Privacy Policy

Effective date: 2026-04-29 · Last updated: 2026-04-29

This policy explains what Tono ("we", "the app") collects, why, and how you can control your data. We try to keep this short and honest. If anything is unclear, email [email protected].

1. Information we collect

• Email address — used as your account identifier. We sign you in by sending a one-time verification code to this address.
• Content you create — notes, todo titles, completion state, and labels. This is the data you ask Tono to store and sync.
• Session metadata — for each active sign-in, we record device user-agent, IP address, and timestamps so we can detect abuse and let you sign out remotely.
• One-time verification codes — stored briefly (minutes) and discarded after use or expiry.

We do not collect your name, phone number, contacts, location, photos, or any device identifier beyond what your browser or app sends automatically with each request.

2. How we use it

• Authenticate you and keep you signed in across devices.
• Sync the notes and todos you create between your devices.
• Investigate bugs, abuse, and infrastructure issues.

We do not use your content to train any model, show ads, or build a profile of you. We do not sell your data.

3. Third-party services

Tono runs on a small set of providers. Each only sees the data it needs:

• Cloudflare — hosts our backend (Workers), database (D1), and key-value storage. All your account and content data is processed and stored on Cloudflare infrastructure.
• Resend — delivers the one-time verification codes to your email address. Your email is shared with Resend solely for this delivery.

We do not embed advertising SDKs, analytics SDKs, or third-party trackers.

4. Data security

All traffic between your device and our servers uses HTTPS. Verification codes are short-lived. Refresh tokens are stored in your device's secure storage. Note that your content is not end-to-end encrypted — server administrators technically have access to it, the same as any standard cloud-synced notes app.

5. Data retention

• Account and content data are kept while your account is active.
• If you delete your account, all associated data is permanently removed within 30 days.
• Server logs are retained briefly (typically up to 7 days) for operational purposes.
• Sessions are revoked when you sign out or when they expire.

6. Your rights

You can:

• Access your data — your notes and todos are visible in the app at any time.
• Export your data — email [email protected] and we will send a machine-readable copy within 30 days.
• Delete your account and data — see Delete Account.

7. Children's privacy

Tono is not directed to children under 13. We do not knowingly collect data from children under 13. If you believe a child has created an account, contact us and we will delete it.

8. International users

Tono is operated from China. By using the app, you consent to your data being processed on Cloudflare's global edge infrastructure, which may include data centers outside your country of residence.

9. Changes to this policy

If we make material changes, we will update the "Last updated" date at the top of this page and, where reasonable, notify active users by email.

10. Contact

Questions or requests: [email protected]