Skip to main content

Privacy Policy

Last Updated: April 28, 2026

1. Introduction

Welcome to Toran ("we," "our," or "us"), available at toranhq.com. We respect your privacy and are committed to protecting your personal data. This privacy policy explains how we collect, use, and share information about you when you use our website and services.

2. Data Controller vs. Data Processor

  • For our Direct Users (You): We act as the Data Controller for your account information (name, email, billing details).
  • For Your End-Users (Your Customers): When you use Toran widgets to interact with your visitors, we act as a Data Processor. You retain full ownership and control over your end-users' data.

3. Data We Collect

We collect the following categories of data:

  • Account Data: Name, email address, password hash, and billing history.
  • Usage Data: IP address, browser type, device type, and referring URLs.
  • Geo-Localization Data: Country of origin derived from IP address for regional pricing.
  • Widget Click Data: Anonymous metadata (click count, device type, country code).
  • AI Chat Conversation Data: Visitor messages and AI responses (temporarily stored for quality review).
  • Knowledge Base Data: Business content provided via the Toran Brain feature.

4. Trusted Third-Party Service Providers

We do not sell your data. We share data only with trusted providers required to run our Service:

  • Cloudflare: Hosting & Security (US, global edge)
  • Supabase: Database & Auth (US)
  • Paddle: Payments & Tax (UK / US)
  • Resend: Transactional Email (US)
  • Sentry: Error Monitoring (US — PII redacted client-side before transmission)
  • Slack: Owner Notifications (US — only when configured)
  • Google (Gemini): AI Inference (US)
  • IPinfo: IP Geolocation Lookup (US)
  • Telegram: Owner Notifications (Global — only when configured)

For the authoritative current list with transfer mechanisms and locations, see our Sub-processors page.

Each sub-processor is bound by a Data Processing Agreement. We provide at least 30 days' prior written notice before engaging a new sub-processor that processes your data.

5. Data Retention

Account Data — 7-Day Deletion Cooldown

We retain your account, widget configuration, and notification settings for as long as your account is active. When you request deletion, we apply a 7-day cooldown before irreversible erasure proceeds:

  1. Immediately at request time, your widget is disabled and stops processing visitor data.
  2. For 7 days, you can cancel from the dashboard, the cancel link in our confirmation email, or the cancel landing page. Email, password, and MFA changes are blocked during this window to keep your cancel route safe if your credentials were compromised.
  3. After 7 days, your data is permanently and irreversibly erased from our active systems within 24 hours.

The 7-day cooldown is a security measure protecting you from account-takeover. If you require immediate erasure for a documented legal reason, contact privacy@toranhq.com with the supporting documentation. Operational backups (point-in-time recovery, 7–30 days) are retained for disaster recovery only and are never restored as a recovery mechanism for individual user data after erasure. Payment and invoice records held by our Merchant of Record (Paddle) may be retained by Paddle under their own legal obligation for tax and AML compliance for up to 10 years — please contact Paddle directly to exercise rights against those records.

AI Chat Conversation Data

Raw message content is retained for 30 days and then automatically and permanently deleted. Session metadata is retained for 90 days.

6. Security

We use industry-standard encryption (SSL/TLS) for data in transit and rely on Supabase's AES-256 encryption for data at rest. We enforce Multi-Factor Authentication (MFA) for all administrative access. Full technical & organizational measures are documented at the Trust Center.

7. Regulated data & what Toran is not built for

Not HIPAA-eligible. Toran is not configured to handle Protected Health Information (PHI). If you operate a medical practice or healthcare service, do not configure your widget to elicit diagnoses, treatment details, or other PHI from visitors. Use Toran for contact intent only ("book an appointment", "request a callback") and route the medical conversation through your own HIPAA-compliant stack. We are not in a position to sign a Business Associate Agreement (BAA) at this time.

Toran is also not built to receive payment-card data (no PCI scope), government identifiers as a primary input, or content moderated under specific regulated regimes (KYC / AML). If your use case touches any of those, contact trust@toranhq.com before deploying — there is usually a routing pattern that keeps Toran out of the regulated data flow entirely.

8. India DPDP Act & Grievance Officer

For Data Principals under the Indian Digital Personal Data Protection Act 2023, the following rights apply: access (§11), correction & erasure (§12), grievance redressal (§13), and nomination (§14). You may exercise these rights by emailing privacy@toranhq.com.

Grievance Officer (DPDP §13(3)): Erez Avital. Reachable at privacy@toranhq.com with subject line "DPDP grievance" — response within 7 business days, action within 30 days for most requests. Cross-border transfer of personal data is permitted under DPDP §16 (no transfer-blacklist has been published as of this writing).

9. Trust Center & data-processing agreements

For procurement and security questions — encryption details, sub-processor list, DPA signing, breach-response SLA, certifications & roadmap — see the Trust Center and the public Data Processing Agreement / Sub-processor list.

10. Contact Us

If you have any questions about this Privacy Policy, please contact us at privacy@toranhq.com. For trust & security topics, use trust@toranhq.com. For vulnerability disclosure, use security@toranhq.com.