ToggleBack to app →

Toggle

Privacy Policy

Effective Date: March 26, 2026

1. Introduction

HMG Collective LLC (“Company,” “we,” “us,” “our”) operates the Toggle platform (“Services”). This Privacy Policy describes how we collect, use, disclose, and protect personal information when you use our Services, visit our website, or interact with us.

By accessing or using the Services, you consent to the privacy practices described in this policy. If you do not agree with our practices, please do not use the Services.

2. Information We Collect

2.1 Information You Provide Directly

We collect the following information when you provide it to us:

  • Account information: name, email address, phone number, company or agency name, and job title
  • Payment information: billing address and payment method details (processed by third-party payment processors—we do not directly store full payment card details)
  • Communications: support requests, feedback, feature requests, and correspondence with our team
  • Profile information: logo, company website, and other details you choose to add to your account

2.2 Information Imported from Connected Systems

When you connect your travel agency’s back-office system to Toggle, we collect and process data including:

  • Booking and reservation records: dates, destinations, suppliers, itineraries, and booking status
  • Traveler information: names, contact details, passport numbers, loyalty program numbers, and special requests
  • Financial data: booking amounts, commission data, payment records, and yield information
  • Advisor and agent performance data: productivity metrics, sales figures, and reporting information

This data is imported from third-party travel agency back-office systems (both cloud-based platforms and on-premise software) through secure API integrations and our proprietary synchronization engine. You retain full control over what data is imported and can modify connection settings at any time.

2.3 Information Collected Automatically

We automatically collect certain information when you use the Services:

  • Device and browser information: IP address, browser type, operating system, device identifiers, and device settings
  • Usage data: pages viewed, features used, actions taken, time spent on the Services, and click patterns
  • Log data: access times, error logs, referring URLs, and diagnostic information
  • Geolocation data: inferred from IP address and travel booking patterns (not GPS-based)

3. How We Use Your Information

We use the information we collect for the following purposes:

  • Provide and maintain the Services: operate the platform, process transactions, and deliver features
  • Generate reports and analytics: create business intelligence reports specific to your agency
  • Create Aggregated Data: develop de-identified, aggregate data that does not identify you or any individual, used for industry benchmarks, analytics products, and other lawful business purposes
  • Communicate with you: send updates about the Services, respond to support requests, and notify you of changes to our policies
  • Ensure security and prevent fraud: detect unauthorized access, prevent abuse, and protect the integrity of the Services
  • Comply with legal obligations: respond to lawful requests from government agencies and courts
  • Develop and improve: create new features, services, and improvements based on usage patterns and feedback
  • Marketing and outreach: send product updates, newsletters, and promotional communications (you may opt out at any time)

4. How We Share Your Information

4.1 Service Providers

We share information with third-party service providers who assist in operating the Services, including:

  • Cloud hosting infrastructure providers
  • Database management and security services
  • Error monitoring and analytics services
  • Email delivery and communication services
  • Payment processors (limited to necessary billing information)

These providers are contractually bound to use information only as needed to provide their services to us and are required to maintain the confidentiality and security of the information.

4.2 Aggregated and De-Identified Data

We may share Aggregated Data with third parties, including travel suppliers and industry partners, for benchmarking, market research, analytics, and other business purposes. This data does not identify you, your agency, or any individual and cannot be used to identify anyone.

4.3 Legal Requirements

We may disclose information if required by law, court order, subpoena, governmental request, or legal process, or if we believe disclosure is necessary to protect our rights, your safety, or the safety of others. We will attempt to provide notice of such disclosure when legally permitted.

4.4 Business Transfers

In connection with a merger, acquisition, reorganization, bankruptcy, or sale of assets, your information may be transferred as part of that transaction. We will provide notice before your information becomes subject to a different privacy policy.

4.5 With Your Consent

We may share information with third parties when you have given us explicit consent to do so.

4.6 Your Personal Information Is Not Sold

We do not sell your personal information in exchange for monetary consideration. We do not share personal information with third parties for cross-context behavioral advertising.

5. Data Retention

We retain information based on the following practices:

  • Active accounts: We retain your information for as long as your account is active or as needed to provide the Services
  • After account termination: Your Customer Data is available for retrieval for 30 days following termination, after which it is deleted from our active systems (except as required by law or for legitimate business purposes)
  • Aggregated Data: retained indefinitely as it does not contain personal information
  • Backup retention: Residual copies of your information may exist in our backup systems and are deleted in the ordinary course of our backup rotation cycle
  • Legal holds: We may retain information longer if required by law or legal proceedings

6. Data Security

We implement commercially reasonable administrative, technical, and physical safeguards to protect your information from unauthorized access, alteration, disclosure, and destruction:

  • Encryption: Data in transit is encrypted using TLS, and data at rest is encrypted using industry-standard encryption
  • Access controls: Role-based access controls and authentication mechanisms restrict access to personal information
  • Infrastructure security: Secure hosting infrastructure with regular security updates and patches
  • Regular assessments: Periodic security audits, vulnerability assessments, and penetration testing
  • Employee training: Our team receives training on data protection and privacy practices

However, no method of electronic storage or transmission is 100% secure. While we strive to protect your information using reasonable security measures, we cannot guarantee absolute security. You use the Services at your own risk.

7. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal information:

  • Right to know: the right to know what personal information we collect and how it is used
  • Right to access: the right to access your personal information
  • Right to correct: the right to request correction of inaccurate information
  • Right to delete: the right to request deletion of your personal information (subject to certain exceptions)
  • Right to opt out: the right to opt out of the sharing or sale of personal information
  • Right to non-discrimination: the right to non-discrimination for exercising your privacy rights
  • Right to data portability: the right to receive a copy of your information in a portable format

To exercise any of these rights, contact us at husain@toggletravel.com with a description of your request. We will respond within 45 days of receiving your request. We may need to verify your identity before processing your request.

If you are an authorized agent submitting a request on behalf of a data subject, we may require additional verification of your authority.

8. California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

  • Categories of personal information collected: identifiers (name, email, phone), commercial information (transaction history, spending patterns), internet activity (browsing history, app usage), professional information (job title, employer), geolocation data (inferred from travel bookings), and sensitive personal information (passport numbers, loyalty program identifiers)
  • Sources of information: directly from you, from connected third-party systems, and automatically through our Services
  • Business purposes: providing the Services, generating reports, creating Aggregated Data, communicating with you, ensuring security, and improving our Services
  • Categories of third parties with whom we share: service providers and analytics partners (who receive only Aggregated Data)
  • Non-sale of personal information: We do not “sell” your personal information as defined by the CCPA. We may share Aggregated Data with third parties, but Aggregated Data does not constitute “personal information” under the CCPA because it cannot identify you or any individual
  • Right to know, delete, and opt out: You have the right to submit requests to know, delete, and opt out by contacting husain@toggletravel.com

We will not discriminate against you for exercising your California privacy rights.

9. Cookies and Tracking Technologies

We use cookies and similar tracking technologies (such as pixels, web beacons, and local storage) to operate and improve the Services:

  • Essential cookies: Required for the Services to function, including authentication, security, user preferences, and session management
  • Analytics cookies: Help us understand how the Services are used, which features are popular, and where users encounter issues
  • Functional cookies: Remember your preferences and settings to personalize your experience

You can manage cookie preferences through your browser settings. Most browsers allow you to refuse cookies or alert you when cookies are being sent. However, blocking certain cookies may affect the functionality of the Services and prevent you from using certain features.

We do not respond to “do not track” (DNT) signals at this time.

10. Children’s Privacy

The Services are not directed to individuals under 18 years old. We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13, we will delete such information promptly and terminate the child’s account.

If you believe we have collected information from a child under 13, please contact us immediately at husain@toggletravel.com.

11. Third-Party Links

The Services may contain links to third-party websites, applications, and services that are not operated by us. This Privacy Policy does not apply to third-party services, and we are not responsible for their privacy practices, security, or content.

We encourage you to review the privacy policies and terms of service of any third-party services before providing them with your information or using their services.

12. International Users

The Services are operated in the United States. If you access the Services from outside the United States, your information will be transferred to, stored in, and processed in the United States.

By using the Services, you consent to the transfer of your information to the United States and the processing of your information under United States law.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes by email or through the Services at least 30 days before they take effect.

The “Effective Date” at the top of this policy indicates when it was last updated. Your continued use of the Services after changes become effective constitutes your acceptance of the updated Privacy Policy.

Contact Information

HMG Collective LLC
21151 Centerfarm Ln, Northville, MI 48167
Email: husain@toggletravel.com
Web: app.toggletravel.com