Privacy Policy for Toast the Nation

1. Introduction

At Toast the Nation (“we”, “us”, or “our”), accessible via toastthenation.com (“Website”), we are fully committed to protecting the privacy, security, and personal data of all our users and visitors. This Privacy Policy outlines how we collect, use, disclose, and safeguard your information in a manner that upholds the highest standards of data protection in accordance with applicable laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

We recognize the importance of your privacy rights and implement rigorous safeguards to ensure the integrity and confidentiality of your personal information.

2. Scope of This Policy and Our Role as Data Controller

This Privacy Policy applies to all personal data collected via our Website, including services offered and resources accessed on toastthenation.com. Toast the Nation acts as the “Data Controller” as defined under the GDPR, and is responsible for determining the purposes and means of processing your personal data.

This policy applies regardless of whether you are a visitor, registered user, customer, or otherwise engage with our site or services.

3. Categories of Personal Data We Process

We may collect and process the following categories of personal data:

– Usage Data – Including information about your interactions with toastthenation.com such as IP address, browser type, platform, referral websites, page views, site navigation patterns, and session duration.
– Account Data – Personal identifiers you provide upon account creation or purchase, including name, email address, billing and shipping addresses, and phone number.
– Profile Data – Including preferences, interests, purchases, browsing history, and behavioral patterns on our site.
– Communication Data – Any correspondence initiated by you, including customer support inquiries, email exchanges, and contact form submissions.
– Technical Data – Device type, hardware model, operating system, screen resolution, app version, and unique device identifiers.
– Transaction Data – Payment methods, transaction history, delivery statuses, and order confirmations (payment card details are processed by secure third-party providers and not stored).
– Preference Data – Marketing preferences, product interests, and consent status with respect to communications and data sharing.

4. Legal Bases for Processing Your Personal Data

We process your personal data based on lawful bases recognized under the GDPR and applicable CCPA provisions:

– Consent – Where we obtain your explicit permission to process specific data (e.g., for newsletters or targeted advertising).
– Contractual Necessity – To perform our contract with you, including account setup, order fulfillment, and customer service.
– Legal Obligation – To comply with applicable laws or mandatory legal requests.
– Legitimate Interests – To enhance website security, measure user engagement, prevent fraud, and improve our services, where such interests do not override your privacy rights.

5. Your Data Rights

Subject to applicable law, you may exercise the following rights with respect to your personal data:

– Right of Access – Obtain confirmation and a copy of the personal data we hold about you.
– Right to Rectification – Request correction of inaccurate or incomplete data.
– Right to Erasure – Ask that your personal data be deleted, subject to legal or contractual retention obligations.
– Right to Restriction – Request limits on how we process your information under specific circumstances.
– Right to Data Portability – Receive your data in a structured, commonly used, and machine-readable format and transmit it to another controller.
– Right to Withdraw Consent – Where processing is based on consent, you may withdraw it at any time without affecting prior processing.
– Right to Object – To processing based on legitimate interests, including profiling or direct marketing purposes.

To exercise any of these rights, please contact us at [email protected].

6. Security Measures

We employ a comprehensive array of technical and organizational measures to protect your personal data, including but not limited to:

– Secure Socket Layer (SSL) encryption across our Website
– Access controls and authentication protocols for sensitive data areas
– Regular data backups and disaster recovery mechanisms
– Employee training on privacy and data protection policies
– Antivirus and malware detection systems

While no system is immune from all risks, these measures are designed to mitigate unauthorized access, disclosure, and misuse.

7. International Data Transfers

Where your personal data is transferred outside of the European Economic Area (EEA) or other jurisdictions with equivalent protection standards, such transfers will be protected by appropriate safeguards. These may include Standard Contractual Clauses (SCCs) or other lawful mechanisms recognized under data protection laws. We ensure that all third parties involved in cross-border data processing adhere to high privacy standards.

8. Data Retention

We retain personal data only for as long as necessary for the purposes it was collected. Specific retention periods are as follows:

– Usage and Technical Data: Up to 12 months from collection
– Account, Profile, and Transaction Data: Up to 7 years post last activity or transaction (to comply with auditing and legal obligations)
– Communication and Support Data: Up to 3 years following closure of the inquiry
– Preference Data: Until consent is withdrawn or data is updated

Data will be securely deleted or anonymized when no longer needed.

9. Cookie Policy

Our Website uses cookies and similar technologies to enhance user experience and analytics. Categories include:

– Essential Cookies – Required for proper operation of the Website and services (e.g., session management, authentication)
– Functional Cookies – Store user preferences and settings to remember you during your visit
– Analytics Cookies – Collect aggregate usage information to improve content and functionality (e.g., Google Analytics)
– Performance Cookies – Help us understand load times, errors, and technical performance metrics

These cookies do not directly identify you but may be tied to your IP address or browser configuration.

10. Cookie Management and Compliance

As required by GDPR and CCPA, we provide you with control over cookie settings when visiting toastthenation.com. You may manage consent through our cookie banner, where you can enable or disable specific cookie categories.

Additionally, you may configure your browser settings to block or delete cookies. Please note that disabling essential cookies may limit functionality or access to certain areas of our Website.

For California residents: you may opt-out of the sale or sharing of your personal information by contacting us at [email protected] or through any “Do Not Sell My Personal Information” functionality provided on the Website.

11. Children’s Privacy

Our services are not directed at children under the age of 13, and we do not knowingly collect personal data from anyone under that age. If we become aware that we have inadvertently received data from a child under 13, we will promptly delete such information. Parents or guardians who believe their child has provided us with personal data may contact us for immediate assistance at [email protected].

12. Policy Updates

We reserve the right to revise, update, or amend this Privacy Policy at any time. Any material changes will be prominently indicated on our Website. Continued use of toastthenation.com constitutes your acknowledgment and acceptance of such changes.

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy, your personal data, or data protection practices, please contact us at:

Email: [email protected]

We are dedicated to maintaining your confidence and privacy. If you believe your rights under this Policy or applicable laws are not being upheld, we encourage you to raise concerns with us directly, and you may also contact your local data protection authority where applicable.

Toast the Nation is committed to upholding the principles of privacy, transparency, and accountability in all aspects of personal data handling. Please reach out to us with any privacy-related questions or requests.