Last updated: 2026-05-11

Privacy policy

This Privacy Policy regulates how the AutoTool service (the “Service”) collects, uses and protects information transmitted by users while using the website, the launcher, the client and any related support channels (including the Telegram support contact).

1. General provisions

1.1. This Privacy Policy (the “Policy”) governs the order in which the Service processes and protects information that the User transmits while using the Service.

1.2. By using the Service, the User confirms acceptance of this Policy. If the User does not agree with the Policy, they are required to stop using the Service.

1.3. The Service does not require passport data, photographs, identification numbers or other excessive personal information beyond the minimum necessary for the Service to operate.

2. Information collected

2.1. The Service may collect the following data:

  • Account identifiers. Username of your choice (3–32 characters) and password. Passwords are stored as Argon2 hashes — the plaintext password never leaves your device. AutoTool deliberately does not collect an email address.
  • License data. License keys you redeem, the bound device identifier and the history of device-binding resets.
  • Technical data. IP address, browser / launcher User-Agent, device and operating system metadata, and login timestamps used for rate-limiting and abuse prevention.
  • Interaction history. Audit-log entries for security-relevant actions (sign-in, key redemption, device-binding reset, password change, support escalations).
  • Device identifier. A salted SHA-256 hash derived from stable hardware properties of your device. Only the hash leaves your device — the original properties cannot be reconstructed from it. Used solely to bind a license to one device and to detect license sharing.
  • Payment metadata. Order ID and payment status returned by our payment processor (Platega.io). Card data, bank-account data and any other payment-instrument data are handled exclusively by the payment processor; the Service does not receive or store them.

3. Use of information

3.1. The Service may use the collected information solely for the following purposes:

  • operation of the Service’s functionality (authentication, license validation, launcher updates, client delivery);
  • communication with the User, including service notifications, support replies via email or Telegram, and security alerts;
  • analysis and improvement of the Service’s reliability and security;
  • compliance with applicable legal obligations and lawful requests by competent authorities.

4. Transfer of information to third parties

4.1. The Service does not transfer collected data to third parties, except in the following cases:

  • where transfer is required by applicable law;
  • where transfer is necessary to fulfil obligations to the User — in particular, to process payments and refunds via our payment provider Platega.io and the underlying acquiring banks and card networks;
  • where the User has expressly consented to the transfer.

5. Storage and protection of data

5.1. Data is stored for the period necessary to achieve the purposes described in section 3, after which it is deleted or anonymised. Account data is retained for as long as the account exists; once you delete your account from the dashboard, we permanently remove the associated data within 30 days, except where retention is required by law (e.g. payment receipts).

5.2. Authentication tokens are stored in the browser’s localStorage on your device so that sign-in persists between visits. The Service does not use third-party analytics or advertising cookies.

5.3. The Administration applies reasonable technical and organisational measures to protect the data, but cannot guarantee absolute security of information transmitted over the internet.

6. Disclaimer of liability

6.1. The User acknowledges and agrees that the transmission of information over the internet always carries inherent risk.

6.2. The Administration is not liable for the loss, theft or disclosure of data caused by the actions of third parties or by the User themselves (including weak passwords, sharing of credentials, malware on the User’s device, or insecure networks).

7. Changes to this Policy

7.1. The Administration may amend this Policy. The current version is always published at this URL.

7.2. Continued use of the Service after changes are published constitutes acceptance of the updated Policy.

8. Account recovery

8.1. Because the Service does not store an email address, automated password recovery is not available. If you lose access to your account, write to support@autotool.dev from any address, or message us in Telegram. We will verify your identity manually using your purchase order ID and your device identifier, and reset access where possible.

Privacy policy · AutoTool