Back to all posts

Protecting personal data on Toloka: Platform policy and Toloker responsibility

Toloka Team
by Toloka Team
Image

This article delves into the methods used by the platform and requesters to manage users’ personal data and provides guidance for Tolokers when they encounter third-party data in tasks.

Types of information stored on Toloka

Let’s break down the primary categories of data that the Toloka platform collects.

Basic data

Used for registration, task completion, and user identification. It includes the standard list of details::

  • First and last name, date of birth
  • Phone number and email address
  • Location (country and city)
  • Language proficiency

Note! Task authors do not have access to these personal details of Tolokers. However, they do use these criteria to choose suitable performers. Here’s how it works: requesters establish certain requirements for Tolokers in their projects, and Toloka, based on these settings, allocates the tasks to eligible individuals.

Additional data

This data aids in the platform’s interaction with Tolokers.

  • Login method
  • Payment withdrawal methods
  • Identity documentation (for example, to lift a ban)
  • Documents verifying self-employment

Toloka never shares this additional data with clients. The platform only uses this data to inform clients on each Toloker’s status, such as their verification level.

Operational data

This includes cookies, geolocation, IP addresses, website activity metrics, and more. You can find a comprehensive list in Toloka’s Privacy Policy.

By collecting this information, Toloka ensures robust security, prevents fraud, and enhances user experience.

Rule #1: Always provide truthful information about yourself. It’s a mandatory condition of the User Agreement. If either Toloka or task authors detect that a Toloker has provided incorrect data, their access to tasks of even the platform might be revoked.

How Toloka safeguards personal data

All stored data is encrypted. To do this, we use a globally certified platform that stores data across distributed servers. These servers, hosted in various countries, store user data based on regional considerations. Any data Toloka shares with clients maintains a similar level of protection.

For more information Toloka’s data protection systems, refer to the Privacy Policy, specifically Section 10.

How requesters use Toloker data

In addition to selecting performers based on provided criteria, clients might gather extra personal data during tasks to use it for their own purposes. Examples include:

  • Photos, audio, or video recorded during tasks
  • Geolocation data needed to validate task completion
  • Personal opinions of Tolokers from surveys
  • Other necessary data for specific uses

Using this information, project authors conduct research, train artificial intelligence, test hypotheses, and solve business challenges — either theirs or their partners’. According to Toloka’s revised guidelines, customers are obligated to specify in task instructions or descriptions precisely how they intend to process gathered data.

Rule #2: If you need to provide personal information to complete a task, carefully read the instructions before you start. Once you hand your personal data to the client, the responsibility of safekeeping your data shifts from Toloka to that particular author.

How to avoid Privacy Policy violations

Sometimes, tasks might expose Tolokers to another person’s personal data. For example, the instructions may include a photo of a person demonstrating how to perform the task correctly. Or, a task may require you to provide third party data, such as collecting different people’s opinions on some issue.

In such scenarios, the Toloker is responsible for the security of personal data. This is stipulated in the User Agreement.

Best practices include:

  • If you see personal data in a task, do not distribute it under any circumstances: you cannot take screenshots, post the information online, or share it with others
  • If you need someone else’s data (for example, your sister’s or neighbor’s) to complete the task, be sure to ask for their permission. In most cases, simply explaining why and where you will send the information and obtaining verbal consent is sufficient. Please refer to your country’s laws for the exact terms and conditions for transferring third-party data.

Rule #3: Remember that all personal data, whether yours and others', is protected by law.

Summary

  • Toloka collects different types of personal data from its users. The platform shares with clients only the essentials required for selecting performers and obtaining task results.
  • All data is securely encrypted and protected by the Privacy Policy and legislation.
  • The task authors specify in their instructions why they collect certain types of data, how they intend to process it, and its potential recipients.
  • You cannot distribute or use someone else’s personal information to complete tasks without securing the data owner’s consent.
Article written by:
Toloka Team
Toloka Team
Updated: 
Back to all posts

Similar articles

View all posts
Image
What's new in your Toloker profile?
product
Image
New authorization on Toloka: Solutions to common issues
tips and guides
Image
Task types in Toloka: Field projects
tips and guides
Image
Requirements from external platforms for Tolokers
product