Privacy Policy

1. Introduction

1.1 Welcome to BizTooly

Welcome to BizTooly (“we,” “our,” or “us”). We operate the BizTooly platform (the “Service”), a Mini SaaS Hub providing digital tools and productivity solutions. We are committed to protecting your privacy and being transparent about how we collect, use, and safeguard your information.

1.2 Scope

This Privacy Policy applies to:

• Our website: biztooly.com
• All associated subdomains and services
• Mobile applications (if applicable)
• Browser extensions (if applicable)
• API services

1.3 Consent

By accessing or using our Service, you consent to the collection, use, and sharing of your information as described in this Privacy Policy. If you do not agree with our policies and practices, please do not use our Service.

2. Information We Collect

2.1 Information You Provide Directly

Account Information

When you create an account, we collect:

• Email address
• Password (encrypted)
• Name (optional)
• Profile picture (optional)
• Company/organization (optional)

Payment Information

For paid subscriptions, we collect:

• Billing name and address
• Payment method details (processed by third-party processors)
• Transaction history
• Subscription preferences

User Content

When using our tools, we may process:

• Text input into our tools
• Files uploaded for processing
• Generated outputs
• Tool preferences and settings
• Saved templates and configurations

Communication Data

When you contact us:

• Support tickets and inquiries
• Feedback and survey responses
• Feature requests
• Bug reports

2.2 Information Collected Automatically

Usage Data

We collect information about your interaction with our Service:

• Pages visited and time spent
• Features used and frequency
• Tool-specific interactions
• Error logs and crash reports
• Clickstream data

Device Information

We automatically collect:

• IP address and location data
• Browser type and version
• Operating system
• Device type (desktop, mobile, tablet)
• Screen resolution
• Language preferences

Technical Data

• Cookies and similar technologies
• Log files
• Analytics data
• Performance metrics
• Security logs

2.3 Information from Third Parties

We may receive information about you from:

• Payment processors (Stripe, PayPal)
• Authentication providers (Google, GitHub)
• Analytics services (Google Analytics)
• Advertising partners
• Social media platforms
• Business partners

3. How We Use Your Information

3.1 To Provide and Maintain Our Service

We use your information to:

• Create and manage your account
• Process payments and subscriptions
• Provide customer support
• Send service-related communications
• Ensure platform security

3.2 To Improve Our Service

We analyze data to:

• Enhance existing features
• Develop new tools and services
• Fix bugs and technical issues
• Optimize performance
• Personalize user experience

3.3 For Communication

We may use your information to:

• Send important updates and announcements
• Respond to your inquiries
• Provide technical support
• Send marketing communications (with consent)
• Conduct surveys and research

3.4 For Security and Compliance

We use information to:

• Prevent fraud and abuse
• Enforce our Terms of Service
• Comply with legal obligations
• Protect our rights and property
• Ensure platform integrity

3.5 For Business Operations

We use data for:

• Analytics and reporting
• Business planning
• Service optimization
• Partner relationships
• Financial accounting

4. Legal Basis for Processing (GDPR)

4.1 Consent

We process your data based on consent when:

• You opt-in to marketing communications
• You accept cookies
• You provide explicit permission for specific processing

4.2 Contractual Necessity

Processing necessary for:

• Providing services you requested
• Managing your account
• Processing payments
• Fulfilling our contractual obligations

4.3 Legitimate Interests

We process data for legitimate business interests:

• Service improvement and development
• Security and fraud prevention
• Marketing and business growth
• User experience enhancement

4.4 Legal Obligations

Processing required by:

• Tax laws and regulations
• Court orders and legal requests
• Government regulations
• Industry standards

5. Data Sharing and Disclosure

5.1 Service Providers

We share information with trusted third parties who assist us in operating our Service:

Hosting and Infrastructure

• AWS (Amazon Web Services)
• Google Cloud Platform
• Cloudflare (CDN and security)

Payment Processing

• Stripe
• PayPal
• Other payment gateways

Analytics and Marketing

• Google Analytics
• Mailchimp (email marketing)
• Hotjar (user behavior analytics)

Customer Support

• Zendesk (support ticketing)
• Intercom (live chat)

5.2 Business Transfers

In connection with:

• Mergers and acquisitions
• Asset sales
• Bankruptcy proceedings
• Business restructuring

5.3 Legal Requirements

We may disclose information when required by:

• Court orders or subpoenas
• Government investigations
• Legal proceedings
• Regulatory requirements

5.4 Protection of Rights

We may share information to:

• Enforce our Terms of Service
• Protect our legal rights
• Prevent fraud or security issues
• Ensure safety of our users

5.5 With Your Consent

We share information when you:

• Explicitly authorize sharing
• Use integration features
• Participate in partner programs
• Opt-in to specific services

6. Data Security

6.1 Security Measures

We implement industry-standard security measures:

Technical Safeguards

• Encryption in transit (TLS/SSL)
• Encryption at rest for sensitive data
• Regular security audits
• Access controls and authentication
• Network security monitoring

Organizational Measures

• Employee training on data protection
• Security policies and procedures
• Regular risk assessments
• Incident response planning
• Vendor security assessments

6.2 Data Retention

We retain your information only as long as necessary:

Account Data

• Active accounts: Retained while account is active
• Inactive accounts: Deleted after 24 months of inactivity
• Closed accounts: Data deleted after 30 days

Usage Data

• Analytics data: Up to 36 months
• Log files: Up to 12 months
• Backup data: Up to 90 days

Financial Data

• Transaction records: 7 years (for tax compliance)
• Payment information: As required by processors
• Billing information: Until account closure + 7 years

6.3 Data Breach Response

In the event of a data breach, we will:

• Notify affected users within 72 hours
• Report to authorities as required by law
• Take immediate corrective action
• Provide guidance to affected users

7. Your Rights and Choices

7.1 Access and Portability

You have the right to:

• Access your personal data
• Receive a copy of your data in machine-readable format
• Correct inaccurate or incomplete data
• Update your information through account settings

7.2 Deletion and Restriction

You may:

• Request deletion of your personal data
• Restrict processing of your data
• Object to processing based on legitimate interests
• Withdraw consent at any time

7.3 Marketing Preferences

You can control marketing communications by:

• Opting out of marketing emails
• Adjusting notification settings
• Using unsubscribe links in emails
• Contacting our support team

7.4 Cookies and Tracking

Manage tracking technologies through:

• Browser cookie settings
• Our cookie preference center
• Do Not Track browser signals
• Third-party opt-out tools

7.5 Exercising Your Rights

To exercise your rights, contact us at:
Email: admin@biztooly.com
Subject: Data Rights Request

We will respond within 30 days and may request verification of your identity.

8. Cookies and Tracking Technologies

8.1 Types of Cookies We Use

Essential Cookies

Required for basic functionality:

• Session management
• Security features
• Load balancing
• Authentication

Functional Cookies

Enhance user experience:

• Language preferences
• Region settings
• Tool preferences
• Interface customization

Analytics Cookies

Help us understand usage:

• Visitor counts
• Feature popularity
• User behavior
• Performance metrics

Advertising Cookies

Used for marketing:

• Ad targeting
• Campaign measurement
• Conversion tracking
• Remarketing

8.2 Third-Party Cookies

We allow certain third parties to set cookies:

• Google Analytics
• Facebook Pixel
• LinkedIn Insights
• Twitter conversion tracking

8.3 Managing Cookies

You can control cookies through:

• Browser settings
• Our cookie consent banner
• Third-party opt-out pages
• Ad industry opt-out tools

9. International Data Transfers

9.1 Data Storage Locations

Your data may be transferred to and processed in:

• United States (primary)
• European Union (backup)
• Other countries where we operate

9.2 Transfer Mechanisms

We use appropriate safeguards for international transfers:

• Standard Contractual Clauses (EU)
• Privacy Shield Framework (where applicable)
• Binding Corporate Rules
• Adequacy decisions

9.3 Your Rights Regarding Transfers

If your data is transferred internationally, you have the right to:

• Know where your data is processed
• Understand safeguards in place
• Request additional protections
• Object to specific transfers

10. Children’s Privacy

10.1 Age Restrictions

Our Service is not intended for children under 13. We do not knowingly collect personal information from children under 13.

10.2 Parental Controls

If you believe we have collected information from a child under 13:

• Contact us immediately at privacy@biztooly.com
• We will investigate and take appropriate action
• We will delete any improperly collected information

10.3 Age Verification

For users under 18:

• Parental consent may be required
• Additional protections apply
• Limited data collection
• Enhanced privacy controls

11. California Privacy Rights (CCPA/CPRA)

11.1 Your Rights Under CCPA

California residents have the right to:

• Know what personal information is collected
• Delete personal information
• Opt-out of sale of personal information
• Non-discrimination for exercising rights

11.2 Categories of Information Collected

In the past 12 months, we may have collected:

• Identifiers (name, email, IP address)
• Commercial information (purchase history)
• Internet activity (browsing history)
• Geolocation data (approximate location)

11.3 How to Exercise CCPA Rights

California residents can:

• Submit requests via privacy@biztooly.com
• Use our online request form
• Call our toll-free number: [Your Phone Number]
• Authorize an agent to act on your behalf

11.4 “Do Not Sell My Personal Information”

We do not sell personal information for monetary value. However, we may share information for:

• Advertising purposes
• Analytics services
• Business partnerships

To opt-out of sharing for these purposes, contact us at privacy@biztooly.com.

12. European Union GDPR Rights

12.1 Data Protection Officer

Our Data Protection Officer can be contacted at:
Email: admin@biztooly.com

12.2 Supervisory Authority

EU residents have the right to lodge complaints with their local data protection authority.

12.3 Automated Decision Making

We do not use fully automated decision-making that produces legal effects. However, we may use:

• Automated processing for security
• Algorithmic recommendations
• Pattern detection for fraud prevention

13. Third-Party Services

13.1 Integrated Services

Our Service integrates with:

• Payment processors (Stripe, PayPal)
• Analytics tools (Google Analytics)
• Email services (SendGrid, Mailchimp)
• Cloud storage (AWS, Google Cloud)

13.2 Third-Party Policies

Third-party services have their own privacy policies. We recommend reviewing:

• Stripe Privacy Policy
• Google Privacy Policy
• Cloudflare Privacy Policy
• Other relevant policies

13.3 Links to Other Sites

Our Service may contain links to other websites. We:

• Are not responsible for third-party privacy practices
• Encourage reviewing their privacy policies
• Do not endorse their content or practices

14. Data Processing Agreement (DPA)

14.1 For Business Customers

If you use BizTooly for business purposes, we offer:

• Custom Data Processing Agreements
• Additional security measures
• Enhanced compliance features
• Dedicated support

14.2 Sub-processors

We use sub-processors for:

• Cloud hosting
• Customer support
• Payment processing
• Analytics services

A current list of sub-processors is available upon request.

15. Changes to This Privacy Policy

15.1 Update Process

We may update this Privacy Policy to reflect:

• Changes in our practices
• Legal or regulatory requirements
• Service enhancements
• User feedback

15.2 Notification of Changes

We will notify you of material changes by:

• Email notification to registered users
• In-platform announcements
• Website banner notifications
• Updated “Last Updated” date

15.3 Review Period

We encourage you to:

• Review this policy periodically
• Check for updates regularly
• Contact us with questions
• Stay informed about your rights

16. Contact Information

16.1 General Inquiries

For privacy-related questions:
Email: privacy@biztooly.com
Website: biztooly.com/privacy
Response Time: Within 30 day

16.3 Legal Requests

For law enforcement or legal requests:
Email: admin@biztooly.com
Requirements: Valid legal documentation
Process: Formal request procedure

17. Additional Provisions

17.1 Do Not Track Signals

We currently do not respond to Do Not Track signals. However, we:

• Respect browser privacy settings
• Offer opt-out mechanisms
• Provide transparency about tracking
• Honor user preferences

17.2 Data Minimization

We practice data minimization by:

• Collecting only necessary data
• Retaining data only as needed
• Anonymizing data where possible
• Regularly reviewing data practices

17.3 Privacy by Design

We incorporate privacy into our:

• Product development process
• System architecture
• Business practices
• Employee training

17.4 Privacy Impact Assessments

We conduct regular:

• Privacy risk assessments
• Data protection impact assessments
• Security vulnerability scans
• Compliance audits

18. Definitions

Key Terms

• Personal Data: Information that identifies you
• Processing: Any operation on personal data
• Controller: Determines purposes of processing
• Processor: Processes data on behalf of controller
• Consent: Freely given, specific, informed agreement

Legal Frameworks

• GDPR: General Data Protection Regulation (EU)
• CCPA: California Consumer Privacy Act
• CPRA: California Privacy Rights Act
• LGPD: Brazilian General Data Protection Law
• PIPEDA: Canadian Privacy Law

19. Your Acceptance

19.1 Continued Use

By continuing to use our Service, you acknowledge:

• You have read this Privacy Policy
• You understand how we process your data
• You consent to our data practices
• You accept any updates to this policy

19.2 Withdrawal of Consent

You may withdraw consent at any time by:

• Adjusting account settings
• Contacting our privacy team
• Deleting your account
• Ceasing use of our Service

20. Making a Complaint

20.1 Internal Complaint Process

If you have privacy concerns:

1. Contact our privacy team first
2. Provide details of your concern
3. Allow reasonable time for investigation
4. Receive our response and resolution

20.2 External Complaint Options

If unsatisfied with our response, you may:

• Contact your local data protection authority
• Seek legal advice
• Use dispute resolution services
• Explore other legal remedies

---

Summary of Key Points

What We Collect

• Account information you provide
• Usage data from your interactions
• Payment information for subscriptions
• Communication data from support requests

How We Use It

• To provide and improve our services
• For security and compliance
• For communication and support
• For business operations

Your Rights

• Access and control your data
• Opt-out of marketing
• Request deletion of your information
• File complaints if concerned

Our Commitments

• Protect your data with security measures
• Be transparent about our practices
• Respect your privacy choices
• Comply with applicable laws

---

Need Help or Have Questions?
Contact our Privacy Team at admin@biztooly.com
We’re here to help protect your privacy.