← Back

Privacy Policy

Last updated: April 6, 2026

1. Introduction

TONND ("we", "our", or "us") takes your privacy seriously. This policy explains how we collect, use, and safeguard your information. TONND is open source and can be self-hosted — when self-hosted, you control all data storage and processing.

2. Information We Collect

2.1 Account Information

  • Email address (from Google OAuth or registration)
  • Hashed password (if using email/password login)
  • Account creation date

2.2 Health and Fitness Data

With your explicit consent, we collect data from connected services:

  • Activity: steps, distance, calories, active minutes, floors
  • Sleep: duration, stages (deep, light, REM), efficiency
  • Heart: resting heart rate, zones, HRV
  • Body: weight, BMI, body fat, muscle mass, body composition
  • Vitals: SpO2, breathing rate, skin temperature, VO2 Max

2.3 Technical Data

  • IP address (for security purposes)
  • Browser type and version

3. How We Use Your Information

  • To provide and maintain the health tracking service
  • To display your data on your personal dashboard
  • To sync data from connected devices (Fitbit, Renpho)
  • To detect and prevent security issues

4. Data Storage and Security

4.1 Hosted Version (tonnd.com)

Data is stored on servers in the European Union (Frankfurt, Germany).

  • OAuth tokens are encrypted at rest using Fernet symmetric encryption
  • All data transfers use TLS encryption
  • Passwords are hashed with Argon2
  • Database: PostgreSQL with standard access controls

4.2 Self-Hosted

When you self-host TONND, all data remains on your own server. We have no access to your data.

5. Third-Party Services

Fitbit

Activity, sleep, heart rate, and health metrics via OAuth

Fitbit Privacy Policy

Renpho

Weight and body composition via cloud API

Renpho Privacy Policy

Google

Authentication (OAuth 2.0)

Google Privacy Policy

6. Data Sharing

We do NOT sell your personal or health data.

We may share information only:

  • With your explicit consent
  • With infrastructure providers necessary to run the service
  • When required by law

7. Your Rights (GDPR)

Applies to EU/EEA/UK residents.

  • Access — request a copy of your personal data
  • Rectification — request correction of inaccurate data
  • Erasure — request deletion ("right to be forgotten")
  • Portability — receive data in a machine-readable format
  • Restriction — limit processing of your data
  • Objection — object to processing
  • Withdraw consent at any time

Legal basis: consent (device connections), contract (service delivery), legitimate interests (security).

To exercise these rights: GitHub Issues.

8. Your Rights (CCPA/CPRA)

Applies to California residents.

  • Right to know what personal information we collect
  • Right to delete your personal information
  • Right to correct inaccurate information
  • Right to opt-out of sale of personal information
  • Right to non-discrimination

We do NOT sell your personal information.

We do not sell, rent, or share your data with third parties for advertising or monetary consideration.

To exercise your rights: GitHub Issues. Response time: within 45 days.

9. Data Retention

  • Active accounts: data retained while account is active
  • Deleted accounts: data removed within 30 days
  • Legal requirements may extend retention

10. Cookies

We use minimal, essential cookies only:

  • Authentication token (JWT in localStorage)
  • Cookie consent preference

No advertising or tracking cookies. See our Cookie Policy.

11. Children's Privacy

The Service is not intended for children under 16. We do not knowingly collect data from children.

12. Changes

We may update this policy. The "Last updated" date indicates the most recent revision.

13. Contact

Questions? GitHub Issues.

Terms of ServicePrivacy PolicyCookie PolicyHome