Privacy Policy
1. Introduction
This Privacy Policy ("Policy") describes how TG:ON Team ("we", "us", operator of the tg-on.com website and the TG:ON software) collects, uses, and protects personal data of users.
By using the tg-on.com website or the TG:ON software (collectively, "the Service"), you agree to this Policy. If you do not agree — please do not use the Service.
2. What data we process
2.1. Data you provide voluntarily
- Email address — to activate your license, deliver the key, and provide support.
- Payment information — processed by our partner CryptoCloud (USDT, TON, BTC, ETH, etc.). We do NOT store card numbers or crypto wallet addresses.
- Support requests — content of your messages to
support@tg-on.comor@tgon_support_bot.
2.2. Technical data
- IP address — for brute-force protection, fraud detection, server logs.
- User-Agent, browser type, screen resolution — for UI compatibility and basic analytics.
- Cookies — functional (language, theme). Analytics — only with your consent.
2.3. What we do NOT collect
TG:ON is local-first architecture. The software runs on your device, and most of your data never leaves it:
- Content of your Telegram messages — never transmitted to our servers.
- TDATA files and Telegram account sessions — stored locally in your file system. We have no access.
- Names, IDs, and data of your Telegram contacts — processed exclusively on your device.
- Geolocation — not requested or determined.
3. Processing purposes and legal bases
| Data | Purpose | Legal basis |
|---|---|---|
| License activation, support | Performance of contract | |
| Product update notifications | Consent (can be withdrawn) | |
| IP, User-Agent | Security, fraud detection | Legitimate interest (GDPR Art.6(1)(f)) |
| Strictly necessary cookies | Site functionality | No consent required |
| Analytics cookies | Usage patterns analysis | Consent (via cookie banner) |
| Payment data | Processing transactions | Performance of contract |
4. Data sharing with third parties
To deliver the Service we share minimum-necessary data with the following sub-processors:
| Partner | Data processed | Jurisdiction |
|---|---|---|
| CryptoCloud | Payment transactions (anonymous crypto payments — USDT/TON/BTC/ETH) | EU |
| Contabo GmbH | License server and database hosting | Germany (EU) |
| SMTP provider | Transactional emails (activation, support replies) | EU/US (provider-dependent) |
We do not sell your personal data to third parties for advertising or other commercial purposes. Disclosure is only possible on lawful grounds (e.g., a valid legal request from law enforcement).
5. Retention periods
- Email + License key — until you withdraw consent or delete your account.
- IP addresses in server logs — 90 days from the record date.
- Support ticket content — 12 months after the ticket is closed.
- Payment history — per CryptoCloud retention policy and accounting requirements.
After the retention period, data is automatically deleted or anonymized (aggregated beyond identification).
6. Cookies
The tg-on.com site uses three categories of cookies:
- Strictly necessary — for the site to function (language, theme, session state). No consent required, cannot be disabled.
- Functional — remember your preferences. Can be disabled in browser settings.
- Analytics — for understanding site usage. Enabled only with your explicit consent via the cookie banner.
Details — see the Cookie Policy.
7. Your rights
Under the EU General Data Protection Regulation (GDPR) for users in the EU/EEA, and Russian Federal Law No. 152-FZ "On Personal Data" for Russian users, you have the right to:
- Access — receive a copy of the data we hold about you.
- Rectification — request correction of inaccurate or outdated data.
- Erasure ("right to be forgotten") — request deletion when there's no lawful basis for further retention.
- Restriction of processing — request temporary suspension of processing in disputed cases.
- Data portability — receive your data in a machine-readable format (JSON/CSV).
- Objection — to processing based on "legitimate interest".
- Withdraw consent — at any time, without explanation, without consequence for past lawful processing.
To exercise any right, email support@tg-on.com or Telegram @tgon_support_bot. Response time — up to 30 calendar days.
EU users also have the right to lodge a complaint with their national data protection authority.
8. Data security
We apply reasonable technical and organizational measures to protect your data:
- TLS (HTTPS) encryption for all network traffic.
- Hashing of secrets (bcrypt, argon2) — we never store passwords in plaintext.
- Isolation of production from dev/test environments.
- Regular encrypted-at-rest backups of the license database.
- Access logging and regular audit.
Despite the measures taken, no internet service can guarantee absolute security. In case of a confirmed personal data breach, we will notify you and (for EU users) the supervisory authority within 72 hours as required by GDPR Art.33.
9. Minors
The Service is intended for users aged 16 and older. We do not knowingly collect personal data from individuals under 16. If we learn we have collected such data without proper parental or guardian consent, it will be deleted as soon as possible.
10. Changes to this Policy
We may update this Policy as the Service evolves and laws change. For material changes we will notify you by:
- An "Updated [date]" mark at the top of this page.
- Email notification (if subscribed to product updates).
- A message via @tgon_support_bot (opt-in).
The current version is effective as of May 11, 2026.
11. Contact
Personal data operator:
- Name: TG:ON Team (operator of tg-on.com)
- Email: support@tg-on.com
- Telegram: @tgon_support_bot
For any questions regarding personal data processing, reach out by either method. We respond within 30 days.