Privacy Policy

Tollbridge / The Southern Star

We understand that your privacy is important to you and that you care about how your personal data is used. We respect and value the privacy of all of our customers ("Customers") and our customers users ("End-Users") and will only collect and use personal data in ways that are described here, and in a way that is consistent with our obligations and your rights under the GDPR. We keep your personal information private and we will not sell or rent your personal information to anyone. We may update our Privacy Policy from time to time to reflect any changes in technology or legislation, or our data-usage policies.

Please make note to also refer to the privacy policy of The Southern Star: https://www.southernstar.ie/privacy-policy

Who are we?

Square1 Software Ltd. trading as Tollbridge with an address of 151 Thomas Street, Dublin, D08PY5E, Ireland, is the operator of the Tollbridge platform. In this privacy policy references to "we", "us" and "our" are to Square1 Software Limited. References to "our Website" or "the Website" are to https://www.tollbridge.co, references to "Tollbridge" or the "Platform" are to the Tollbridge Platform Application.

Tollbridge is a membership management, payments subscription and paywall platform as a service. Our Customers contract the use of the Tollbridge Platform to provide user authentication, subscription and paywall as a service for their End-Users. Our Customers can, at their sole discreation, provide administrative access to their employees and other third parties to access their End-User account data in the Tollbridge Platform.

What does this notice cover?

This Privacy Policy explains how we use your personal data: how it is collected, how it is held and how it is processed. It also explains your rights under the law relating to your personal data.

What is personal data?

Personal data is defined by the General Data Protection Regulation (EU Regulation 2016/679, “GDPR”) as “any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier”.

Personal data is, in simpler terms, any information about you that enables you to be identified. Personal data covers obvious information such as your name and contact details, but it also covers less obvious information such as identification numbers, electronic location data, and other online identifiers.

What personal information do we collect?

We will collect and process the following data about you:

Personal information you provide us

This is any information we collect that you freely provide us when you fill in forms or register on our Website or Platform either as a Customer or an End-user. It also includes any information you provide when you call, talk, send us an email or transmit via any physical or electronic format. The information your provide may include first and last name, avatar, company name, company logo, email address, last 4 digits of payment cards, phone number and address. We may receive information directly from End-user, the Customer or third-parties.

Personal information we automatically collect

This is any information that we automatically collect when you visit our Website or Platform. The information we collect includes, IP address, network provider, web browser type and version, operating system and platform, location, access time and time zone setting, language, entry URL link into Website or Platform, URL links you visit and click on, URL link you exit Website or Platform, login and subscription information, page load time, system and crash report errors, items viewed or searched, length of visit, time on each page, interaction on each page, identifier from social media login, avatar from social media login.

How do we process your personal information?

We use the information you provide and we automatically collect to deliver our Customers with our contracted services to allow access and use of the Platform to which they have purchased, automatically process payments for Platform subscriptions, prevent fraudulent transactions, to communicate with our Customers and End-users, provide End-users with access to the Customers product or service, to administer and operate our Website and Platform.

How do we store your personal information?

Our platform

The data that we collect from you will be stored on Tollbridge secure servers or those of Tollbridge service providers. It will not be transferred or stored at a destination outside the European Economic Area "EEA" unless to a data processor acting on Tollbridges behalf which is either within the EEA, or in a country where protections are deemed adequate by the EU. We have implemented best-practice standards and controls, we use a variety of safeguards designed to help protect your data from unauthorised access, use and disclosure. Where you have a password for access to the Platform, you are responsible for keeping this password confidential and secure. We will do our best to protect your personal data but the transmission of information via the internet is not completely secure, we cannot guarantee the security of your data transmitted to our Website or Platform; as such and while we use use strict procedures and security features to try to prevent unauthorised access any transmission is at your own risk. We will store your information only as long as it is necessary to provide the Services to you, our Customers and their End-users. We may also retain information to comply with our legal obligations, standard industry practice and in following guidance of relevant Irish and EU authorities.

Data processors

We use third party data processors to collect, export, process and store data on our behalf, which may include Personal Data. The processors we are currently using include: Linode LLC, USA (Privacy Shield Certified) https://www.linode.com/privacy; Stripe Inc, USA (Privacy Shield Certified) https://stripe.com/privacy; Mailgun Technologies Inc, USA (Privacy Shield Certified) https://www.mailgun.com/privacy-policy; Amazon.com Inc, USA (Privacy Shield Certified) https://aws.amazon.com/privacy;

What are your rights?

Under the GDPR, you have the following rights, which we will always work to uphold:

(a) The right to be informed about our collection and use of your personal data. This Privacy Policy should tell you everything you need to know, but you can always contact us to find out more or to ask any questions using the details provided below.

(b) The right to access the personal data hold about you.

(c) The right to have your personal data rectified if any of your personal data held by us is inaccurate or incomplete. Please contact us using the details below to find out more.

(d) The right to be forgotten, ie the right to ask us to delete or otherwise dispose of any of your personal data that we have. Please contact us using the details below to find out more.

(e) The right to restrict (ie prevent) the processing of your personal data.

(f) The right to object to us using your personal data for a particular purpose or purposes.

(g) The right to data portability. This means that, if you have provided personal data to us directly, we are using it with your consent or for the performance of a contract, and that data is processed using automated means, you can ask us for a copy of that personal data to re-use with another service or business in many cases.

(h) Rights relating to automated decision-making and profiling.

For more information about our use of your personal data or exercising your rights as outlined above, please contact us using the details provided below.

Further information about your rights can also be obtained from the Data Protection Commission.

If you have any cause for complaint about our use of your personal data, you have the right to lodge a complaint with the Data Protection Commission.

Cookies

A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first-party cookies. More specifically, we use cookies for the following purposes:

Strictly Necessary Cookies

Strictly necessary cookies are essential in order to enable you to move around the site and use its features and services. These cookies allow the site to perform smoothly for you, the user, and without them we may not be able to provide certain services or features.
Cookie Type Category Purpose
tollbridge_session First Party Strictly Necessary This cookie has the form of a randomly-generated alphanumeric string which is used to maintain a user session to keep the session alive between page requests.
XSRF-TOKEN First Party Strictly Necessary This cookie is set to help with site security in preventing Cross-Site Request Forgery attacks.
__stripe_sid First Party Strictly Necessary This cookie is set for fraud prevention purposes and helps Stripe assess the risk associated with an attempted payment transaction.
__stripe_mid First Party Strictly Necessary This cookie is set for fraud prevention purposes and helps Stripe assess the risk associated with an attempted payment transaction.

Links to external websites

This statement relates to our privacy practices only in connection with Tollbridge. We are not responsible for the content or privacy practices of other websites. Our Website and Platform may contain external links to partner networks, advertisers and affiliates, if you follow a link to any of these websites, please note that these websites have their own privacy policies and we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.

How do you contact us?

If you have any questions or require any more information regarding our privacy notice please contact us at dataprotection@tollbridge.co