Privacy Policy

Last updated: November 23, 2025

At Torii Data ("we," "us," or "our"), we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our server-side conversion tracking service.

1. Information We Collect

1.1 Information You Provide

• Account Information: Name, email address, company name, and billing information
• Integration Credentials: API keys and OAuth tokens for connected advertising platforms
• Conversion Data: Event data you send through our API (purchases, leads, custom events)

1.2 Automatically Collected Information

• Usage Data: API requests, response times, error logs
• Device Information: IP address, browser type, operating system
• Cookies: We use essential cookies for authentication and session management

2. How We Use Your Information

We use the information we collect to:

• Provide and maintain our conversion tracking service
• Process and route conversion events to your connected ad platforms
• Authenticate and authorize API requests
• Monitor and improve service performance
• Detect and prevent fraud or abuse
• Communicate with you about service updates and support
• Comply with legal obligations

3. How We Share Your Information

3.1 With Advertising Platforms

We share conversion event data with the advertising platforms you've connected (Meta, Google, TikTok, etc.) as part of our core service functionality.

3.2 With Service Providers

We may share information with third-party service providers who help us operate our service:

• Cloud hosting providers (e.g., Vercel, Supabase)
• Payment processors (e.g., Stripe)
• Analytics services

3.3 For Legal Reasons

We may disclose information if required by law or in response to valid legal requests.

3.4 Business Transfers

If we're involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.

4. Data Security

We implement industry-standard security measures to protect your information:

• Encryption in transit (TLS/SSL) and at rest
• Secure credential storage with encryption
• Regular security audits and updates
• Access controls and authentication
• Monitoring for suspicious activity

However, no method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.

5. Data Retention

We retain your information for as long as necessary to provide our services and comply with legal obligations:

• Account Data: Retained while your account is active and for 90 days after deletion
• Conversion Events: Retained for 30 days for debugging and support purposes
• Logs: Retained for 90 days for security and performance monitoring

6. Your Rights and Choices

Depending on your location, you may have the following rights:

• Access: Request a copy of your personal information
• Correction: Update or correct inaccurate information
• Deletion: Request deletion of your personal information
• Portability: Receive your data in a portable format
• Opt-out: Opt out of marketing communications
• Object: Object to certain processing of your information

To exercise these rights, contact us at jonathan.mason@edgedigital.net.

7. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place for such transfers in compliance with applicable data protection laws.

8. Children's Privacy

Our service is not intended for children under 13 (or 16 in the EU). We do not knowingly collect information from children. If you believe we've collected information from a child, please contact us immediately.

9. California Privacy Rights

If you're a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

• Right to know what personal information we collect and how we use it
• Right to delete your personal information
• Right to opt-out of the sale of personal information (we do not sell personal information)
• Right to non-discrimination for exercising your privacy rights

10. European Privacy Rights

If you're in the European Economic Area (EEA), you have rights under the General Data Protection Regulation (GDPR):

• Legal basis for processing: Contract performance, legitimate interests, and consent
• Right to lodge a complaint with your local data protection authority
• Right to withdraw consent at any time

11. Cookies and Tracking

We use the following types of cookies:

• Essential Cookies: Required for authentication and service functionality
• Analytics Cookies: Help us understand how you use our service

You can control cookies through your browser settings, but disabling essential cookies may affect service functionality.

12. Third-Party Links

Our service may contain links to third-party websites. We're not responsible for the privacy practices of these sites. We encourage you to review their privacy policies.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We'll notify you of significant changes by email or through our service. The "Last updated" date at the top indicates when the policy was last revised.

14. Contact Us

If you have questions about this Privacy Policy or our privacy practices, please contact us:

• Email: jonathan.mason@edgedigital.net
• Address: Suite 1, Bancroft Business Centre, Hitchin, Hertfordshire, SG5 1LA, United Kingdom

15. Data Protection Officer

For privacy-related inquiries, you can contact our Data Protection Officer at dpo@toriidata.com.