Privacy Policy & Terms of Use
Last updated: April 2026
01 Introduction
ToonWebToken is an open-source project focused on modern authentication tokens with a post-quantum-ready path. This Privacy Policy explains how we collect, use, and protect your personal data when you use our contact form to contribute to the project. We are committed to protecting your privacy and complying with the GDPR and other applicable data protection laws.
02 Data controller
The data controller responsible for your personal data is the ToonWebToken Project. You can reach us at contact@toonwebtoken.org or via the GitLab repository at gitlab.com/toontoolbox/toonwebtoken.
03 Data we collect
When you submit our contact form, we collect: your name (to personalize replies), your email address (to reply), your subject and message (to categorize and answer your contribution), technical metadata (IP address, timestamp) for security purposes, and a Cloudflare Turnstile verification token for spam protection.
04 Purpose and legal basis
We process this data to respond to your contribution proposals, questions, or feedback (Art. 6(1)(a) consent), to facilitate your contribution to the project (Art. 6(1)(f) legitimate interests), and to prevent spam, fraud, and abuse of our contact form (Art. 6(1)(f) legitimate interests).
05 Data retention
Active correspondence is kept until the matter is resolved. Archived emails may be retained up to 3 years for legitimate business interests. Security logs are kept up to 90 days. After these periods, data is permanently deleted or anonymized.
06 Data sharing and third parties
We do not sell your personal data. We may share data with Cloudflare Turnstile (spam protection — see Cloudflare's privacy policy), with our email service provider for delivery, and with GitLab if your contribution leads to public collaboration on the repository. We will never share your data with third parties for marketing purposes.
07 Your GDPR rights
You have the right of access, rectification, erasure, restriction of processing, data portability, objection to processing, withdrawal of consent at any time, and the right to lodge a complaint with your data protection authority. To exercise any of these rights, write to contact@toonwebtoken.org.
08 Data security
We use HTTPS/TLS for transmission, restrict access to authorized personnel only, run regular security audits, sanitize and validate all inputs, and maintain incident-response procedures for data-breach notification. The token tools on this site run entirely in your browser — no token data is ever transmitted to any server.
09 Cookies and tracking
This site uses one technical cookie to remember that you dismissed the cookie banner. We do not use analytics or advertising cookies. The Cloudflare Turnstile widget on the contact form sets its own cookies for anti-spam (see Cloudflare's policy).
10 Changes to this policy
We may update this Privacy Policy from time to time. The "last updated" date above reflects the most recent change. Substantial changes will be highlighted on the contact page.