Data that Tonic.ai collects

Tonic.ai collects some analytic, customer, and debugging data from the Tonic Structural application. The following information provides more detail about the types of data that Tonic.ai does and does not collect.

Tonic.ai uses Amplitude for telemetry.

Structural telemetry data collection

Most customers self-host the Structural application in their own VPC. Customer data does not leave the customer's environment.

The Structural application does transmit some telemetry data to Tonic.ai to enable us to perform the following tasks:

Manage our accounts
Accurately invoice for usage
Provide customer support
Investigate errors within our application
Understand usage to improve product development

Analytics

Tonic.ai collects data about end-user interactions with our application to understand how the application is used. We use this data for product research, roadmap development, debugging, and account management.

Tonic.ai collects the following data for analytics:

End-user identity
- Email address
End-user interaction with the Tonic application:
- Last seen
- First seen
- Usage time
- Total sessions
- Total number of events initiated. Events can include jobs, configuration updates, downloads, database views, and interactions with the workspace.
Application environment
- Database type
- Features enabled
- Application version
- License tier
Location - derived from GeoIP
- Country
- City
- Region (state, province, county)
- Designated market area (DMA)
Language
Browser used to access the application
- Platform (iOS, Android, Web)
- Operating system
- Device family (iPhone, Samsung Galaxy, Windows)
- Device type (iPhone 13, MacBook Pro)
- Carrier (AT&T, Verizon)
Network and technical identifiers
- IP address
- Unique device identifier

Application delivery

To build and deploy software, Tonic.ai uses a container registry that is run by Quay.io. This container registry maintains information about access to these containers.

The registry maintains a list of authorized users (organizational accounts). It maintains, collects, and stores the following information:

Network and technical identifiers
- IP address
- Unique device identifier
- Operating system

Customer support and account management

Tonic.ai collects, processes, and stores information about end users:

When they interact with our customer support and success staff during account implementation (scoping sessions, implementation calls).
Throughout the life of the account, during customer support interactions (support emails, shared Slack channels).

Tonic.ai uses several tools to allow our customers to get the support they need quickly, including:

Chat support
Video training and implementation calls over web conferencing solutions
Email support

We aggregate requests from these tools into our Customer Management System (CMS) and our centralized customer support management portal. Aggregating these requests helps us to ensure responsiveness and quality, and to more easily integrate requests into our development process.

We collect the following information related to customer requests:

End-user identity
- First and last name
- Email address
- Title
- Avatar image
- Images, video, or audio from participating in live training over a video or audio conference
- Other personal information that the service provider collects and shares. For example, Google Mail collects voluntary directory information that it shares with email recipients. For an email interaction, Tonic.ai receives any information that is configured to be shared externally. Slack has configurable profiles that contain additional personal information such as pronouns and honorifics.
Network and technical identifiers
- IP address
- Unique device identifier

This data is collected from your organization and users through communication with our staff. The Structural application does not collect this data.

Debugging and application performance management

Tonic.ai engineers monitor the application performance and errors. They use this information to maintain, repair, and improve the application.

For these purposes, Tonic.ai collects the following information:

End-user identity
- First and last name
- Email address
Environment details
- Name
- Application version
Requests made by the application
- URLs
- Header information
- HTTP POST parameters
URL query parameters in exception messages are redacted when they are captured. The capturing agent replaces them with "". They are never sent to Tonic.ai.
Stack traces and exceptions
- Method arguments
- Classes called
- Processing time
- CPU usage
Location of error (application, file, and line)
- Database queries
- Database
- Database table and names
- Relationships between columns and tables
WHERE clause literals are redacted when they are captured. The capturing agent replaces them with "". They are never sent to Tonic.ai.
Network and technical identifiers
- IP address
- Hostname
- Unique device identifier
Operating system logs

Structural Cloud telemetry collection

Customers who do not self-host Structural can use the hosted option, Structural Cloud.

Structural Cloud collects, processes, and stores data to support the Structural application.

Structural Cloud stores information about end users, configuration, hashed passwords, and datastore connections.

Customer data

Structural Cloud does not store data from source databases. It does process customer data in memory during scans and jobs.

Structural Cloud collects the following customer data:

End-user identity
- First and last name
- Email address
- Job title
- Avatar image
Application environment
- Database type
- Features enabled
- Application version being run
- License tier
Location - Derived from the GeoIP
- Country
- City
- Region (state, province, county)
- Designated market area (DMA)
Language
Browser used to access the application
- Platform (iOS, Android, Web)
- Operating system
- Device family (iPhone, Samsung Galaxy, Windows)
- Device type (iPhone 13, MacBook Pro)
- Carrier (AT&T, Verizon)
- Network and technical identifiers
- IP address
- Unique device identifier
Datastore credentials
- URI or IP address of the datastore
- Credentials (password)
- Proxy information

Additional analytics that Structural Cloud collects

Organizations in our hosted environment may also have additional analytics data collected, processed, and stored. This additional data allows Tonic.ai to replay their user sessions to better understand usage patterns.

Sensitive data is redacted from these collections on the end-user device.

This data is not collected from self-hosted customers.

Structural Cloud collects the following additional analytics data:

Usage patterns
Clicks
Mouse movements
Scrolling
Typing - Excludes data that is typed in sensitive fields such as password fields
Navigation
Pages visited
Referrers
URL parameters
Session duration

Data that Tonic.ai does not collect, process, or store

Many customers self-host the Structural application within their own environment to enforce their own security, tenancy, and data protection requirements.

Some data (see Structural telemetry data collection) is shared with Tonic.ai.

However, for self-hosted instances, Tonic.ai never sees the following data:

Customer data
- The content of source, destination, and application databases that support the Tonic application
Datastore credentials
- URI or IP address of the datastore
- Credentials (password)
- Proxy information

Required global permission: Update Tonic

From Tonic Settings, you can check the status of telemetry sharing with Tonic.ai.

On the System Status tab, under Data Sharing, the Telemetry panel indicates whether:

Telemetry sharing is enabled.
If it is enabled, then whether Structural can make the connection to send the telemetry data.

Last updated 3 days ago