Privacy is core to our DNA, our culture, and our values. We are committed to making our policies clear and focused on empowering users to be masters of their identities–and their data.
- The Domain Search
- The Email Finder
- The Email Verifier
- The Leads
- CRM Integrations
- Extensions and Addon-on
What information does Tomba collect?
When you are on our website
When you're using our website, we track your usage which includes statistics such as which pages you visit and how long you look at them. This information may include but is not limited to IP address, geolocation information, browser type and information about the use of our website, including a history of the pages you view.
If you create an account, we ask information such including but not limited to: your email, your name or what company you work for. All this information is used to personalize your experience or send you onboarding emails and invoices. In cases of high-risk of fraud, we might ask for a phone number for verification purposes (we never use it for marketing purposes). If you become a paying customer, we will collect your payment card information.
When you use our services
Whether it is through the API, the website, the Google Sheets add-on, or the browser extensions we provide; we monitor your usage, and log requests that you make. Those logs can include IP address, geolocation information, browser type, etc. We destroy those logs at the latest after 4 months.
When using our services, you might send us some data or data files (for the Email Finder and the Email Verifier for example).
When you contact our support
If you reach out via email or chat, we keep conversations and other data you might send during those exchanges. When you delete your account, those conversations are removed after a period of up to 6 months.
When we parse public web data
We use servers to look at publicly available online pages and process business data on them. Only public pages are looked at and only publicly available online data that can be found by a search engine are indexed by our servers. If a website, via a robots.txt file, asks crawlers not to look at the content, we respect this indication. Our robots view systematically the robots.txt file before exploring and indexing the public data available on the website. We are not responsible for the privacy policies and practices of other websites.
On those public pages, we look for business data such as names, professional emails, social networks URLs, etc. If we come across private consumer data (for example a Gmail or Hotmail address), we do not process it.
How do we use your data?
To provide our services
When creating an account, you agree to our Terms of Service which allows us to process your data to give you access to Tomba . This way, you can have an account on our website, save and process leads, invite other team members, etc.
To improve the User Experience
We're looking at usage patterns and various statistics to understand what to improve on Tomba . This includes, for example, doing A/B testing on new features.
We’re also using the data that goes through our services to improve the services themselves. We only use this information to validate data we already have or that is being supplied by a user, not to enrich our databases.
To inform businesses regarding content that is publicly displayed online
To provide the service, we also give you access to the publicly accessible business data we have indexed. It is important for our users' (and the businesses they work for) to have access to the business data already shared on the web. This helps them discover relevant contacts within companies they want to reach out to.
To offer customer support
We provide customer support via email or chat, to help you take full advantage of our service or fix any problem you encounter.
To fight fraud
There are always bad actors on the web: We actively fight credit card fraud and misuse of our services.
To market new services
Regularly, we launch new services. We’ll let users know about those releases if they have asked us to keep them up to date.
Your Rights, Controls and Choices
You have the following rights in relation to the personal data that we hold about you:
- To access your personal data, and some related information as described in the section below “know if we have information concerning you and what that information is”;
- To require any inaccurate personal data to be rectified, completed including by means of providing a supplementary statement;
- To require us to delete the personal data in certain circumstances;
- To require us to restrict or block the processing of your personal data in certain circumstances (when processing is restricted, we can still store your personal data, but may not use it further);
- To obtain from us your personal data, in a structured, commonly used and machine-readable format in certain circumstances. Further, you may have the right to require us to transmit your personal data directly to another person where it is technically feasible to do so; and
- To object to our use of your personal data for direct marketing purposes at any time and you may have the right to object to our processing of some or all of your personal data (and require them to be deleted) in some other circumstances;
- Where we are processing your personal data based on your consent to such processing, to withdraw your consent at any time.
Update, correct and delete your information
If you're a direct user of our service, you can log in to your account and update your information directly there.
If your business data was found online, you can use our Claim feature to update or delete it.
Know if we have information concerning you and what that information is
In particular, you have the right to obtain confirmation as to whether or not personal data concerning you are being processed, and, where that is the case, access to the personal data and the following information:
- If you're in our database
- Exactly what data we hold
- The purposes of the processing
- How long the data will be kept
- Where exactly on the web that information has been found
- All other information as mentioned in article 15 of the GDPR
Disable the processing and permanently remove all of your data
If you’re a user of our service, you can log in to permanently destroy your account.
If your data was found online, use our Claim feature to get full control over it. You can delete all your data directly online without having to send a request via email.
If you have any concerns, please reach out first so we can have a chance to help: email@example.com. If you feel we’re not doing enough, you have the right to contact your local supervisory authority.
Services helping us manage your data
To provide our services, we rely on other companies that can partially manage your data. We carefully select our providers to ensure the privacy and security of your data. Our biggest providers are:
- To secure connections with our users and speed up our services: Cloudflare WAF
- Hosting: Cloudflare workers, digital ocean
- For internal collaboration and emails: google workspace, slack ,Github ,trello , sendgrid , google analytics , microsoft clarity .
This type of services analyzes the traffic of this Application, potentially containing Users' Personal Data, with the purpose of filtering it from parts of traffic, messages and content that are recognized as SPAM.
Duration of the processing
For users of our service, we process your data as long as your account stays active and after 3 years of inactivity. Once your account is deleted or after 3 years of inactivity, we remove almost everything within a few days and all remaining artifacts within 3 months. If you’ve paid for Tomba , we might keep some information regarding your company for longer to comply with our legal obligations.
If your data was found online, we process it as long as it stays online. We make sure to regularly come back where we found it, if it isn't there anymore or if we believe that your personal data that we hold is inaccurate, we remove it from our databases and stop all processing.
Securing your data
We take the security of the data we manage very seriously and always try to keep our methods up-to-date. We've written a detailed document describing our Security Policy.
The servers we use to store and process personal data are exclusively in the European Union.
Additional notices for certain jurisdictions
If you would like to request that we refrain from selling your Covered Information (as defined under Nevada law), please contact us at contact.
Updates & contact
Date of last revision: March 20, 2021.
The company behind Tomba, Tomba technology web service LLC., is incorporated in the United States. You can reach us via email: firstname.lastname@example.org or snail-mail (only USPS): Tomba technology web service LLC, 2803 Philadelphia Pike Suite B #1228 Claymont, Delaware 19703 United States USA.