Contents
TOUN ("we," "us," or "our") operates the TOUN mobile application and the website located at toun.app (collectively, the "Services"). TOUN is a personal connection platform designed to allow users to maintain emotional bonds with their contacts through periodic heartbeat interactions. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use our Services.
Please read this Privacy Policy carefully. If you do not agree with the terms of this Privacy Policy, please do not access the Services. This Privacy Policy is incorporated by reference into our Terms of Use.
Controller Identity: For users in the European Economic Area (EEA) and the United Kingdom, TOUN acts as the data controller with respect to your personal data as defined under the General Data Protection Regulation (GDPR) and the UK GDPR respectively. For users in California, TOUN is the "business" as defined under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA).
For the purposes of this Privacy Policy, the following terms shall have the meanings set out below:
We collect information that you provide directly, information generated by your use of the Services, and information obtained from third-party services. The categories and specific data elements are as follows:
| Data Element | Purpose | Required |
|---|---|---|
| Mobile phone number (E.164 format) | Account authentication via one-time password (OTP); identity verification; connection discovery | Yes |
| Display name | Personalisation of the user experience and notifications to contacts | Yes |
| Date of birth | Age verification to confirm eligibility (13+ years) | Yes |
| Profile photograph | Identity representation within the application; displayed to mutual connections only | No |
| Contact list (on-device, read-only) | Identifying which of your device contacts are already TOUN users, enabling connection discovery; contact data is hashed using SHA-256 before transmission | No (permission-based) |
| Data Element | Purpose | Retention |
|---|---|---|
| Heartbeat interaction records (type, timestamp, pulse identifier) | Core product functionality; interaction history; bond state calculation | Until account deletion |
| Connection relationships (mutual pulse records) | Relationship graph management; connection lifecycle | Until either party deletes the connection |
| FCM registration tokens | Delivery of push notifications to registered devices | Until replaced by a new token or account deletion |
| App Check tokens (Play Integrity / DeviceCheck) | Verification that requests originate from genuine, non-emulated TOUN installations; anti-fraud and bot prevention | Not persisted; ephemeral per-request tokens |
| App open events and session metadata | Reciprocity nudge triggering; analytics; abuse detection | 90 days |
| Notification interaction events (opened, dismissed) | Delivery confirmation; notification system optimisation | 90 days |
| Crash reports and diagnostic data | Application stability; bug identification and remediation via Firebase Crashlytics | 90 days |
| IP address (web/landing page visitors) | Fraud prevention; geographic analytics; DDoS mitigation (Vercel infrastructure) | 30 days (Vercel logs) |
| Browser type, operating system, device model | Platform-specific optimisation; analytics segmentation | 14 months (Google Analytics) |
When you grant TOUN access to your device contacts, we do not upload your contacts' raw phone numbers to our servers. Instead, each phone number is normalised to E.164 format and hashed using SHA-256 on your device. Only the resulting irreversible hash is transmitted to our servers to check against the hashes of registered TOUN users. This "zero-knowledge" approach means we never store or process the raw contact phone numbers of non-users.
We do not collect the following:
We use the Personal Data we collect for the following purposes:
We do not use your Personal Data for targeted advertising, do not sell your data to third parties for their own marketing purposes, and do not engage in profiling for automated decision-making that produces legal or similarly significant effects.
For users in the EEA and UK, we rely on the following legal bases under GDPR Article 6 for processing your Personal Data:
| Processing Activity | Legal Basis |
|---|---|
| Account creation and authentication | Performance of a contract (Art. 6(1)(b)) |
| Heartbeat interactions and pulse data | Performance of a contract (Art. 6(1)(b)) |
| Push notifications (heartbeats, connection requests) | Performance of a contract; Legitimate interests (Art. 6(1)(f)) |
| Contact discovery via hashed phone numbers | Consent (Art. 6(1)(a)), you grant device contacts permission explicitly |
| Analytics and crash reporting | Legitimate interests (Art. 6(1)(f)), to improve product stability and experience |
| App Check / fraud prevention | Legitimate interests (Art. 6(1)(f)), to protect users from bots and abuse |
| Legal compliance | Legal obligation (Art. 6(1)(c)) |
| Web analytics cookies (Google Analytics) | Consent (Art. 6(1)(a)), via our cookie consent mechanism |
Where we rely on legitimate interests, we have conducted a balancing test and determined that our legitimate interests are not overridden by your rights and freedoms. You may request a copy of our legitimate interests assessment by contacting us at the address in Section 14.
We do not sell, rent, or trade your Personal Data. We share data only in the circumstances described below, and only to the extent necessary for the stated purpose.
We engage the following processors to operate the Services. All processors are bound by data processing agreements and applicable data protection law:
| Processor | Service Provided | Data Transferred | Location |
|---|---|---|---|
| Google LLC / Firebase | Authentication (Firebase Auth), database (Firestore), file storage (Cloud Storage), push messaging (FCM), analytics (Firebase Analytics), crash reporting (Crashlytics), app integrity (App Check), serverless functions (Cloud Functions) | Account data, interaction data, FCM tokens, crash logs, analytics events | United States (with EU SCCs where applicable) |
| Apple Inc. | Apple Push Notification Service (APNS), delivery of push notifications to iOS devices | FCM-generated APNS device tokens (opaque identifiers; not personal data in isolation) | United States |
| Google LLC (Play Integrity) | Device attestation and integrity verification on Android | Attestation tokens (ephemeral; not stored) | United States |
| Vercel Inc. | Hosting of the toun.app website and landing pages | IP addresses, request metadata (web visitors only) | United States / Global Edge Network |
| Google LLC (Google Analytics 4) | Website traffic analytics (toun.app landing pages only; with cookie consent) | Pseudonymous analytics identifiers, page views, session data | United States (with EU SCCs) |
By using TOUN, you authorise us to make the following information visible to your mutual connections within the application:
Your phone number is never displayed to other users within the application. Contact relationships are visible only to the two parties sharing a mutual pulse.
In the event of a merger, acquisition, sale of assets, or similar business transaction, your Personal Data may be transferred to the acquiring entity. We will provide notice before your Personal Data is transferred and subject to a different Privacy Policy.
We may disclose your Personal Data if required to do so by applicable law, court order, or governmental authority; to enforce our Terms of Use or protect our legal rights; to protect the safety of any person; or to respond to a national security or law enforcement request. Where permitted by law, we will notify you of any such request.
We retain Personal Data for as long as necessary to fulfil the purposes for which it was collected, comply with our legal obligations, resolve disputes, and enforce our agreements.
| Data Category | Retention Period |
|---|---|
| Account information (phone number, display name, date of birth) | Until account deletion request is processed, plus 30 days for backup reconciliation |
| Profile photographs | Until account deletion or user replaces/removes the image |
| Heartbeat interaction records (pulse data) | Until account deletion or connection removal by either party |
| FCM push tokens | Until superseded by a new token, device deregistration, or account deletion; stale tokens are automatically removed when FCM confirms delivery failure |
| Connection request records | 12 months from creation, regardless of outcome (pending, accepted, declined, or blocked) |
| App open / session events | 90 days |
| Crash logs (Firebase Crashlytics) | 90 days (Firebase platform default) |
| Firebase Analytics events | 14 months (Google Analytics platform default) |
| Legal hold data (if subject to litigation or regulatory enquiry) | Duration of the hold plus applicable statutory period |
Upon account deletion, we initiate deletion of your Personal Data within 30 days. Some data may be retained in anonymised, aggregated form for statistical purposes with no ability to re-identify you.
If you are located in the EEA or UK, you have the following rights with respect to your Personal Data:
If you are a California resident, you have the following rights:
California residents may designate an authorised agent to make a request on their behalf. We will verify the identity of the agent and the requestor before processing any request.
To exercise any of the rights described above, please contact us at privacy@toun.app with the subject line "Privacy Rights Request." We will respond within 30 days (GDPR) or 45 days (CCPA) of receiving your request. We may require verification of your identity before processing your request.
Many rights can be exercised directly within the TOUN application under Profile → Settings → Privacy & Data.
TOUN is not directed to children under the age of thirteen (13). We do not knowingly collect Personal Data from children under 13. If you are a parent or guardian and believe that your child has provided us with Personal Data without your consent, please contact us immediately at privacy@toun.app.
We will delete any Personal Data collected from a child under 13 upon becoming aware of such collection. In jurisdictions where a higher age of digital consent applies (e.g., 16 in certain EU member states), we require users to meet the applicable minimum age. We collect date of birth during registration for the purpose of age verification.
This policy is consistent with the Children's Online Privacy Protection Act (COPPA), the GDPR provisions on children's data, and applicable regional law.
TOUN is operated from the United States. If you access our Services from outside the United States, your Personal Data may be transferred to, stored, and processed in the United States or other countries where our service providers operate, which may have different data protection standards than your home country.
For users in the EEA and UK, where we transfer Personal Data to countries not recognised as providing adequate protection, we rely on appropriate safeguards including:
You may request a copy of the applicable transfer mechanism by contacting us at privacy@toun.app.
We implement appropriate technical and organisational measures designed to protect your Personal Data against unauthorised access, accidental loss, destruction, or alteration. These measures include:
Notwithstanding our security measures, no system is completely immune from attack. In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify you and the relevant supervisory authority within the timeframes required by applicable law.
The TOUN website (toun.app) uses cookies and similar technologies. The TOUN mobile application does not use browser cookies; on-device data is managed via secure application storage (SQLite via Drift and SharedPreferences).
| Category | Name | Provider | Purpose | Duration |
|---|---|---|---|---|
| Strictly Necessary | toun_cookie_consent | TOUN | Stores your cookie consent preferences so we do not re-ask on every visit | 12 months |
| Analytics (opt-in) | _ga, _ga_*, _gid | Google Analytics 4 | Collects pseudonymous data on page visits, traffic sources, and user behaviour to help us improve the website | Up to 2 years (_ga); 24 hours (_gid) |
| Analytics (opt-in) | _gcl_au | Conversion measurement (used by Google Analytics and Google Tag Manager) | 90 days |
You can manage your cookie preferences at any time by clicking the "Cookie Settings" link in the footer of any page on toun.app. You may withdraw consent for analytics cookies at any time; this will not affect any processing that took place before withdrawal.
You may also control cookies through your browser settings. Note that disabling certain cookies may affect the functionality of our website.
We honour "Do Not Track" (DNT) browser signals. When a DNT signal is detected, we will not load analytics cookies regardless of consent stored in our cookie preference record.
We reserve the right to update this Privacy Policy at any time. When we make material changes, we will notify you by:
Where required by applicable law, we will obtain your explicit consent to any material changes before they take effect. Your continued use of the Services after the effective date of any changes constitutes your acceptance of the revised Privacy Policy.
We encourage you to review this Privacy Policy periodically. The current version is always available at toun.app/privacy.
If you have any questions, concerns, or requests relating to this Privacy Policy or our data practices, please contact us:
Privacy Enquiries
Email: privacy@toun.app
General: hello@toun.app
We will acknowledge your enquiry within 48 hours and respond substantively within 30 days (or 45 days for CCPA requests, where an extension is applied).
Supervisory Authority Complaints:
If you are in the EEA and are not satisfied with our response, you have the right to lodge
a complaint with your local supervisory authority. For a list of EU data protection
authorities, visit edpb.europa.eu.