Data that Tonic collects
Tonic collects some analytic, customer, and debugging data from the Tonic application. The following information provides more detail about the types of data that Tonic does and does not collect.
Most customers self-host the Tonic application in their own VPC. Customer data does not leave the customer's environment. The Tonic application does transmit some telemetry data to Tonic to enable us to perform the following tasks:
- Manage our accounts
- Accurately invoice for usage
- Provide customer support
- Investigate errors within our application
- Understand usage to improve product development
Tonic collects data about end-user interactions with our application to understand how the application is used. We use this data for product research, roadmap development, debugging, and account management.
Tonic collects the following data for analytics:
- End-user identity
- Email address
- End-user interaction with the Tonic application:
- Last seen
- First seen
- Usage time
- Total sessions
- Total number of events initiated. Events can include jobs, configuration updates, downloads, database views, and interactions with the workspace.
- Application environment
- Database type
- Features enabled
- Application version
- License tier
- Location - derived from GeoIP
- Country
- City
- Region (state, province, county)
- Designated market area (DMA)
- Language
- Browser used to access the application
- Platform (iOS, Android, Web)
- Operating system
- Device family (iPhone, Samsung Galaxy, Windows)
- Device type (iPhone 13, MacBook Pro)
- Carrier (AT&T, Verizon)
- Network and technical identifiers
- IP address
- Unique device identifier
Self-hosted deployments of the Tonic application can disable analytics collection. However, disabling analytics collection might affect our staff’s ability to provide technical support.
To build and deploy software, Tonic uses a container registry that is run by Quay.io. This container registry maintains information about access to these containers.
The registry maintains a list of authorized users (organizational accounts). It maintains, collects, and stores the following information:
- Network and technical identifiers
- IP address
- Unique device identifier
- Operating system
Tonic collects, processes, and stores information about end users: When they interact with our customer support and success staff during account implementation (scoping sessions, implementation calls). Throughout the life of the account, during customer support interactions (support emails, shared Slack channels).
Tonic uses several tools to allow our customers to get the support they need quickly, including:
- Chat support
- Video training and implementation calls over web conferencing solutions
- Email support
We aggregate requests from these tools into our Customer Management System (CMS) and our centralized customer support management portal. Aggregating these requests helps us to ensure responsiveness and quality, and to more easily integrate requests into our development process.
We collect the following information related to customer requests:
- End-user identity
- First and last name
- Email address
- Title
- Avatar image
- Images, video, or audio from participating in live training over a video or audio conference
- Other personal information that the service provider collects and shares. For example, Google Mail collects voluntary directory information that it shares with email recipients. For an email interaction, Tonic receives any information that is configured to be shared externally. Slack has configurable profiles that contain additional personal information such as pronouns and honorifics.
- Network and technical identifiers
- IP address
- Unique device identifier
This data is collected from your organization and users through communication with our staff. The Tonic application does not collect this data.
Tonic engineers monitor the application performance and errors. They use this information to maintain, repair, and improve the application.
For these purposes, Tonic collects the following information:
- End-user identity
- First and last name
- Email address
- Environment details
- Name
- Application version
- Requests made by the application
- URLs
- Header information
- HTTP POST parameters
URL query parameters in exception messages are redacted when they are captured. The capturing agent replaces them with"". They are never sent to Tonic. - Stack traces and exceptions
- Method arguments
- Classes called
- Processing time
- CPU usage
- Location of error (application, file, and line)
- Database queries
- Database
- Database table and names
- Relationships between columns and tables
WHEREclause literals are redacted when they are captured. The capturing agent replaces them with"". They are never sent to Tonic. - Network and technical identifiers
- IP address
- Hostname
- Unique device identifier
- Operating system logs
Self-hosted deployments of the Tonic application can disable debugging, log sharing, and application performance data collection. However, disabling this data collection has a significant impact on our ability to provide technical support.
Customers who do not self-host Tonic can use Tonic’s hosted option, Tonic Cloud.
Tonic Cloud collects, processes, and stores data to support the Tonic application.
Tonic Cloud stores information about end users, configuration, hashed passwords, and datastore connections.
Tonic Cloud does not store data from source databases. It does process customer data in memory during scans and jobs.
Tonic Cloud collects the following customer data:
- End-user identity
- First and last name
- Email address
- Job title
- Avatar image
- Application environment
- Database type
- Features enabled
- Application version being run
- License tier
- Location - Derived from the GeoIP
- Country
- City
- Region (state, province, county)
- Designated market area (DMA)
- Language
- Browser used to access the application
- Platform (iOS, Android, Web)
- Operating system
- Device family (iPhone, Samsung Galaxy, Windows)
- Device type (iPhone 13, MacBook Pro)
- Carrier (AT&T, Verizon)
- Network and technical identifiers
- IP address
- Unique device identifier
- Datastore credentials
- URI or IP address of the datastore
- Credentials (password)
- Proxy information
Organizations in our hosted environment may also have additional analytics data collected, processed, and stored. This additional data allows Tonic to replay their user sessions to better understand usage patterns.
Sensitive data is redacted from these collections on the end-user device.
This data is not collected from self-hosted customers.
Tonic Cloud collects the following additional analytics data:
- Usage patterns
- Clicks
- Mouse movements
- Scrolling
- Typing - Excludes data that is typed in sensitive fields such as password fields
- Navigation
- Pages visited
- Referrers
- URL parameters
- Session duration
Many customers self-host the Tonic application within their own environment to enforce their own security, tenancy, and data protection requirements.
However, for self-hosted instances, Tonic never sees the following data:
- Customer data
- The content of source, destination, and application databases that support the Tonic application
- Datastore credentials
- URI or IP address of the datastore
- Credentials (password)
- Proxy information