Privacy Policy

Effective date: April 19, 2026

This Privacy Policy describes how Emissare, Inc. ("we", "us") receives, uses, and discloses information when you use Tunnls (the "Service").

1. Information We Handle

Information you provide as an Operator

• Account information: email address and password (hashed), or a Google OAuth identifier if you sign in with Google.
• Billing information: handled by our payment processor Stripe. We receive a Stripe customer identifier and subscription status; we do not receive or store your payment card number.
• Team membership: if you create or join a team, we record which billing account you are a member of.
• Session metadata: when you conduct a session, we record the room code, start and end timestamps, and which Operator the session belongs to.

Information about Visitors

When a Visitor joins a session, we record the room code they used and connection timestamps. Field values that the Visitor submits to the Operator during a session are end-to-end encrypted between the Visitor and Operator browsers using keys that never reach our servers; we cannot read these values even if compelled.

Information generated automatically

• Log data: IP address, user agent, timestamps, and request paths for operational and security purposes (e.g. rate limiting, abuse investigation).
• Error reports: when the Service encounters an error we report it to Sentry for debugging. Because Visitor field values are end-to-end encrypted in the browser, error reports cannot contain their plaintext.
• Cookies: we use a session cookie to keep you signed in and a CSRF token cookie to protect form submissions. We do not use advertising or analytics cookies.

2. How We Use Information

• To provide, maintain, and improve the Service.
• To authenticate you and keep your account secure.
• To process payments and manage subscriptions.
• To send transactional emails (email verification, password reset, and team invitations).
• To enforce our Terms of Service, investigate abuse, and comply with legal obligations.

3. Legal Bases (EEA/UK Users)

Where the EU or UK General Data Protection Regulation applies, we rely on the following legal bases:

• Performance of a contract to provide the Service to you (Art. 6(1)(b)).
• Legitimate interests to secure and improve the Service and prevent abuse (Art. 6(1)(f)).
• Legal obligation to retain certain records (Art. 6(1)(c)).

4. Sharing and Sub-processors

We share information with the following sub-processors, each of which acts on our instructions:

• Fly.io — application hosting.
• Google Cloud — database hosting (Cloud SQL), and OAuth authentication (if you choose to sign in with Google).
• Stripe — payment processing.
• Resend — transactional email delivery.
• Cloudflare — bot protection on the signup form (Turnstile).
• Sentry — error tracking.

We do not sell personal information, and we do not share it with advertisers or data brokers.

5. End-to-End Encryption

Field values submitted by a Visitor during a session are encrypted in the Visitor's browser using a session key derived by Elliptic Curve Diffie-Hellman (ECDH P-256) key agreement between the Visitor and Operator, verified out-of-band via a short authentication string. The encrypted payloads (ciphertext, IV, associated data) are what our servers relay. This means field plaintext is not accessible to us, to our sub-processors, or to anyone who compromises our database.

6. Data Retention

• Account data is retained while your account is active. On account deletion we delete operator records immediately, subject to limited retention of billing records required by tax law.
• Session metadata is retained for up to 12 months for operator history and billing audit, then deleted.
• Operational logs are retained by our hosting provider according to their default policy.
• Try preview records — if you use our anonymous "Try" preview, we briefly retain a hashed, non-reversible derivative of your IP address for up to 30 days to prevent abuse of the preview. This record is deleted automatically and is never connected to an account or stored alongside session contents.

7. Your Rights

Depending on your jurisdiction, you may have the right to access, correct, delete, or receive a copy of your personal information, to object to or restrict certain processing, and to withdraw consent. You may exercise most of these rights directly from your account settings; for any request our self-service UI does not cover, contact us at legal@tunnls.com.

EEA/UK users have the right to lodge a complaint with their local data protection authority. California users have additional rights under the CCPA/CPRA, including the right not to be discriminated against for exercising those rights.

8. Children

The Service is not directed to children under 16 and we do not knowingly receive or retain personal information from them. If you believe a child has submitted personal information through the Service, please contact us and we will delete it.

9. Security

We use HTTPS for all traffic, store passwords as salted bcrypt hashes, rate-limit sensitive endpoints, and end-to-end encrypt session field values. No security measure is perfect; if you believe you have found a vulnerability, please report it to support@tunnls.com.

10. International Transfers

The Service is operated from the United States and its infrastructure is hosted in the United States by Fly.io. If you access the Service from outside the United States, your information is transferred to and processed in the United States.

11. Changes

We may update this Privacy Policy from time to time. Material changes will be announced via email or in-app notice at least 14 days before taking effect. The "Effective date" above will reflect the most recent revision.

12. Contact

Questions about this Privacy Policy or about your personal information: legal@tunnls.com