Legal — Toqen

Ethics and Compliance

Our approach to ethical operation, respect for individual rights, and lawful cooperation with authorities.

TL;DR

  • Ethical operation is embedded in technical and organisational decision-making.
  • Personal data is processed lawfully, proportionately, and only where necessary.
  • Our practices are governed by our Privacy, Terms, and Security policies.

Ethics and Transparency

Toqen is designed to provide secure access and protection against abuse while avoiding unnecessary surveillance, profiling, or behavioural tracking. Our approach is based on proportionality, transparency, and respect for legitimate privacy expectations.

  • Balancing security requirements with respect for privacy and fundamental rights.
  • Applying data minimisation and purpose limitation as architectural principles.
  • Avoiding intrusive, manipulative, or deceptive user experiences.
  • Processing only the information strictly necessary for access verification, security, service operation, and abuse prevention.

Individual Rights

Depending on applicable law and the context of processing, individuals may exercise rights related to their personal data, including the right of access, rectification, restriction, portability, or erasure. Requests may be submitted via hi@toqen.app and are handled in accordance with applicable legal requirements.

  • Processing is based on recognised legal grounds, including performance of a contract, compliance with legal obligations, legitimate interests related to security and service integrity, and consent where required.
  • Personal data is retained only for as long as necessary to fulfil the purposes for which it is processed, taking into account legal, contractual, operational, and security considerations, and is subsequently deleted or anonymised in accordance with applicable policies.

Interaction with Authorities

  • We respond only to requests from competent authorities that are valid, specific, and legally binding under applicable law.
  • Any disclosure is assessed under the principles of necessity and proportionality and is limited to the minimum data required to comply with the request.
  • Where permitted by law, we may seek clarification, narrow the scope of, or challenge requests that appear excessive, disproportionate, or unlawful.
  • Affected partners or individuals are notified of such requests where and when legally permissible.

Our Principles

Our operations are guided by principles of privacy, fairness, accountability, and proportionality. We aim to provide secure and predictable access without enabling indiscriminate monitoring, profiling, or control.