- 1. Introduction
1.1 Privacy Principles
Ton has two fundamental principles when it comes to collecting and processing private data:
- • We don’t use your data to show you ads.
- • We only store the data that Ton needs to function as a secure and feature-rich messaging service.
1.2. Terms of Service
1.3. Table of Contents
- • the legal basis for processing your personal data;
- • what personal data we may collect from you;
- • how we keep your personal data safe;
- • what we may use your personal data for;
- • who your personal data may be shared with; and
- • your rights regarding your personal data.
1.4. EEA Representative
If you live in a country in the European Economic Area (EEA), the Services are provided by Ton , which for the purposes of applicable data protection legislation is the data controller responsible for your personal data when you use our Services.
- 2. Legal Ground for Processing Your Personal Data
We process your personal data on the ground that such processing is necessary to further our legitimate interests (including: (1) providing effective and innovative Services to our users; and (2) to detect, prevent or otherwise address fraud or security issues in respect of our provision of Services), unless those interests are overridden by your interest or fundamental rights and freedoms that require protections of personal data.
- 3. What Personal Data We Use
3.1. Basic Account Data
Ton is a communication service. You provide your mobile number and basic account data (which may include profile name, profile picture and about information) to create a Ton account.
To make it easier for your contacts and other people to reach you and recognize who you are, the screen name you choose, your profile pictures, and your username (should you choose to set one) on Ton are always public. We don’t want to know your real name, gender, age or what you like.
We do not require your screen name to be your real name. Note that users who have you in their contacts will see you by the name they saved and not by your screen name. This way your mother can have the public name ‘Johnny Depp’ while appearing as ‘Mom’ to you and as ‘Boss’ to her underlings at work (or the other way around, depending on how these relationships are structured).
3.2. Your E-mail Address
When you enable 2-step-verification for your account or store documents using the Ton Passport feature, you can opt to set up a password recovery email. This address will only be used to send you a password recovery code if you forget it. That’s right: no marketing or “we miss you” bullshit.
3.3. Your Messages
3.3.4. Public Chats
In addition to private messages, Ton also supports public channels and public groups. All public chats are cloud chats (see section 3.3.1 above). Like everything on Ton , the data you post in public communities is encrypted, both in storage and in transit — but everything you post in public will be accessible to everyone.
3.4. Phone Number and Contacts
You can use the contact upload feature and provide us, if permitted by applicable laws, with the phone numbers in your address book on a regular basis, including those of users of our Services and your other contacts. If any of your contacts aren’t yet using our Services, we’ll manage this information for you in a way that ensures those contacts cannot be identified by us. You can create, join, or get added to groups and broadcast lists, and such groups and lists get associated with your account information. You give your groups a name. You can provide a group profile picture or description.
Status Information. You may provide us your status if you choose to include one on your account.
About contact upload
Contact upload is an optional feature that allows us to check which of your contacts in your device’s address book are also Ton Messenger users. It also means we can update your Ton Messenger contact list when your contacts who aren’t using Ton Messenger yet sign up later. We care about your privacy and don’t share your contact list with Meta.
When you use contact upload and grant Ton Messenger access to your device address book, Ton Messenger will access and upload the phone numbers in your address book on a regular basis, including those of Ton Messenger users and your other contacts. We don’t collect any of the other information that could appear in your device address book including names, email addresses, etc.
If any of your contacts aren’t yet using Ton Messenger, we protect their privacy by managing the phone number in a way that is designed to prevent those contacts from being identified by Ton Messenger. We do this by creating a cryptographic hash value of their phone number, and then delete the number. The hash value enables us to more efficiently connect you with these contacts when they join Ton Messenger.
3.5. Location Data
If you share a location in a chat, this location data is treated like other messages in cloud or secret chats respectively.
If you share your Live Location in any chat or turn on ’Make Myself Visible’ in People Nearby, Ton will use your data to display your location to those users with whom you are sharing it, even when the app is closed – for as long as you keep these optional features activated.
- 4. Keeping Your Personal Data Safe
4.1. Storing Data
If you signed up for Ton from the UK or the EEA, your data is stored in data centers in the Netherlands. These are third-party provided data centers in which Ton rents a designated space. However, the servers and networks that sit inside these data centers and on which your personal data is stored are owned by Ton . As such, we do not share your personal data with such data centers. All data is stored heavily encrypted so that local Ton engineers or physical intruders cannot get access.
4.2. End-to-End Encrypted Data
Your messages, media and files from secret chats (see section 3.3.2 above), as well as the contents of your calls and the data you store in your Ton Passport are processed only on your device and on the device of your recipient. Before this data reaches our servers, it is encrypted with a key known only to you and the recipient. While Ton servers will handle this end-to-end encrypted data to deliver it to the recipient – or store it in the case of Ton Passport data, we have no ways of deciphering the actual information. In this case, we neither store nor process your personal data, rather we store and process random sequences of symbols that have no meaning without the keys which we don’t have.
- 5. Processing Your Personal Data
5.1. Our Services
Ton is a cloud service. We will process your data to deliver your cloud chat history, including messages, media and files, to any devices of your choosing without a need for you to use third-party backups or cloud storage.
5.2. Safety and Security
Ton supports massive communities which we have to police against abuse and Terms of Service violations. Ton also has more than 4 million users which makes it a lucrative target for spammers. To improve the security of your account, as well as to prevent spam, abuse, and other violations of our Terms of Service, we may collect metadata such as your IP address, devices and Ton apps you’ve used, history of username changes, etc. If collected, this metadata can be kept for 12 months maximum.
5.3. Spam and Abuse
To prevent phishing, spam and other kinds of abuse and violations of Ton ’s Terms of Service, our moderators may check messages that were reported to them by their recipients. If a spam report on a message you sent is confirmed by our moderators, your account may be limited from contacting strangers – temporarily or permanently. You can send an appeal using email@example.com. In case of more serious violations, your account may be banned. We may also use automated algorithms to analyze messages in cloud chats to stop spam and phishing.
5.4. Cross-Device Functionality
We may also store some aggregated metadata to create Ton features (see section 5.5 below) that work across all your devices.
5.6. No Ads
Unlike other services, we don’t use your data for ad targeting or other commercial purposes. Ton only stores the information it needs to function as a secure and feature-rich cloud service.
- 6. Third Party Payment Services
6.1. Payment Information
The Payment Platform for Bots is available to users as of Ton 6.0. Ton does not process payments from users and instead relies on different payment providers around the world. It is the payment providers that handle and store your credit card details. Neither Ton nor the merchants on the platform (bot developers) have access to this information. Although we work with payment providers they are completely independent from Ton . Please study their relevant privacy policies before making your data available to them.
6.2. Credit Card Information
When making a purchase, you enter your credit card details into a form supplied by the payment provider that will be processing the payment, and this information goes directly to the payment provider’s server. Your credit card information never reaches Ton ‘s servers. We do not access and do not store your credit card information. When you save your credit card info, it is saved on the respective payment provider’s servers and the payment provider gives Ton a token that you can reuse for future payments. It is not possible to reconstruct your credit card info from the token.
6.3 Shipping Information
When you enter shipping information in the process of placing an order, we send it directly to the merchant bot developer. We can store your shipping information for you if you choose to save it for future purchases. We will delete this information immediately if you ask us to.
- 7. Payment Disputes
Due to the fact that Ton doesn’t store any credit card details or transaction information, it is impossible for us to handle complaints or cashbacks – any disputed payments are the responsibility of the bot developers, payment providers, and banks that participated in the exchange.
- 8. Who Your Personal Data May Be Shared With
8.1. Other Ton Users
8.3. Law Enforcement Authorities
If Ton receives a court order that confirms you’re a terror suspect, we may disclose your IP address and phone number to the relevant authorities. So far, this has never happened. When it does, we will include it in a semiannual transparency report published.
- 9. Your Rights Regarding the Personal Data You Provide to Us
9.1. Your Rights
Under applicable data protection legislation, in certain circumstances, you have rights concerning your personal data. You have a right to: (1) request a copy of all your personal data that we store and to transmit that copy to another data controller; (2) delete (see section 10 below) or amend your personal data; (3) restrict, or object to, the processing of your personal data; (4) correct any inaccurate or incomplete personal data we hold on you; and (5) lodge a complaint with national data protection authorities regarding our processing of your personal data.
9.2. Exercising Your Rights
If you wish to exercise any of these rights, kindly contact us using the details in section 12 below.
9.3. Data Settings
You can control how your data is used (e.g., delete synced contacts) in Settings > Privacy (using one of our mobile apps).
Sadly, if you’re generally not OK with Ton ‘s modest requirements, it won’t be possible for us to provide you with our Services. You can delete your Ton account by proceeding to the deactivation page.
- 10. Deleting data
If you would like to delete your account, you can do this on the deactivation page. Deleting your account removes all messages, media, contacts and every other piece of data you store in the Ton cloud. This action must be confirmed via your Ton account and cannot be undone.
- • In secret chats, deleting a message always instructs the app on the other end to delete it too.
- • In cloud chats, you can choose to delete a message for all participants within at least 48 hours after sending. Otherwise, deleting a message will delete it from your message history. This means that a copy will stay on the server as part of your partner’s message history. As soon as your partner deletes it too, it’s gone forever.
- • As of version 5.5, any party can choose to delete any messages in one-on-one chats, both sent and received, for both sides. There is no time limit. Any party can also opt to clear the entire chat history for both parties, in which case the apps will be instructed to remove all messages in that chat, however many of them are still retained by either of the participants.
- • In supergroups and channels, deleting a message removes it for all participants. Note that deleted messages and original versions of edited messages from supergroups are stored for 48 hours after deletion in order to be shown in the admins log.
10.3. Self-Destructing Messages
Messages in Secret Chats can be ordered to self-destruct. As soon as such a message is read (2 checks appear), the countdown starts. When the timer expires, both devices participating in a secret chat are instructed to delete the message (photo, video, etc.). Media with short timers (less than a minute) are shown with blurred previews. The timer is triggered when they are viewed.
10.4. Account Self-Destruction
By default, if you stop using Ton and do not come online for at least 6 months, your account will be deleted along with all messages, media, contacts and every other piece of data you store in the Ton cloud. You can go to Settings to change the exact period after which your inactive account will self-destruct.
- 12. Questions and concerns
If you have any questions about privacy and our data policies, please contact our email firstname.lastname@example.org