Privacy Policy

Data Collection Practices

TOMMY does not maintain marketing lists, require marketing opt-ins, or operate analytics or behavioral-usage databases. The only data we store on our servers is the minimal, non-personal information required to enforce your license, such as your license key, a machine identifier, the number of active zones, and the timestamps of license checks. This data is used solely for license activation and validation, never for marketing or profiling. Additional data may be collected by our third-party service providers, Paddle and Keygen, as described below.

Third-Party Service Providers

Paddle Inc.

Purchase transactions are processed by Paddle Inc., our payment processor and reseller. Paddle collects minimal user information necessary to complete transactions. For comprehensive details about Paddle's data collection and privacy practices, please review Paddle's Privacy Policy.

Keygen LLC

License management and activation services are provided by Keygen LLC. Keygen stores only your email address as personally identifiable information. To understand how Keygen handles your data, please consult their privacy policy at https://keygen.sh/privacy/.

Network Communication

TOMMY runs locally on your network. All sensing and processing happen on your hardware. The TOMMY server needs an active internet connection to communicate with the license server. Your flashed devices do not need internet access, unless you enable the optional Online Coordination feature. External network communication is limited to the following:

License activation and validation

The TOMMY server requires an active internet connection for license activation and periodic verification. The server communicates with https://activation.tommysense.com in the following scenarios. Only the non-personal fields listed below are transmitted; no personal information is collected or transmitted.

During activation (when you activate or add a license key):

License key: The license key you are activating
Existing license key: The license key already on this device, if any (used for consolidation)
Machine fingerprint: A non-personal per-machine identifier used to bind the license to your device
App version: The version of TOMMY you are running

On application start (when TOMMY starts up):

Machine fingerprint: A non-personal per-machine identifier
License key: Your license key
App version: The version of TOMMY you are running
Active zones: The number of zones currently in use

Heartbeat (periodically while the application is running):

Machine ID: The non-personal machine identifier assigned by the activation server when your device was registered
License key: Your license key
App version: The version of TOMMY you are running
Active zones: The number of zones currently in use

Online Coordination (optional)

Online Coordination is an optional device-discovery feature that helps your devices find your TOMMY server. When enabled, both the TOMMY server and your devices communicate with a coordination server at https://coordination.tommysense.com to find each other's local IP addresses and then establish direct local connections. Only the metadata listed below is transmitted.

From the TOMMY server (registers so devices can find it):

Pairing code: The code that links your devices to your server
Device ID: A fixed identifier (device-runtime)
Role: server
Local addresses: The server's local network IP address(es) and port, used to establish a direct connection

From each device (registers and looks up the server):

Pairing code: The code that links the device to your server
Device ID: A non-personal identifier derived from the device's hardware MAC address (e.g. esp32-<mac>)
Role: device
Local addresses: The device's local network IP address and port

The coordination server uses this metadata only to pair your devices and server and to help them establish direct connections. No sensing data is transmitted.

All other operations occur locally on your network without external data transmission.