Information Collection: We collect information about visitors using standard web-logging methods, including cookies. This includes information like pages accessed, time of access, your IP address, referring website/URL, browser details (user-agent), etc. This information is purged after 30 days.
For users who use social login on our website (currently through Facebook and Google authentication), we receive and store the corresponding email address, name and basic public profile information as provided by the service providers. Note that when using these services, we never receive user passwords and therefore do not and cannot store them on our servers.
For accounts created on Tofler, passwords are never stored in plain text. In fact, we cannot recover the passwords from the information stored on our servers. Only specially processed versions of the password are stored (hashed versions) and hence are much safer.
- Data Sharing: We do not share visitor information with third-parties. For example, even when using login using Facebook or Google, no information about the pages you access on our website is relayed back to them. However, data may be shared with other related companies/entities for the purpose of development of marketing methods, website improvements, etc. Such information as we collect might be shared with the Government in case we are legally required to do so.
- Data Security: We make strong efforts to safeguard any information we collect about our users. Passwords are never stored in plaintext and employee access to sensitive information is limited. For purchases made on our website through the payment gateway, credit/debit card details are never stored on our servers. We only store transaction authorization data while card details are recorded with the merchant bank.
- System Security: All reasonable efforts are made to appropriately firewall our servers and prevent unauthorized access to any machines/databases containing sensitive information.