Privacy
Our privacy-first approach guarantees transparency and gives you full control over your data.
Your data is our priority
We've built a robust infrastructure for enterprise-grade security that meets the highest compliance standards — and gives you complete control over your data.
Enabling compliance
We let you decide which data you share, with whom and for what purpose, while maintaining the strictest standards for compliance.
Personal data is not for sale
At no time has Toloka ever sold user information, nor have we ever shared it with third parties for advertising purposes.
Stringent data protection
We apply advanced security measures to protect personal data. Only a limited number of Toloka employees have access to it.
Full transparency
We will inform you about the grounds and legal basis for collecting and processing your personal data.
Honoring user requests
We always process our users' requests. If you want to exercise your rights as a data subject, please reach out via online-form.
Purpose-specific data collection
We collect personal data only when it serves a legitimate purpose that is explicitly stated in our Privacy Notice.
![](data:image/svg+xml,<svg display="block" role="presentation" viewBox="0 0 48 48" xmlns="http://www.w3.org/2000/svg"><path d="M 12.5 15.5 L 0 15.5 L 0 12.5 L 12.5 12.5 L 12.5 0 L 15.5 0 L 15.5 12.5 L 28 12.5 L 28 15.5 L 15.5 15.5 L 15.5 28 L 12.5 28 Z" fill="rgb(0, 0, 0)" height="28px" id="v_HNFUCmW" transform="translate(10 10)" width="28px"/></svg>)
What information does the GDPR apply to?
The GDPR applies to Personal Data. However, Personal Data is broadly defined and includes identifiers such as IP address, cookies, and device IDs. This means that data collected by you through your use of Toloka may be deemed Personal Data under the GDPR.
How does Toloka help its customers with CCPA compliance?
To help our customers ensure compliance with the CCPA, we are committed to:
Acting only as a service provider for our customers and processing the data only for the stated business purposes.
Never selling or disclosing any personal information received from our customers.
Being fully transparent with our customers.
Supporting customer opt-in and opt-out requirements.
Ensuring appropriate agreements are in place with our customers.
Having appropriate technical and organizational measures in place to protect our customer data.
How does Toloka help its customers with privacy compliance?
Toloka provides built-in product features which allow customers to be fully transparent with Tolokers. For example, we have prepared guidelines for customers about how to designate the purpose for personal data processing.
What data is received by Toloka from users?
Please see section 3 of our Privacy Notice where the categories of data are listed.
How does Toloka protect your personal data?
Toloka follows strict physical, technical, administrative, and organizational procedures to protect data and conforms to major ISO standards (27001 and 27701). See Toloka's security page for more information.
Can I withdraw my consent to process my data?
Where we process your personal data with your consent, you can withdraw your consent at any time if you want us to stop. For example, you can contact Toloka via online-form and/or by using the unsubscribe link provided at the bottom of each email in direct marketing communications.
Does Toloka have a GDPR-compliant data protection agreement?
Yes, you may download our DPA (for all customers except US customers).
Who are Toloka's sub-processors?
Current Toloka sub-processors include Microsoft Azure for data storage, Zendesk for our customer service provision, Databricks for data analytics, and Toloka affiliates for technical and service assistance. You can find more information in our Data Processing Agreement.
How does Toloka handle the data it receives when customers use Toloka?
We are committed to providing customers and end users with complete transparency in relation to our privacy practices and to protecting customer data. Furthermore, we implement stringent security and organizational measures including those described here to protect your data.
How can I exercise my rights as a data subject?
To manage your consent or exercise any of your other rights, contact us any time via online-form (for users) or customercare@toloka.ai (for customers).
How does Toloka handle the data it receives when you use Toloka?
To learn about the purpose of data processing, how we handle data, and your privacy rights, see the Privacy Notice.