Privacy Policy

Last updated: April 28, 2026

This Privacy Policy explains how TomatoCloud ("TomatoCloud", "we", "us", or "our") collects, uses, shares, retains, and protects information when you use our website, desktop app, mobile app, account system, subscription services, customer support, and related network services.

TomatoCloud is a network service. To provide connectivity, billing, security, support, and abuse prevention, our systems and service providers must process certain account, device, subscription, diagnostic, and network metadata.

1. Controller and Contact Mechanism

TomatoCloud is responsible for the privacy practices described in this policy. Privacy questions, account deletion requests, access requests, and correction requests can be submitted through the in-app support channel, the support channel shown on our website or in your account, or by replying to an official service email you received from TomatoCloud.

2. Information We Collect

Depending on how you use the service, we may collect the following categories of information:

Account information: email address, password authentication data, verification codes, account status, account balance, invitation or coupon information, and subscription entitlements.
Device and session information: device identifier, device binding information, session status, hostname, operating system, OS version, CPU architecture, approximate hardware class, app version, login time, logout time, and security audit events.
Subscription and payment information: selected plan, order records, payment method type, payment status, renewal status, transaction reference, invoice or receipt status, and related customer service records. Payment processors may collect payment details directly. We do not intentionally store full card numbers in our app systems.
Network service metadata: selected node or route, connection status, protocol metadata needed to route traffic, traffic totals, timestamps, source IP address, destination metadata that is technically necessary for routing and abuse prevention, subscription delivery logs, and node health or availability data.
Diagnostics and app settings: proxy mode, VPN/TUN status, local connectivity checks, DNS and IP-family capability checks, node test results, error states, app preferences, and diagnostic logs that are generated by the app or voluntarily sent to support.
Support information: messages you send to customer support, support conversation metadata, email address, device or account context attached to a support request, and any files or screenshots you choose to provide.
Website and security logs: IP address, user agent, request URL, timestamps, error logs, rate-limit events, and anti-abuse signals generated when you visit our website or use the control-plane API.

3. How We Use Information

We use information for the following purposes:

To create accounts, authenticate users, maintain sessions, and enforce device limits.
To provide subscriptions, node access, traffic accounting, renewal, payment, and customer support features.
To deliver proxy or VPN connectivity and route network traffic through the nodes selected by the service or by you.
To detect outages, improve connection stability, diagnose DNS or IP-family problems, and maintain app performance.
To prevent fraud, credential abuse, payment abuse, spam, attacks, excessive automated requests, and violations of our terms.
To send service messages such as verification codes, payment status, account notices, security notices, support replies, and important product updates.
To comply with legal obligations, enforce our terms, resolve disputes, and protect the rights, safety, and security of users, our service, and third parties.

4. Legal Bases for Processing

Where a legal basis is required, we process personal information under one or more of the following bases:

Contract: to create and operate your account, provide subscriptions, deliver connectivity, process payments, and provide customer support.
Legitimate interests: to secure the service, prevent abuse and fraud, maintain service reliability, debug outages, improve performance, and enforce our terms.
Consent: where we ask you to provide optional information, enable optional settings, or submit optional support materials.
Legal obligations: to comply with tax, accounting, payment, consumer protection, security, and lawful request obligations.

5. VPN, Proxy, and Traffic Data

Our network infrastructure must process traffic data to transmit packets, resolve routing decisions, apply subscription limits, measure bandwidth, prevent abuse, and keep the service available. We do not sell your browsing history, and we do not use the contents of your traffic for advertising.

We do not intentionally inspect the contents of encrypted traffic. However, network metadata can be visible to network infrastructure or service providers as part of normal routing, security, abuse prevention, troubleshooting, and billing operations. This may include IP addresses, ports, protocol information, timestamps, byte counts, node identifiers, and domain or destination metadata when such metadata is technically exposed by the protocol or required for service operation.

6. Cookies, Local Storage, and Local Device Data

We may use cookies, local storage, encrypted local files, system keychains, or app storage to keep you signed in, remember settings, protect device-bound sessions, store app preferences, and support security checks. Logging out of the app clears local session state where supported, but it does not automatically delete server-side records that we must retain for account, security, payment, or legal reasons.

7. How We Share Information

We may share information with the following categories of recipients:

Service providers: hosting providers, network infrastructure providers, email delivery providers, payment processors, customer support providers such as Crisp, app distribution or update providers, security tooling, and other vendors that help us operate the service.
Payment and fraud prevention partners: payment gateways, banks, processors, anti-fraud providers, and chargeback or dispute handling services.
Legal and safety recipients: courts, regulators, law enforcement, legal advisers, or other parties when disclosure is required by law or reasonably necessary to protect rights, safety, security, and service integrity.
Business transfer recipients: parties involved in a merger, acquisition, financing, restructuring, sale of assets, or similar transaction, subject to appropriate confidentiality and continuity protections.

We do not sell personal information or share it for cross-context behavioral advertising.

8. International Processing

We may process and store information in countries or regions different from where you live. Laws in those places may differ from the laws in your jurisdiction. When we use service providers in other jurisdictions, we take reasonable steps to require appropriate security and confidentiality protections.

9. Security

We use technical and organizational measures designed to protect information, including encrypted transport where supported, authenticated control-plane requests, local protected storage for sensitive session material, access controls, and monitoring for abuse or unauthorized access. No internet or storage system is completely secure, so we cannot guarantee absolute security.

10. Retention

We retain information for as long as reasonably necessary to provide the service, maintain subscriptions, comply with legal and accounting obligations, resolve disputes, prevent abuse, enforce agreements, and protect security. Retention periods vary by data type. For example, account and payment records may be retained for longer than transient diagnostic logs or connection health data.

11. Your Choices and Rights

Depending on your location, you may have rights to access, correct, delete, restrict, or object to certain processing of your personal information. You may also request a copy of certain account information. We may need to verify your account before fulfilling a request, and some information may be retained where required for security, legal, accounting, or anti-abuse purposes.

You can stop using the service at any time, log out of the app, change supported app settings, and contact support about account deletion or privacy requests.

12. Children's Privacy

Our service is not intended for children under 13 or for users below the minimum age required by local law. We do not knowingly collect personal information from children. If you believe a child has provided personal information to us, please contact us so we can take appropriate action.

13. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the "Last updated" date and may provide additional notice through the website, app, email, or other appropriate channels.

14. Contact Us

For privacy questions or requests, contact us through the in-app support channel, the support channel shown in your account, or by replying to an official service email you received from TomatoCloud.