<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=4236716&amp;fmt=gif">
LEGAL

Privacy Policy

January 9, 2026

Introduction

Tovuti, Inc., a Delaware corporation ("Tovuti," "we," "us," or "our"), respects your privacy and is committed to protecting your personal information through transparency and compliance with this Privacy Policy.

This Privacy Policy explains how we collect, use, share, and protect your information when you:

  • Visit our website at www.tovutilms.com (the "Website")
  • Use our learning management platform and services (the "Platform")
  • Interact with us in any capacity

This Privacy Policy includes:

  • This main Privacy Policy
  • GDPR Data Processing Addendum
  • SMS Processing Terms and Conditions Addendum

Your Agreement

By accessing or using our Website or Platform, you acknowledge that you have read, understood, and agree to this Privacy Policy. If you do not agree, please do not use our services.

Your continued use of our services after we post changes constitutes acceptance of those changes. Please review this policy periodically.

Privacy Protection for Minors

Our Commitment

Our Website and Platform are designed for use by organizations, including businesses, educational institutions, and non-profits. We do not knowingly market to, sell to, or collect information directly from minors.

Age Restrictions:

  • Our services are intended exclusively for individuals 18 years of age or older
  • We do not knowingly collect personal information from children under 18

Educational and Corporate Use

When we process student or learner information on behalf of an educational institution or corporate customer:

  • We act solely under the organization's instructions
  • We comply with applicable laws, including the Family Educational Rights and Privacy Act (FERPA)
  • The organization, not Tovuti, controls the data
  • If an educational or corporate customer permits individuals under 18 to access our Platform, it is their sole responsibility to comply with all applicable federal, state, and local privacy laws governing minors, including obtaining appropriate parental or guardian consent where required. Tovuti does not assume responsibility for ensuring such compliance.

Parental Rights

If you are a parent or guardian and believe your child under 18 has provided personal information to us, please contact us immediately at legal@tovutiteam.com, and we will delete such information.

California Residents Under 16: Additional rights may apply. See the California Privacy Rights section.

Information We Collect

We collect various types of information to provide and improve our services:

1. Personal Identifiers and Contact Information

What we collect:

  • Name, email address, postal address, phone number
  • Account credentials (username and password)
  • Payment information and billing details
  • Demographic information (gender, age, professional details)
  • Device identifiers (IP address, advertising IDs, cookie IDs)
  • Educational and professional background

Collection sources:

  • Information you provide directly when creating accounts or making purchases
  • Data collected through the Tovuti Purchase Terms

2. Usage Data

What we collect automatically:

  • IP addresses and domain names
  • Browser type and operating system
  • Pages visited and time spent on each page
  • Navigation patterns and clickstream data
  • Files accessed and downloaded
  • Server response codes and error messages
  • Conversion rates and analytics data
  • Geographic location (country of origin)
  • Device information and specifications

Nature of Usage Data: While Usage Data is generally anonymous when collected, it could potentially be used to identify individuals indirectly.

3. Internet and Electronic Activity

Information about your browsing behavior and interactions with our Website and Platform, collected automatically through cookies and similar technologies.

4. Geolocation Information

  • IP-based location data (collected automatically)
  • Precise geolocation (if you provide permission)

5. Marketing and Preference Data

  • Content you click or interact with
  • Other websites you visit during your session
  • Your stated preferences and interests
  • Email engagement metrics

6. Customer Account Information

For Platform subscribers:

  • Company name and affiliation
  • Subscription and service usage data
  • Invoicing and payment history
  • Support ticket information and correspondence
  • Contract and compliance documentation

Marketing Communications:

  • Newsletter subscriptions
  • Product announcements and updates
  • Promotional materials

You can unsubscribe from marketing emails at any time using the "unsubscribe" link in email footers. Just note this is universal unsubscribe. 

7. User-Generated Content

Content you create, upload, submit, or store through our services, including:

  • Course materials and learning content
  • Documents and files
  • Comments and feedback
  • Communications with other users
  • Any personal information you choose to include ("Incidentally-Collected Personal Information")

Ownership: While we own the Platform code and infrastructure, you retain all ownership and rights to your data and content.

8. Third-Party Information

If you provide information about other individuals (such as adding team members), you represent that you have authority to do so and have obtained necessary consents.

How We Collect Information

Directly from You

We collect information you provide when you:

  • Create an account or register
  • Make purchases or process payments
  • Contact customer support
  • Sign up for marketing communications
  • Participate in promotions or surveys
  • Use Platform features and tools

Cookies and Tracking Technologies

When you visit our Website or use our Platform, we automatically collect information through:

  • Cookies
  • Web beacons (pixel tags)
  • Flash cookies (local stored objects)
  • Analytics tools
  • Similar tracking technologies

See the Cookies and Tracking section for detailed information.

Service Providers

We receive information from third-party service providers who assist us with:

  • Payment processing
  • Platform hosting and infrastructure
  • Customer support services
  • Analytics and performance monitoring
  • Marketing and advertising

Other Third Parties

We may collect information from:

  • Business Partners: Companies with whom we share data for marketing or other business purposes
  • Advertising Networks: Partners who help us deliver targeted advertising
  • Data Brokers: Third-party data providers
  • Public Sources: Government databases and publicly available information
  • Social Media Platforms: When you interact with us on social networks

Combining Information: We may combine information from multiple sources to better understand your preferences and provide improved services.

How We Use Your Information

1. Service Delivery and Operations

To provide you with services:

  • Process and fulfill orders and transactions
  • Manage your account and subscription
  • Authenticate users and verify eligibility
  • Respond to inquiries and support requests
  • Deliver Platform features and functionality
  • Process payments and send invoices

2. Marketing and Communications

To promote our services:

  • Send marketing materials about our products and services
  • Share information about affiliate and partner offerings
  • Deliver targeted advertising
  • Send newsletters and product announcements
  • Promote special offers and events

Your control: You can opt out of marketing communications at any time.

3. Analytics and Insights

To understand and improve:

  • Analyze user behavior and preferences
  • Identify trends and usage patterns
  • Evaluate product and service performance
  • Conduct market research
  • Develop new features and offerings
  • Personalize your experience

Third-Party Analytics:

  • Google Analytics: We use Google Analytics to track and analyze Website usage. Google's privacy policy is available at https://www.google.com/intl/en/policies/?fg=
  • Opt-out option: You can opt out of Google Analytics using their Browser Add-on at https://tools.google.com/dlpage/gaoptout/
  • AI and Automated Tools: We may use third-party AI providers or automated tools that process anonymized usage data for product improvement

4. Legal Compliance

To meet legal obligations:

  • Maintain records required by law
  • Respond to legal process and government requests
  • Provide information to law enforcement when required
  • Demonstrate compliance with regulations
  • Protect our legal rights

5. Internal Business Purposes

For operational needs:

  • Customer account administration
  • Internal record-keeping
  • Security and fraud prevention
  • Audit and compliance activities
  • Competition and promotion management
  • Contract performance
  • Quality assurance and testing
  • Product development and improvement
  • Research and development

6. Business Transfers

In connection with:

  • Mergers or acquisitions
  • Sale of company assets
  • Financing transactions
  • Bankruptcy or similar proceedings

Notice: You will be notified of any ownership changes and choices you may have regarding your personal information.

7. De-identified and Aggregated Data

We may use de-identified, anonymized, or aggregated versions of your information for any lawful purpose without restriction.

How We Share Your Information

With Affiliates

We may share your information with:

  • Our parent company, subsidiaries, and affiliated entities
  • Partners, employees, officers, and agents

With Service Providers

We share information with third parties who provide services on our behalf:

  • Payment processors and financial institutions
  • Cloud hosting and infrastructure providers
  • Customer support platforms
  • Email and communication services
  • Analytics and data providers
  • Marketing and advertising partners

For Legal and Safety Purposes

We may disclose your information:

  • As required by law: To comply with legal obligations, court orders, or legal process
  • To prevent fraud: To investigate suspected fraud, harassment, or illegal activity
  • For safety: To protect the safety and rights of users, the public, or our company
  • To enforce terms: To enforce our Terms of Use or other agreements

In Corporate Transactions

We may transfer your information in connection with:

  • Mergers, acquisitions, or sales of assets
  • Bankruptcy or reorganization
  • Change of control transactions

With Business Partners

We share information with Business Partners for their own purposes, including:

  • Social Media Networks: For integration and social sharing features
  • Advertising Partners: Companies that help us deliver targeted advertising
  • Data Analytics Companies: To analyze trends and user behavior
  • Promotional Partners: For joint marketing or sponsorship opportunities
  • Data Brokers: Companies registered as data brokers (including in California)

Important: Once Business Partners receive your information, we do not control their use of it. Contact them directly about their privacy practices or to exercise your rights.

With Your Consent

We may share your information with other third parties when you provide explicit consent.

Cookies and Tracking Technologies

What We Collect Automatically

Like most websites, we automatically collect certain information when you visit:

  • IP address (which may indicate geographic location)
  • Device ID and type
  • Operating system and browser type
  • Date and time of access
  • Pages viewed and content accessed
  • Referring website addresses
  • Zip code or general location

Types of Tracking Technologies

Cookies: Small files stored on your device that help us:

  • Recognize you as a returning user
  • Remember your preferences and settings
  • Personalize your experience
  • Analyze how you use our services
  • Deliver targeted advertising

Managing Cookies: You can control cookies through your browser settings. However, disabling cookies may affect your ability to use certain Website features.

Web Beacons (Pixel Tags): Small electronic files embedded in web pages and emails that help us:

  • Track page visits and email opens
  • Count users who have accessed content
  • Collect website statistics
  • Verify system integrity

Flash Cookies (Local Stored Objects): Used to store preferences and settings. Flash cookies are not managed through standard browser settings.

Third-Party Technologies:

  • Our affiliates, tracking utility companies, and other third parties may use their own cookies and technologies
  • We do not control these third-party technologies
  • These parties may not comply with our Privacy Policy

How We Use Tracking Data

Personalization:

  • Customize your Website experience
  • Remember your preferences
  • Provide personalized content

Marketing:

  • Deliver targeted advertising
  • Make product recommendations
  • Send tailored marketing messages
  • Measure campaign effectiveness

Analytics:

  • Understand user behavior and preferences
  • Improve our services
  • Test new features
  • Generate reports and insights

Sharing: We may share anonymized or aggregated tracking data for any lawful purpose.

Interest-Based Advertising

How It Works

We use information we collect (alone or combined with third-party data) to deliver targeted advertising:

  • On our Website
  • On other websites you visit
  • Through email
  • On social media platforms

Example: If you view a specific product on our Website, you may see ads for that product on other websites.

Information Used

  • Email addresses
  • Cookies and tracking data
  • Browsing history
  • Search queries
  • Demographic information
  • Purchase behavior

Opting Out of Interest-Based Advertising

Important: Opting out means you'll still see ads, but they won't be tailored to your interests.

Network Advertising Initiative (NAI): Visit http://www.networkadvertising.org/choices/ to opt out of interest-based advertising from NAI members.

Digital Advertising Alliance (DAA): Visit http://www.aboutads.info/choices to opt out of internet-based advertising from DAA participating companies.

Browser and Device Controls:

  • Use your browser's privacy settings
  • Adjust device advertising preferences
  • Install ad-blocking software

Limitations:

  • Cookie-based opt-outs must be set on each device and browser
  • Opting out doesn't prevent all tracking
  • Third parties may still collect information

Do Not Track Signals

Our Website does not respond to "Do Not Track" (DNT) signals or similar browser mechanisms.

This means third parties (ad networks, analytics companies, social platforms) may still collect information about your online activities across our Website and other services.

Data Retention

How Long We Keep Your Information

Active Accounts: We retain your personal information for as long as your account remains active (as determined by us).

After Account Closure: We retain information for a reasonable period after account closure or termination.

Legal Requirements: We may retain information longer when necessary to:

  • Comply with legal obligations
  • Resolve disputes
  • Enforce our agreements
  • Provide continued services

Aggregate Data: Even after deleting your personal information, we may continue to use aggregated, anonymized data indefinitely.

Managing Your Information

Updating Personal Information

You may request to update or correct your personal information by contacting us. We will:

  • Verify your identity before processing requests
  • Process legitimate requests promptly
  • Provide access to information where legally required

Limitations: We may decline requests that are:

  • Unreasonably repetitive
  • Require disproportionate technical effort
  • Undermine others' privacy rights
  • Prohibited by law

Self-Service Options: If you have an account, you can update certain information directly through your account settings.

Opting Out of Communications

Marketing Emails:

  • Click "unsubscribe" in any marketing email
  • Update your email preferences in account settings
  • Contact us at legal@tovutiteam.com

SMS Messages:

Push Notifications: Adjust notification settings in your device or app settings.

Data Security

Our Commitment

We implement reasonable and appropriate security measures consistent with industry standards to protect your information from unauthorized access, including:

  • Physical security controls
  • Electronic security measures
  • Administrative safeguards
  • Regular security assessments

Encryption and Secure Transmission

SSL Encryption: When you transmit personal information through registration or purchase processes, we encrypt data in transit using Secure Socket Layer (SSL) technology.

Payment Security:

  • We do not store credit card information in our systems
  • All credit card transactions use secure encryption
  • Card information is processed on PCI-compliant networks
  • We use the same encryption level as leading banks

Limitations

No Guarantee: While we strive to protect your information, no data transmission over the Internet or storage method is 100% secure. We cannot guarantee absolute security.

Your Responsibility:

  • Keep your account credentials confidential
  • Use strong passwords
  • Report suspicious activity immediately
  • Log out of shared devices

Legal Compliance and Law Enforcement

Our Cooperation

We cooperate with government officials, law enforcement, and private parties to enforce and comply with the law.

When We Disclose Information

We may disclose your information to government, law enforcement, or private parties when we believe it necessary to:

  • Respond to legal process (subpoenas, court orders, etc.)
  • Protect our property and rights or those of third parties
  • Protect public safety
  • Prevent or stop illegal, unethical, or inappropriate activity
  • Comply with legal obligations

Discretion: These disclosures are made in our sole discretion based on the circumstances.

California: Your Privacy Rights

California Residents

Shine the Light Law

Under California Civil Code Section 1798.83, California residents may request:

Annual Information Request:

  • List of categories of personal information shared with third parties for direct marketing
  • Names and addresses of those third parties
  • Types of services provided

Opt-Out Rights: You may request that we not share your information with third parties for their direct marketing purposes.

How to Request: Email us at legal@tovutiteam.com with "California Privacy Rights" in the subject line.

Limitations:

  • We are not responsible for removing your information from third-party lists
  • Your privacy choices with us don't apply to third parties who already received your information
  • Contact third parties directly for their opt-out procedures

California Consumer Privacy Act (CCPA)

Effective Date: The CCPA, as amended January 1, 2023, provides California consumers with specific rights.

Your CCPA Rights:

  • Right to know what personal information we collect
  • Right to know how we use and share your information
  • Right to request deletion of your information
  • Right to opt out of the "sale" of your information
  • Right to non-discrimination for exercising your rights

More Information: Visit https://oag.ca.gov/privacy/ccpa for details about the CCPA.

California Residents Under 16: Additional protections apply to minors under 16 regarding the sale of personal information.

Nevada Residents

Nevada residents have the right to opt out of the "sale" of covered information (as defined in N.R.S. 603A).

Our Practice: We do not sell your covered information as defined by Nevada law.

How to Make a Request: If you wish to make an opt-out request, contact us using the information at the end of this Privacy Policy.

International Privacy Rights Addendum

European Union, United Kingdom, and Switzerland

If you are located in the EU, Switzerland, UK, or another country outside the United States, this section applies to you.

Data Transfer to the United States

Tovuti is based in the United States.

By using our Website or services, you:

  • Consent to the transfer of your personal data to the United States
  • Acknowledge that U.S. laws will govern the processing of your data
  • Understand that U.S. privacy laws may differ from those in your country

Processing in Your Region: Even if we process your data in the EU, Switzerland, UK, or elsewhere, this Privacy Policy and our Data Processing Addendum still apply.

GDPR Data Processing Addendum

This Data Processing Addendum (DPA) forms part of this Privacy Policy and applies when the General Data Protection Regulation (GDPR) governs your use of our services.

1. Definitions

Agreement: This Privacy Policy and all addendums and the Data Protection Agreement.
Customer Personal Data: Personal data processed by Tovuti on behalf of a customer.
Contracted Processor: A sub-processor engaged by Tovuti.
Data Protection Laws: EU Data Protection Laws and applicable laws of other countries.
EU Data Protection Laws: EU Directive 95/46/EC and the GDPR, including implementing legislation
GDPR: EU General Data Protection Regulation 2016/679
Data Transfer: Transfer of personal data that would be prohibited without appropriate safeguards under Data Protection Laws
Processor: Tovuti, Inc.
Sub-processor: Any entity appointed by Tovuti to process personal data on behalf of customers list is available upon request to legal@tovutiteam.com.
Standard GDPR Terms: Commission, Controller, Data Subject, Member State, Personal Data, Personal Data Breach, Processing, and Supervisory Authority have the meanings defined in the GDPR

2. Processing of Personal Data

Tovuti's Obligations:

  • Comply with all applicable Data Protection Laws
  • Process personal data only on documented customer instructions
  • Process data for the purposes specified in customer agreements

3. Personnel Requirements

Staff Security Measures:

  • Ensure reliability of employees and contractors with data access
  • Limit access to those who need it for their duties
  • Require confidentiality commitments from all personnel
  • Provide appropriate training on data protection

4. Security Measures

Technical and Organizational Measures:

Taking into account:

  • State of the art technology
  • Implementation costs
  • Nature, scope, and context of processing
  • Risks to individuals' rights and freedoms

We implement appropriate security measures, including:

  • Pseudonymization and encryption where appropriate
  • Confidentiality, integrity, and availability safeguards
  • Resilience of processing systems
  • Regular security testing and assessment
  • Incident response procedures

Risk Assessment: We particularly address risks from Personal Data Breaches, including:

  • Accidental or unlawful destruction
  • Loss, alteration, or unauthorized disclosure
  • Unauthorized access to personal data

5. Sub-Processing

Sub-Processor Engagement:

  • We only engage authorized sub-processors
  • Sub-processors must provide appropriate data protection guarantees
  • We remain liable for sub-processor compliance

Customer Rights:

  • We assist customers in responding to data subject requests
  • We provide necessary information for customers to fulfill GDPR obligations
  • We implement technical and organizational measures to facilitate data subject rights

Data Subject Requests: When we receive a request from a data subject:

  • We promptly notify the customer
  • We respond only on documented customer instructions (unless required by law)
  • We inform customers of legal requirements to respond directly

6. Personal Data Breach Notification

Our Obligations:

  • Notify customers without undue delay upon becoming aware of a breach
  • Provide sufficient information for customers to meet GDPR reporting obligations
  • Cooperate with investigation and remediation efforts
  • Take reasonable steps as directed by the customer

7. Data Protection Impact Assessments

Tovuti's Assistance: We provide reasonable assistance with:

  • Data protection impact assessments (DPIAs)
  • Prior consultations with Supervisory Authorities
  • Other Data Protection Law compliance activities

Scope: Limited to processing by Tovuti, taking into account the nature of processing and available information.

8. Data Deletion or Return

Upon Service Termination:

  • We delete all customer personal data within 30 business days of service cessation
  • We ensure deletion of all copies held by sub-processors
  • Exceptions apply where retention is required by law

9. Audit Rights

Customer Audit Rights:

  • We provide information to demonstrate compliance
  • We allow and contribute to audits and inspections
  • customers may engage auditors to conduct reviews

Limitations:

  • Audit rights supplement (not replace) existing contractual rights
  • Must not unreasonably interfere with our business operations
  • Subject to confidentiality obligations

10. International Data Transfers

Transfer Restrictions:

  • We do not transfer data outside the EU/EEA without prior written customer consent
  • For authorized transfers, we rely on appropriate safeguards such as: 
    • EU Standard Contractual Clauses
    • Adequacy decisions
    • Other legally recognized transfer mechanisms

11. General Terms

Confidentiality: Both parties must keep the DPA and related information confidential, except:

  • Where disclosure is required by law
  • Where information is already public

Notices: All notices must be in writing and sent to the addresses specified in this Privacy Policy or as updated by the parties.

12. Governing Law

Jurisdiction:

  • Governed by Delaware law
  • Disputes subject to arbitration under the Federal Arbitration Act
  • Administered by the American Arbitration Association (AAA)
  • Subject to Delaware small claims court or arbitration as specified in our Terms of Use

SMS Terms and Conditions Addendum

This SMS Terms and Conditions Addendum governs our business-related text messages to you.

1. Consent to Receive Messages

By providing your mobile number and opting in, you authorize Tovuti to send you business-related SMS messages, including:

  • Transactional updates and notifications
  • Promotional offers and special deals
  • Service alerts and reminders
  • Product information
  • Other communications related to our services

2. Message Frequency

Expected Volume:

  • Average of five (5) messages per month
  • Frequency may increase during promotional periods
  • Actual frequency may vary based on your account activity

3. Costs

Your Responsibility:

  • Standard message and data rates from your mobile carrier apply
  • You are solely responsible for all carrier charges
  • Check with your carrier for rate information

4. Opting Out

How to Stop Messages:

  • Reply "STOP" to any message from us
  • This immediately unsubscribes you from all SMS messages
  • You may opt back in at any time

Confirmation: You will receive a final confirmation message after opting out.

5. Help and Support

Getting Assistance:

6. Privacy and Data Use

Your Information:

  • Your mobile number and opt-in data are used solely for SMS messaging purposes
  • We handle your information according to our Privacy Policy
  • We do not sell or rent your mobile number to third parties

7. No Warranties

Disclaimers: We make no warranties regarding:

  • Message availability, timing, or delivery
  • Accuracy of message content
  • Security of SMS communications
  • Compatibility with all carriers or devices

Limitation of Liability: We disclaim all liability for damages arising from SMS message use or reliance.

8. Changes to Terms

Updates:

  • We may modify these SMS Terms at any time
  • Changes are effective upon posting to our website or SMS notification
  • Continued receipt of messages indicates acceptance of changes

9. Service Termination

Our Rights: We may suspend or terminate SMS services:

  • At our sole discretion
  • Without prior notice
  • For any reason, including breach of these Terms

10. Governing Law

Jurisdiction: These SMS Terms are governed by Delaware law, without regard to conflict of law principles.

Contact for SMS Services

Tovuti, Inc.
775 S. Rivershore Lane, Suite 200
Eagle, Idaho 83616
Email: legal@tovutiteam.com
Phone: (888) 646-2353

Last Updated: January 9, 2026

Contests and Promotions

Special Rules

When we offer contests or promotions, specific rules may apply regarding:

  • Data collection practices
  • Use of your information
  • Disclosure requirements
  • Prize fulfillment

Conflicts with Privacy Policy

If contest or promotion rules conflict with this Privacy Policy:

  • The specific contest/promotion rules govern the conflicting terms
  • This Privacy Policy continues to apply to non-conflicting terms
  • Our Terms of Use also continue to apply

Review Carefully: Always read contest and promotion rules carefully before participating.

Changes to This Privacy Policy

Our Right to Modify

We may change, modify, add, or remove portions of this Privacy Policy at any time.

How We Notify You

Website Posting:

  • We will post updated versions on this page
  • The "Effective Date" at the top will reflect the latest version

Direct Notification: For material changes affecting how we collect, use, or disclose personal information, we will notify you through:

  • A prominent notice on our Website
  • Other appropriate communication methods

When Changes Take Effect

New Users: Changes are effective immediately upon posting.

Existing Users: Changes become effective on the date specified in the notice (typically 30 days after posting).

Your Acceptance

Continued use of our Website or services after changes are posted constitutes acceptance of the modified Privacy Policy.

We encourage you to review this Privacy Policy periodically to stay informed.

Relationship to Terms of Use

Incorporation

This Privacy Policy is incorporated into and subject to our Terms of Use, available at https://www.tovutilms.com/terms.

Agreement to Both

By using our Website or services, you agree to both:

  • This Privacy Policy
  • Our Terms of Use

Conflicts

In case of conflicts between this Privacy Policy and the Terms of Use, the Terms of Use shall govern, except where this Privacy Policy provides more specific privacy protections.

Contact Us

Privacy Policy Officer

For questions, concerns, or requests related to this Privacy Policy, contact us:

Tovuti, Inc.
Attn: Privacy Policy Officer
775 S. Rivershore Lane, Suite 200
Eagle, Idaho 83616, USA

Email: legal@tovutiteam.com
Phone: (888) 646-2353

Customer Support: www.tovutilms.com/contact

Response Time

We strive to respond to all privacy-related inquiries within 30 days of receipt.

By using our Website or services, you acknowledge that you have read, understood, and agree to this Privacy Policy and all addenda.