicable to our services, including investigations of potential violations thereof; (3) protect the safety, rights, property or security of Toskr, Inc. or any third party; and/or (4) detect, prevent or otherwise address fraud, security issues or breaches, or technical issues.

If Toskr, Inc. is required by law to disclose any of your data that directly identifies you, then we will use reasonable efforts to provide you with notice of that disclosure requirement, unless we are prohibited from doing so by statute, subpoena or court or administrative order. We will object to requests that we do not believe were issued properly.

Protection Of Private Information

We are committed to protecting the Personal Data you share with us or that we otherwise receive or collect. We utilize a combination of industry-standard security technologies, procedures, and organizational measures to help protect your Personal Data from unauthorized access, use or disclosure. To prevent unauthorized access, maintain data accuracy and ensure the appropriate use of information, we have put in place commercially reasonable physical, technical and administrative controls to protect your information. Please note that no method of data protection is 100% secure.

It is important that you protect and maintain the security of any account and that you notify us immediately of any unauthorized use of your account. Do not disclose your password to anyone.

Linked websites and third-party services:

Our websites and services may provide links to other third-party websites and services which are outside our control and not covered by this policy. We encourage you to review the privacy policies posted on these (and all) sites you visit or services you use.

Data Retention

Personal Information used by Customer Organizations is retained for the life of their account. Personal Information otherwise collected or received is retained until a deletion request is received or until it is no longer required for a legitimate business purpose. TOSKR will only retain Personal Information as long as allowable by law or regulation.

Can You Limit Or Opt Out Of The Information Collection?

For Visitors:

You do not have to provide us with any personal data to visit our marketing website. You can limit personal data collection simply by not supplying us with this data.  For meta-data collected by cookies, please see the Special Note on Cookies, below.  Certain information or services available to visitors cannot be made available if you determine to limit the information you share with us. For example, if you select our newsletter request page and decide that you do not want to share the information, then you do not have to share it. Unfortunately, we will not be able to send you the newsletter without the name and address of the recipient.

For Customer Organizations and their Administrators:

You cannot opt-out or limit the collection of their personal information if they want to use the services and applications.  The information you provide to us is your responsibility.  In our capacity, we are a Service Provider and only use this information for the purposes of supplying you with the products and services for which you contract with us. You have the obligation to obtain any personal identifying information that you supply to us in a legitimate manner consistent with law, and you are responsible for maintaining an appropriate legal basis for obtaining, controlling and processing this data. We process it for you at your request and under your legitimate basis.  We will make every reasonable attempt to respond in a timely manner to any legitimate requests, from you or passed on to us through you, to obtain, review or delete this information. If you lose the legitimate basis for the information or it otherwise should no longer be retained, you must notify us immediately so we can begin the process of deleting the information.

For Customer Users / Agents:

If you have agreed to be a User / Agent for a Customer Organization, you cannot limit the required Personal Data that you disclose to them, or else the applications and services will not work. However, you can opt-out of disclosing any Personal Data by not agreeing to be a User/Agent for that organization. Please contact that organization’s administrator with questions about their privacy policies.

For Customer Target Contacts:

The customer target contacts may stop communications by responding to a text or call requesting an opt-out from further communications. A customer target contact may request access or deletion of personal data through us (using the mechanisms defined in this policy) or through the associated Customer.  Please note that we do not have the ability under the current regulations to maintain suppression records when we receive a deletion request of personal data.  In other words, if we receive the same personal data from another customer in the future, we will not know that it was the subject of a previous deletion request and may process it until a further request to opt-out or a further request for deletion is received. As Users and Customer Targets are acquired from different customers and campaigns, there is currently no possibility for a platform-wide opt-out. In other words, if we receive an opt-out request from a Customer Target on one campaign, we have no ability to prevent other campaigns or customers from utilizing our platform to reach out to the same person later on.  However, we will diligently handle any opt-out request in a timely fashion from each relevant campaign.

Special Note on the Use of Cookies:

Users can control the use of cookies at the individual browser level. We inform you about the use of cookies with a banner when you enter our website.

Users can control the use of cookies at the individual browser level. We inform you about the use of cookies with a banner when you enter our website.

In addition, your browser may offer you a “Do Not Track” option, which allows you to signal to operators of websites and web applications and services (including behavioral advertising services) that you do not wish such operators to track certain of your online activities over time and across different websites. Our Products do not support Do Not Track requests at this time, which means that we collect information about your online activity both while you are using the services / applications and after you leave our web-sites / applications.

The information generated by the cookie about your use of our website is usually transmitted to a Google server in the USA and stored there. Google might transmit this information to other third parties.   The information generated by the cookie about your use of our applications is usually transmitted to a WalkMe server in the USA and stored there. WalkMe might transmit this information to other third parties.

Your Requests And How We Respond

We are committed to protecting the Personal Data you share with us or that we otherwise receive or collect. We utilize a combination of industry-standard security technologies, procedures, and organizational measures to help protect your Personal Data from unauthorized access, use or disclosure. To prevent unauthorized access, maintain data accuracy and ensure the appropriate use of information, we have put in place commercially reasonable physical, technical and administrative controls to protect your information. Please note that no method of data protection is 100% secure.

It is important that you protect and maintain the security of any account and that you notify us immediately of any unauthorized use of your account. Do not disclose your password to anyone.

Access and Deletion of Personal Data from Organization Accounts, Administrator Accounts and User Accounts:

You can request access or deletion of personal data, including your account and all profile information by emailing support@getthru.io. We must notify your text/talk organization of your request. If an organization account deletion request is made, we must confirm with the contract holder in your organization before deletion. You may view or change your personal information at any time in your profile settings.

Access and Deletion of Personal Data from Customer Target Contacts:

We recommend that Customer Target Contacts request access or deletion of personal data through the associated Customer or campaign. Customer Target Contacts may also request access or deletion of personal data by emailing support@getthru.io.

How We Handle Your Requests:

When we receive a request for personal data access or deletion, we must take reasonable steps to confirm your identification prior to acting on your request. Each request will be logged and handled with a response to you in the time required by law, or, if there is no applicable law, within a reasonable amount of time. We will react to requests for access by sending you a copy of your personal data we maintain.  We will react to requests for deletion by confirming the legal basis for the personal data and if we have legal reason to keep the data (for example, to complete a credit card transaction you initiated).  We will determine the appropriate timeframe for deletion, and then track your request until deletion is complete. We will inform you of the completion of the request.

Specifics On The Eu-us Privacy Shield Framework

Toskr, Inc. and our ThruText.io, ThruTalk.io and GetThru.io websites comply with EU-US Privacy Shield Framework as set forth by the US Department of Commerce regarding the collection, use and retention of personal information from European Union member countries. We are subject to the investigatory and enforcement powers of the Federal Trade Commission and/or the Department of Transportation with respect to the compliance with EU-US Privacy Shield Framework. If there is any conflict between the policies in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification page, please visit https://www.privacyshield.gov/.

If you have any questions or concerns about our privacy policy and protections, please contact us at support@getthru.io. We have committed to refer any unresolved privacy complaints under the EU-US Privacy Shield Principles to an independent recourse mechanism, JAMS, as our Alternative Dispute Resolution (ADR) provider. https://www.jamsadr.com/ If neither Toskr, Inc. nor JAMS resolve your complaint, you may pursue binding arbitration through the Privacy Shield Panel. To learn more about the Privacy Shield Panel and submitting a complaint, visit https://www.privacyshield.gov/article?id=How-to-Submit-a-Complaint.

CCPA Specific Disclosures 

The California Consumer Privacy Act of 2018 (“CCPA”) took effect on January 1, 2020. While this law requires certain companies to make disclosures about which Personal Information is collected, shared or sold with third parties, the regulations determined by this law have not been finalized.  We believe in being proactive and make the following disclosures in preparation for the CCPA, and will modify these disclosures as regulations are finalized:

Category

Identifiers

Identifiers
Name, Email Address, Unique Personal Identifier, IP Address, Account Name, Phone Number, or other similar identifiers
Commercial Information
Products or Services purchased or utilized, obtained or considered, or other purchase and consumer histories or tendencies.
Usage
Information on the User’s interaction with our products or services, through our applications, and possibly with the usage of cookies.
Internet Activity
Information on the User’s interaction with our web pages and free trials, and possibly with the usage of cookies. 

Disclosure Category

Have we disclosed personal data to another company or third party in the past 12 months?

Auditing
No
Security
No
Debugging
No
Short Term Advertising uses (contextualization but not profiling)
No
Performing Services
Yes. We have disclosed Identifiers and Commercial Information to our Third Parties for the purposes of delivering our products and services to our customers.  
Internal Research
No
Testing or Improvement
Yes.  We have disclosed Usage and Internet Activity to Third Parties, such as Google Analytics and WalkMe System for the purposes of understanding usage and improving our products and services.  
Other
No

You may make data access or deletion requests to us as per the Contact Us section below. We will not discriminate against you for making these requests, including not denying you goods or services, charging you more for goods or services, denying benefits or imposing penalties, providing a different quality of service, or threatening you with any of the above in response to your data requests.

Privacy Of Minors:

We have certain contracts with Educational Institutions to assist them in communicating with their students.  They maintain the legal basis for usage of their students’ privacy data for the purposes of communication, and we do not disclose the students’ private information to anyone other than back to the Educational Institution for the purpose of delivering our service of assisting in the communications to the students.  In addition, we require that our other clients do not communicate with children, but we have no control over their usage of our applications and the data that they supply.   

To the best of our knowledge, we do not solicit information directly from any minor. If we determine that we have solicited personal information from a minor, we will delete that information in a timely fashion. Please contact us (see Contact Us section below if you believe we have personal information from a minor not connected with one of the Educational Institutions we serve, and we will review the information and delete it as appropriate.

Changes To This Privacy Policy

This privacy policy may be amended from time to time. Any such changes will be posted on this page. We will notify you of any significant or material changes in the way we treat your information by placing a prominent notice on our site and/or, for User Accounts, sending a notice to the primary email address specified in your account.

Contact Us

California Privacy Rights: Under California Civil Code sections 1798.83-1798.84, California residents are entitled to ask us for a notice identifying the categories of personal customer information which we share with our affiliates and/or third parties for marketing purposes, and providing contact information for such affiliates and/or third parties. If you are a California resident and would like a copy of this notice, please submit a written request to support@getthru.io.

To address your individual rights, make a request for access or deletion of personal data, or if you have any privacy-related questions or comments related to this privacy policy, please send an email to support@getthru.io, or by writing to: 

Toskr
Attn: Privacy Officer
1330 Broadway, 3rd Floor
Oakland, California 94612

In addition, if you or someone you know is disabled and would like to receive an alternative form of this Policy, please write to us at the above address and we will do our best to accommodate.