tnnltnnl
Docs

Privacy Policy

Last updated: June 2026. tnnl is a small, invite-only tunneling service. This page explains what data it handles and why. It is written in plain language and is not legal advice.

What we collect

  • Account data — the email address an administrator uses to create your account, your password (stored only as an Argon2 hash, never in plain text), and your role.
  • Sessions— when you log in we issue a session token and store only a SHA-256 hash of it, along with a coarse device label (from your browser's User-Agent), creation and last-used times.
  • Tunnel metadata — while a tunnel is active we keep its hostname/port, start time, and counters (request/connection counts, bytes in/out) in memory so you can see them in the dashboard. This is dropped when the tunnel closes.
  • Operational logs — the server may log IP addresses and request metadata transiently for security, rate limiting, and abuse prevention.

Traffic through your tunnels

tnnl proxies traffic between the public internet and your local service. The contents of that traffic are not stored unless you explicitly enable request logging for your account. When logging is on, a bounded, recent set of requests (headers and a capped prefix of bodies) is held in memory only for inspection and replay, and is discarded when the tunnel closes or the server restarts. Nothing about tunnel traffic is written to disk.

Cookies

The dashboard uses a single, httpOnly session cookie to keep you logged in. There are no advertising or third-party tracking cookies.

Service providers

tnnl runs on a virtual private server and relies on a small number of infrastructure providers — for example a DNS provider and a certificate authority (Let's Encrypt) to issue TLS certificates. These providers process connection data only as needed to route traffic and secure it.

Retention & deletion

Account data persists until your account is deleted. You can delete your account at any time from the dashboard or with tnnl delete-account; this removes your user record and sessions and closes your tunnels. Tunnel metadata and any in-memory request logs are ephemeral and are not retained after a tunnel ends.

Your choices

  • View and revoke active sessions from the dashboard or the CLI.
  • Delete your account and associated data at any time.
  • Request logging is off by default; it is only captured if an administrator enables it for your account.

Contact

Questions about privacy? Email human.aow.official@gmail.com.