Effective Date: 15 August 2025
This Privacy Policy explains how Tome Technologies (“we,” “our,” “us”) collects, uses, stores, and shares personal information in accordance with applicable laws, including the Protection of Personal Information Act, 2013 (POPIA), the General Data Protection Regulation (GDPR) of the European Union, and applicable United States privacy regulations such as the California Consumer Privacy Act (CCPA) and COPPA.
1. Information We Collect
- Personal Identification Information: Name, email address, phone number, physical address, ID/passport number.
- Account Information: Username, password, verification details.
- Usage Data: IP address, browser type, device information, pages visited, and time spent on our platform.
- Transactional Data: Payment information, billing address, and transaction history.
- Communications: Emails, messages, and other interactions with our support team.
2. Legal Basis for Processing (GDPR)
We process your personal information under one or more of the following legal bases:
- Your consent.
- To perform a contract with you.
- To comply with legal obligations.
- For legitimate business interests that do not override your rights.
3. Use of Information
We use your information to:
- Provide and improve our services.
- Verify your identity and maintain account security.
- Process payments and transactions.
- Send service updates, announcements, and relevant communications.
- Comply with legal and regulatory requirements.
4. POPIA Compliance
Under South Africa’s POPIA, we commit to:
- Collecting personal information only for lawful purposes.
- Using information for the purpose for which it was collected.
- Implementing reasonable security measures to protect your information.
- Allowing you to access, correct, or delete your personal information upon request.
5. Your Rights (POPIA, GDPR, CCPA)
You have the right to:
- Access the personal information we hold about you.
- Request corrections to your personal information.
- Request deletion of your personal information (subject to legal requirements).
- Withdraw consent at any time where processing is based on consent.
- Opt-out of the sale of your personal data (CCPA).
- Data portability — receive your data in a structured, machine-readable format.
6. Children's Privacy (COPPA)
We do not knowingly collect personal information from children under 13 years old. If we become aware that we have collected such data without verified parental consent, we will delete it immediately.
7. Sharing of Information
We do not sell your personal information. We may share data with:
- Service providers who assist in delivering our services (under confidentiality agreements).
- Regulatory authorities when required by law.
- Business partners only with your explicit consent.
8. International Data Transfers
Your data may be transferred to and processed in countries outside your own. We ensure such transfers comply with applicable legal requirements, including standard contractual clauses under GDPR.
9. Data Security
We use industry-standard encryption, access controls, and monitoring to safeguard your data against unauthorized access, disclosure, alteration, or destruction.
10. Data Retention
We retain personal information only as long as necessary for the purposes stated in this policy or as required by law.
11. Changes to This Policy
We may update this Privacy Policy from time to time. Updates will be posted on this page with a revised “Effective Date.”
12. Contact Us
If you have any questions about this Privacy Policy or wish to exercise your rights, please contact us at:
Email: privacy@tometechnologies.com
Address: Tome Technologies, [Your Office Address], [City], [Country]