Effective 2026-07-14.1

Tonic ID Privacy Notice

This notice explains how the shared Tonic identity service handles personal information.

1. Controller and scope

Tonic Studios operates Tonic ID and is the controller of the identity-service information described here. Tonic Studios also operates participating apps as separate services. Each app publishes its own notice for app profiles and activity such as documents, listings, searches, comments, subscriptions, and purchases.

2. Information collected

  • account identifiers, username, display name, verified email, and optional profile image;
  • password hashes, verification status, provider account identifiers, encrypted provider tokens when needed, and linked sign-in methods;
  • sessions, client grants, consent versions, security events, approximate network information, and device or browser metadata;
  • support messages and account-management requests you submit.

3. Sources

Information comes from you, your browser or device, participating Tonic apps, and providers you choose such as Google or Apple. Apple may provide an email address only on the first authorization, so it is retained for future sign-in.

4. Uses and legal bases

We use information to create and authenticate accounts, link providers at your request, issue app-specific identity tokens, prevent abuse, maintain security, provide support, comply with law, and improve reliability. Depending on applicable law, these uses rely on contract performance, consent, legitimate interests in secure service operation, or legal obligations.

5. Sharing

Participating apps receive only claims approved through the authorization flow, such as an app-specific subject identifier, username, display name, verified email, profile image, and global administrator status when applicable. Apps do not receive your password or third-party provider tokens. Infrastructure, email, monitoring, and identity providers process limited information under their own terms and our service arrangements. We may disclose information when legally required or necessary to protect rights and safety.

6. Separate databases and identifiers

Tonic ID uses a dedicated identity database. Each app uses separate database credentials and stores its own local profile and activity. Pairwise identifiers prevent apps on different domains from automatically correlating the same user. A global administrator claim is shared only to enforce owner access across Tonic apps.

7. Retention and deletion

Identity records are kept while your account is active. Short-lived authorization codes expire within minutes; access tokens are short-lived; sessions and refresh tokens expire or can be revoked. Security records may be retained longer when reasonably needed to detect abuse, resolve disputes, or meet legal obligations. Deleting Tonic ID may prevent future app sign-in but does not automatically erase app profiles, content, or activity. Submit a separate request through each app's deletion path; each service applies its own disclosed retention duties.

8. Security

Controls include memory-hard password hashing, email verification, encrypted provider tokens, exact redirect allowlists, PKCE, signed state and nonce values, secure cookies, rate limits, least-privilege database credentials, input validation, audit logging with secret redaction, and restricted administrative roles. No system is completely secure.

9. Your choices and rights

You can review profile information and link or unlink supported providers without removing your last sign-in method. Contact us to request session or app-access revocation, correction, or Tonic ID deletion when a self-service control is not available. Depending on your location, you may also have rights to access, portability, restriction, objection, complaint, or appeal. We will verify requests before acting.

10. Children

Tonic ID is not directed to children under 13. We do not knowingly create identities for children under 13. If local law requires a higher age or parental consent, that requirement applies.

11. International processing and updates

Service providers may process information in other countries with protections required by applicable law. We may update this notice and will identify the effective version; material changes will be presented when renewed consent is required.

12. Contact

Privacy requests may be sent to TheTonicStudios@gmail.com. Do not send passwords, recovery links, provider tokens, or other authentication secrets.