Privacy Policy
This Privacy Policy describes how Toast2IT, LLC ("Company," "we," "us," or "our") collects, uses, and discloses information when you use the Toast Notification service ("Service"). By accessing or using the Service, you agree to the practices described here.
Effective date: May 16, 2026 — Company: Toast2IT, LLC — Contact: [email protected]
1. Information We Collect
We collect information you provide directly and information generated by your use of the Service.
- Account information — name, email address, phone number (for SMS multi-factor authentication), company name, and password credentials when you register or manage your account.
- Billing information — payment method details are processed by our payment processor and are not stored on our servers. We retain billing history, subscription tier, and invoice records.
- Service usage data — notification delivery records, template content, device registration identifiers, audit log events, asset files uploaded through the Service, and API key activity.
- Device and endpoint data — Windows device identifiers, heartbeat timestamps, and agent configuration data associated with endpoints enrolled through the Service.
- Log and technical data — IP addresses, browser or agent version, request timestamps, error codes, and HTTP headers generated by interactions with the Service.
2. How We Use Information
We use collected information to provide, operate, and maintain the Service; process account registration and authenticate users; deliver Windows toast notifications to enrolled endpoints; process payments and manage subscriptions; send transactional communications (receipts, verification codes, security alerts); enforce our Terms of Service and acceptable use policies; investigate security incidents, fraud, and abuse; improve reliability, performance, and features of the Service; and comply with applicable legal obligations.
We do not sell your personal information to third parties. We do not use your notification content to train machine-learning models.
3. Information Sharing
We share information only in the following circumstances: with service providers who process data on our behalf (hosting, payment processing, SMS delivery, content moderation), contractually required to protect your information; when required by law, subpoena, or other legal process; in connection with a merger, acquisition, or sale of substantially all of our assets; or with your explicit consent.
4. Data Retention
We retain account information and service data for as long as your account is active or as needed to provide the Service. Audit log records are retained for a minimum of 90 days. Upon verified deletion request, we will delete or anonymize personal data within 30 days, subject to legal retention obligations.
5. Security
We implement administrative, technical, and physical safeguards including HTTPS transport encryption, HMAC-SHA256 payload signing, tenant isolation, multi-factor authentication controls, and audit logging. For a detailed description of our controls, see our Security architecture page.
6. Your Rights and Choices
Depending on your location, you may have the right to access, correct, delete, or restrict processing of your personal information. You may also have the right to data portability and to withdraw consent where processing is based on consent. To exercise any of these rights, contact us at [email protected]. We will respond within 30 days.
7. Cookies and Tracking
The Service uses session cookies and local storage for authentication state and user preferences. We do not use third-party advertising trackers or cross-site behavioral tracking technologies. Our marketing site may use basic analytics to understand aggregate traffic patterns. These analytics do not track individual users across sites.
8. International Data Transfers
Toast2IT, LLC operates in the United States. If you access the Service from outside the United States, your information may be transferred to and processed in the United States, where data protection laws may differ from those in your country.
9. Children's Privacy
The Service is not directed to individuals under the age of 16. We do not knowingly collect personal information from children. If you believe a child has provided personal information to us, please contact us and we will delete it.
10. Changes to This Policy
We may update this Privacy Policy from time to time. When we make material changes, we will notify you by email and update the effective date above. Continued use of the Service after the effective date of any revised policy constitutes your acceptance of the changes.
11. Contact Us
Toast2IT, LLC — [email protected]