Privacy Policy
Last updated: 25 March 2026
1. Data controller
The data controller for Tone API is:
Use of the Service is also governed by our Terms of Service.
2. What data we collect and why
| Data | Purpose | Legal basis |
|---|---|---|
| Email address | Account creation, login, password resets, purchase receipts | Contract performance (Art. 6(1)(b)) |
| Password | Authentication (stored as bcrypt hash, never in plaintext) | Contract performance (Art. 6(1)(b)) |
| API usage logs (endpoint, timestamp, status code) | Rate limiting, credit tracking, abuse prevention | Legitimate interest (Art. 6(1)(f)) |
| Text submitted to API endpoints | Processed by Google Gemini AI to provide tone analysis, rewriting, and emotion detection | Contract performance (Art. 6(1)(b)) |
| Stripe customer ID & payment metadata | Payment processing and credit provisioning | Contract performance (Art. 6(1)(b)) |
| IP address | Rate limiting (held in memory only, not persisted) | Legitimate interest (Art. 6(1)(f)) |
3. Third-party data processors
We share personal data with the following third parties, each acting as a data processor on our behalf:
Google (Gemini API)
Text you submit to our API endpoints is sent to Google's Gemini AI model for analysis. Google processes this data under their Data Processing Addendum. Data may be processed on servers outside the EU/EEA, covered by EU Standard Contractual Clauses.
Stripe
Payment processing. Stripe receives your email and payment details. See Stripe's Privacy Policy.
Resend
Transactional email delivery (password resets). Receives your email address. See Resend's Privacy Policy.
4. Text data and AI processing
When you use our API endpoints (/analyze, /detect-emotion, /rewrite, /compare, /reply), the text you submit is sent to Google Gemini for processing. We do not store the text you submit after the response is returned. However, Google may retain data in accordance with their own policies.
Important: Do not submit text containing sensitive personal data (e.g. health information, racial or ethnic origin, political opinions) unless you have a lawful basis under GDPR Article 9 to do so.
5. Data retention
Account data (email, password hash, API key): retained until you delete your account.
Usage logs (endpoint, timestamp, status): automatically deleted after 90 days.
Password reset tokens: expire after 1 hour and are deleted periodically.
Submitted text: not stored by Tone API after the response is returned.
7. Your rights under GDPR
As a data subject, you have the following rights:
- Right of access (Art. 15) — You can export all your data from the dashboard.
- Right to rectification (Art. 16) — Contact us to correct inaccurate data.
- Right to erasure (Art. 17) — Delete your account from the dashboard. This removes all your data including usage logs.
- Right to data portability (Art. 20) — You can export your data as JSON from the dashboard.
- Right to restriction of processing (Art. 18) — Contact us to request restriction.
- Right to object (Art. 21) — Contact us to object to processing based on legitimate interest.
To exercise any of these rights, email us at [email protected].
8. Right to lodge a complaint
If you believe your data protection rights have been violated, you have the right to lodge a complaint with the Danish Data Protection Agency (Datatilsynet):
Datatilsynet
Carl Jacobsens Vej 35
2500 Valby, Denmark
Phone: +45 33 19 32 00
Email: [email protected]
Website: datatilsynet.dk
9. Security measures
- Passwords hashed with bcrypt
- API keys encrypted at rest with AES-256
- All traffic encrypted with TLS/HTTPS
- HSTS, CSRF protection, and security headers enabled
- Rate limiting on authentication endpoints
10. Changes to this policy
We may update this privacy policy from time to time. The "last updated" date at the top of this page reflects the most recent revision. Continued use of the service after changes constitutes acceptance of the updated policy.