Tonkeeper Privacy Policy
Branded single-file privacy page concept

Privacy,
by design.

This English-language policy layout is designed for a self-custody TON wallet branded as Tonkeeper. It combines a premium dark UI, inline logo treatment, smooth scroll animations, and a policy structure that is readable for users and easy to adapt for legal review.

Read policy Contact section
Wallet model Self-custody
Primary network TON
Document version March 2026 Draft
Core principles
No seed phrase collection
Users should never be asked to submit private keys, secret recovery phrases, or wallet credentials through this page.
Transparent blockchain context
Public wallet activity may remain visible on-chain even when the application itself minimizes personal data collection.
Minimal data philosophy
The policy is written around operational necessity, support, security, fraud prevention, and compliance.
Implementation note

This page is intentionally delivered as one self-contained HTML file with embedded CSS and JavaScript. The branding is represented through inline vector marks and a visual language inspired by Tonkeeper's public product styling.

Important draft notice

This page is a branded policy draft and UI concept. Before publishing it as a live legal document, the wording should be reviewed by qualified counsel and aligned with the wallet's actual data flows, analytics stack, support process, vendor relationships, and jurisdiction-specific requirements.

Section 01

Overview

This Privacy Policy explains how Tonkeeper-branded wallet services may collect, use, protect, and disclose information when users access the application, website, connected support channels, or related features. The goal of this document is to describe privacy practices in plain English while recognizing the technical realities of a self-custody blockchain wallet.

Because self-custody products are designed to place control in the hands of the user, privacy expectations differ from those of traditional financial platforms. Wallet addresses, blockchain events, and transaction metadata may be publicly observable on decentralized networks, even where the application itself seeks to minimize direct personal data collection.

Scope This policy covers application usage, support interactions, website visits, promotional communications, and security operations connected to the branded wallet experience.
Promise The service should be operated with a minimal-data approach, collecting only what is reasonably necessary for functionality, safety, support, legal compliance, and product improvement.
Section 02

Information We Collect

The categories of information that may be processed depend on how the wallet is used and how a user interacts with support, optional integrations, and device-level features.

  • Information provided directly by you. This may include your name, email address, Telegram handle, phone number, or message content when you contact support, join a beta program, request help, or submit feedback.
  • Technical and device data. This may include IP address, app version, operating system, device model, language settings, browser type, crash diagnostics, timestamps, and approximate geolocation inferred from network information where needed for security or abuse prevention.
  • Wallet and blockchain-related information. Public wallet addresses, token balances visible on-chain, transaction hashes, timestamps, and network activity may be processed to display wallet functionality and assist with transaction-related troubleshooting.
  • Usage analytics. Product interaction signals such as screen views, button taps, feature adoption, referral source, retention events, and aggregated diagnostics may be used to understand performance and improve the product.
  • Sensitive wallet credentials. The policy should clearly state that private keys, mnemonic phrases, and secret recovery data are not requested through ordinary support or policy interfaces and must remain under user control.
Section 03

How We Use Information

Information may be used to operate the wallet, secure the service, respond to user requests, understand product performance, comply with law, and communicate important updates. Processing should always be limited to purposes that are legitimate, proportionate, and consistent with the wallet's privacy commitments.

Service delivery To provide app functionality, help users connect to supported networks, surface transaction status, and enable customer support workflows.
Security and fraud prevention To detect suspicious activity, protect infrastructure, investigate abuse, and reduce the risk of scams, account compromise, or malicious automation.
Product improvement To analyze usage trends, fix bugs, improve performance, prioritize features, and understand how people navigate the wallet experience.
Communications To send technical notices, policy updates, support replies, release information, and optional promotional messages where permitted by law.
Section 04

Sharing and Disclosure

Information should not be sold as user identity inventory. It may, however, be disclosed in limited situations that are necessary to run the service responsibly and lawfully.

  • Service providers. Hosting vendors, analytics tools, crash-reporting platforms, customer support providers, anti-abuse systems, auditors, and professional advisers may process information under appropriate contractual restrictions.
  • Affiliates and corporate transactions. Information may be transferred in connection with internal operations, restructuring, financing, merger, acquisition, insolvency, or sale of assets, subject to applicable safeguards.
  • Legal requests and protection. Disclosure may occur where reasonably necessary to comply with law, respond to lawful process, protect users, investigate fraud, or enforce platform terms and security standards.
  • User-directed sharing. Where a user connects external services, authorizes a transfer, or initiates an integration, relevant information may be shared with the selected third party under that provider's own privacy terms.

Where international transfers are involved, appropriate legal mechanisms and operational safeguards should be used to protect transferred information in line with applicable privacy frameworks.

Section 05

Retention and Security

Information should be retained only for as long as reasonably necessary for the purpose for which it was collected, including support handling, security monitoring, compliance, dispute resolution, and legitimate internal recordkeeping. Retention periods may vary by data category and legal obligations.

Administrative, technical, and organizational safeguards should be used to protect data against unauthorized access, destruction, alteration, misuse, or disclosure. Even so, no internet-connected service can guarantee absolute security, and users remain responsible for protecting their own devices, backups, and wallet credentials.

User responsibility Keep seed phrases offline, update applications promptly, use secure devices, and stay alert to phishing attempts impersonating support or recovery flows.
Operational security Security controls may include logging, access controls, vendor review, encryption in transit, incident response, and environment hardening.
Section 06

Your Rights

Depending on the laws that apply to you, you may have rights relating to your personal information. These rights may include access, correction, deletion, restriction, objection, portability, withdrawal of consent, and the ability to lodge a complaint with a supervisory authority.

  • Request access to the information associated with you.
  • Ask for inaccurate or outdated information to be corrected.
  • Request deletion where retention is no longer necessary or legally required.
  • Object to certain processing based on legitimate interests.
  • Opt out of non-essential promotional communications.
  • Request information about international data transfers and applicable safeguards.

Some requests may be limited where the service cannot reasonably verify identity, where blockchain records are inherently public and immutable, or where legal and security obligations require continued retention.

Section 07

Third-Party Services

The wallet may link to external websites, decentralized applications, token services, on-ramp providers, analytics platforms, support channels, or other infrastructure not owned or operated by the publisher of this policy page. Those third parties may have different privacy and security practices.

Users should review the privacy notices, risk disclosures, and security expectations of any connected provider before sharing information, authorizing transactions, or interacting with external APIs and smart-contract systems.

Section 08

Policy Changes

This Privacy Policy may be updated from time to time to reflect product changes, legal developments, operational needs, or improvements in privacy practice. When updates are material, the wallet may update the effective date, publish the revised version through official channels, or provide additional notice where appropriate.

Continued use of the service after a revised version becomes effective may indicate acceptance of the updated policy to the extent permitted by law.

Section 09

Contact

To adapt this page for production, replace the sample contact details below with the official privacy or support channel approved for Tonkeeper-related inquiries.

privacy@tonkeeper.example Response goal: 30 days

If you decide to use this file publicly, review the final policy text alongside your terms of use, support macros, analytics vendors, cookie or SDK disclosures, and any region-specific privacy addenda.