TOKTO.AI
Privacy Policy and Terms of Use
Use note
This document is a revised working draft for Tokto.ai based on the prior working draft, the current Tokto.ai website positioning, and operational clarifications provided by Tokto. It is intended for publication preparation and legal review. This document does not replace final review by qualified counsel. Before publication, Tokto should confirm all operational statements, customer contract references, and legal placeholders that are intentionally left to the website, order form, or signed customer agreement.
| Company | Tokto AI Ltd. |
|---|---|
| Website | https://www.tokto.ai |
| Effective date | May 2026 |
| Last updated | May 2026 |
| Privacy contact | privacy@tokto.ai |
| Company address | 16192, Highwa, Lewes, Delaware 19958 |
Privacy Policy
Last updated: May 2026
Tokto AI Ltd., referred to in this Privacy Policy as Tokto, we, us, or our, respects privacy and is committed to protecting personal information and customer data. This Privacy Policy explains how Tokto collects, uses, discloses, stores, and protects information when you visit our website, request a demo, communicate with us, use Tokto software, use Tokto platform functionality, or receive related support or services.
Tokto provides enterprise AI accountability infrastructure and an AI System of Record, AISOR. Tokto is designed to help organizations govern, monitor, enforce policies, optimize usage, and maintain records of AI activity across customer controlled enterprise environments. Tokto operates as a supervised layer between customer configured enterprise entities and large language model connections, including employees, services, flows, agents, MCP connections, browser based AI usage where supported, IDE based AI usage where supported, and other customer configured AI integrations.
This Privacy Policy should be read together with any applicable order form, master services agreement, software license agreement, on premise software license agreement, data processing agreement, IP protection addendum, third party notices, support agreement, service level agreement, or other written agreement between Tokto and the customer. If there is a conflict between this Privacy Policy and a signed written agreement, the signed written agreement controls to the extent of the conflict.
1. Information we collect
1.1 Website, demo, and contact information
When you visit our website, request a demo, contact us, subscribe to communications, or otherwise communicate with Tokto, we may collect information such as name, business email address, phone number, company name, job title, business address, demo request details, support or sales communications, and any other information you choose to provide to us.
1.2 Website and basic analytics information
Tokto.ai is currently an informational website. Tokto does not currently use cookies on the public website. Tokto may use basic analytics to understand general website usage and performance. Basic analytics may include page views, referral source, approximate geography derived from network information, device or browser type, general session activity, and date and time of access, depending on the analytics configuration in place. Tokto should update this Privacy Policy or publish an updated notice if the website begins using cookies, pixels, advertising identifiers, marketing cookies, or other tracking technologies.
1.3 Account and administrative information
When a customer or authorized user uses Tokto, Tokto may process information needed to operate, secure, administer, and support the platform, including user account information, login and authentication activity, administrative settings, policy configurations, access control information, organization metadata, team metadata, role metadata, internal entity identifiers, system logs, diagnostics, error reports, and customer support information.
1.4 Customer content and customer data
Customer content means information submitted, transmitted, routed, processed, governed, recorded, or stored through Tokto by or on behalf of a customer. Depending on the customer’s deployment, configuration, enabled features, and integrations, customer content may include prompts, AI model outputs, AI interaction records, AI interaction metadata, policy decisions, routing events, model interaction metadata, token information, cost information, security and compliance logs, configuration settings, and records maintained for governance, visibility, policy enforcement, cost management, or system of record purposes.
Tokto does not claim ownership of customer content. Customer content remains owned by the customer or its authorized users, as applicable. Tokto uses customer content only as needed to provide, secure, support, maintain, and improve the services, comply with law, and perform obligations under the applicable customer agreement.
1.5 Entity identifiers and incognito data
Tokto is designed so that enterprise customers can operate the product without Tokto needing to receive real customer personal information from customer controlled environments. Where Tokto collects or receives operational statistics for analytics, product improvement, cost visibility, risk visibility, or behavior statistics, Tokto intends to use incognito, aggregated, deidentified, or pseudonymous data, together with internally created entity identifiers that are disconnected from real world identities unless a customer separately configures or discloses that mapping. Tokto does not require customer names, employee names, customer client names, or real personal identifiers in order to produce general statistics about usage, cost, risk, policy actions, or visibility. Any future collection of such incognito or aggregated operational data should be governed by the applicable customer agreement and, where required, a data processing agreement.
1.6 AI interaction records and metadata
Tokto may process AI interaction records and related metadata to provide visibility into AI usage, policy enforcement, cost and budget management, routing and optimization, security and compliance monitoring, auditability, system of record functionality, reporting, and customer directed export or integration through available interfaces. The specific AI interaction data processed by Tokto depends on the customer’s deployment model, integrations, configuration, policies, enabled features, and contractual agreement.
1.7 On premise deployments, diagnostics, and telemetry
Some Tokto software may be deployed on customer controlled infrastructure. For on premise deployments, the customer is responsible for operating, configuring, and securing its own infrastructure, systems, databases, credentials, network configuration, storage, access controls, and user permissions. Tokto may provide software, support, updates, diagnostics, APIs, and administrative functionality according to the applicable customer agreement.
Telemetry, logs, and diagnostics sharing are currently intended to be enabled by default unless disabled by the customer, restricted by configuration, or modified by the applicable customer agreement. Tokto may use telemetry, logs, and diagnostics to maintain, support, secure, troubleshoot, and improve the software and related services. Tokto will not use telemetry to identify a customer’s own models, prompts, proprietary data, or real world user identities except as necessary to provide support, operate the agreed service, comply with the applicable agreement, or comply with law.
1.8 No model training without authorization
Tokto does not use customer content to train, fine tune, or improve general purpose AI models unless the customer expressly authorizes such use in writing or through a clear product setting that permits such use.
2. How we use information
2.1 To provide and operate the services
Tokto uses information to provide the website, platform, software, and related services, create and manage accounts, authenticate users, operate platform functionality, process demo and sales requests, provide support, maintain customer configured records, enforce customer configured policies, and perform services requested by the customer.
2.2 To support AI accountability, governance, and auditability
Tokto uses customer configured data and platform activity to help customers govern AI activity and answer operational questions, including what AI activity occurred, who or what initiated the activity, which model or provider was used, what policy applied, what decision was made, what token usage or cost was associated with the activity, and where the applicable record is maintained.
2.3 To support cost, routing, and optimization features
Where enabled, Tokto may use usage data, token data, routing metadata, model metadata, cache related information, and cost related information to provide cost visibility, budget controls, routing, reduction, optimization, and related reporting.
2.4 To secure the services
Tokto uses information to detect, prevent, investigate, and respond to unauthorized access, misuse, fraud, abuse, policy violations, technical issues, security events, and suspected or confirmed security incidents.
2.5 To improve Tokto
Tokto may analyze usage information, telemetry, diagnostics, error reports, aggregated information, deidentified information, incognito operational data, internal entity identifiers, and feedback to improve performance, reliability, security, user experience, support, and product functionality. Tokto does not use identifiable customer content to train general purpose AI models unless expressly authorized by the customer.
2.6 To communicate with you
Tokto may use information to respond to inquiries, provide service updates, send administrative notices, deliver support, communicate about demos, proposals, events, or Tokto offerings, and provide information relevant to customer relationships.
2.7 To comply with legal obligations
Tokto may use information to comply with applicable laws, regulations, legal processes, sanctions, export controls, court orders, governmental requests, and contractual obligations.
3. How we share information
3.1 We do not sell personal information
Tokto does not sell personal information.
3.2 Service providers
Tokto may share information with service providers that help operate, secure, support, and improve the website, business operations, and services. These providers may support hosting, analytics, customer relationship management, communications, billing administration, technical support, security, and similar operational services. Service providers are authorized to process information only as needed to provide services to Tokto and subject to appropriate contractual obligations.
3.3 Customer directed sharing and integrations
Tokto may share, transmit, export, or make available customer content or customer data when directed by the customer, configured by the customer, required to provide the services, or permitted under the applicable customer agreement. This may include customer directed integrations, API based exports, reporting, or transmission to AI model providers, cloud services, internal systems, or other systems selected or configured by the customer.
3.4 Legal requirements and protection
Tokto may disclose information when required by law, regulation, legal process, subpoena, court order, governmental request, or where necessary to protect the rights, property, safety, or security of Tokto, customers, users, or others.
3.5 Business transactions
If Tokto is involved in a merger, acquisition, financing, restructuring, sale of assets, or similar transaction, information may be disclosed or transferred as part of that transaction, subject to appropriate confidentiality protections.
4. Customer controlled data
4.1 Enterprise customer data
Where Tokto processes data on behalf of an enterprise customer, the customer may be the controller, owner, or responsible party for that data, depending on the applicable law and agreement. Tokto processes such data according to the customer’s instructions, the applicable customer agreement, the customer’s configuration and policies, and applicable law. If your information was provided to Tokto through your employer or another Tokto customer, you should contact that organization directly to exercise rights relating to that information.
4.2 Customer configuration controls
Tokto features may be enabled, disabled, or configured by the customer depending on the deployment, license, product edition, and applicable agreement. Customer configuration may affect what records are created, what data is retained, what policies apply, what telemetry is shared, what exports are enabled, and which integrations are used.
5. AI interaction records and metadata
5.1 AI records
Tokto may process AI interaction records and metadata to provide visibility, governance, policy enforcement, auditability, routing, monitoring, optimization, cost management, and accountability features. Depending on customer configuration, this may include user activity or internal entity activity, AI system activity, prompts, outputs, policy decisions, routing events, model interaction metadata, security and compliance logs, timestamps, cost information, token information, and administrative actions. The specific data processed depends on the customer’s deployment, configuration, integrations, enabled features, and contractual agreement.
5.2 System of record retention
Where enabled, Tokto may maintain system of record data for customer governance, auditability, compliance, insurance, investigation, or internal oversight purposes. Retention of system of record data is governed by the customer’s agreement, customer configuration, customer policy, product capabilities, and applicable law.
6. Model providers and third party AI services
6.1 Customer selected providers
Tokto may route or process AI interactions involving third party AI model providers, platforms, tools, or services selected, integrated, or configured by the customer. Customer use of third party AI services may be subject to the third party’s own terms, privacy policies, data processing terms, security commitments, model training policies, and availability commitments. Tokto is not responsible for third party model behavior, third party AI provider policies, or customer selected third party services, except as expressly stated in a written agreement with Tokto.
7. Confidentiality and protected Tokto information
7.1 Protected information
Tokto’s non public software, APIs, routing logic, model orchestration, prompt processing logic, system prompts, architecture, performance characteristics, pricing, documentation, and other non public technical or business information are confidential information of Tokto. Customers and users may not disclose, publish, reverse engineer, benchmark, or use Tokto confidential information except as permitted in the applicable agreement.
8. Feedback
8.1 Feedback use
If you provide feedback, ideas, suggestions, or recommendations regarding Tokto, Tokto may use that feedback to improve products and services without obligation or payment to you. Feedback does not give you ownership rights in Tokto software, products, models, routing logic, documentation, or services.
9. Third party components and open source software
9.1 Third party notices
Tokto may include third party and open source components. Those components remain subject to their respective licenses and are not owned by Tokto. Tokto may publish Third Party Notices identifying third party software components and applicable license information.
10. Data retention
10.1 Retention period
Tokto retains personal information, website data, account data, platform records, audit records, AI interaction records, support records, service data, telemetry, diagnostics, aggregated data, deidentified data, and incognito operational data for as long as necessary to provide the services, fulfill the purposes described in this Privacy Policy, comply with legal obligations, resolve disputes, enforce agreements, support security, meet legitimate business needs, and follow customer instructions or configuration. For customer data and AI system of record data, retention may be governed by the applicable customer agreement, order form, product configuration, customer policy, or written customer instruction. Customers may configure retention for system of record data where supported by the product and applicable agreement.
11. Security
11.1 Safeguards
Tokto uses reasonable technical, administrative, and organizational safeguards designed to protect information against unauthorized access, disclosure, alteration, loss, misuse, or destruction. These safeguards may include access controls, authentication measures, encryption where appropriate, monitoring, logging, least privilege access practices, and internal security controls. No method of transmission or storage is completely secure. Tokto cannot guarantee absolute security. For on premise deployments, the customer is responsible for securing its own infrastructure, credentials, databases, storage, network configuration, systems, and access controls.
12. Your rights
12.1 Privacy rights
Depending on your location and applicable law, you may have rights regarding your personal information, including the right to access personal information, correct inaccurate personal information, request deletion of personal information, object to certain processing, restrict certain processing, withdraw consent where processing is based on consent, and request a portable copy of personal information. To exercise these rights, contact Tokto at privacy@tokto.ai. Where Tokto processes information on behalf of an enterprise customer, Tokto may direct your request to that customer or process the request according to the customer’s instructions and applicable law.
13. International data transfers
13.1 Transfers
Tokto may process information in countries other than the country where you are located. Where required, Tokto uses appropriate safeguards designed to protect personal information in accordance with applicable law.
14. Children’s privacy
14.1 Business use only
Tokto is intended for business and enterprise use. The website and services are not intended for children, and Tokto does not knowingly collect personal information from children.
15. Third party links
15.1 External services
The website or services may contain links to third party websites, services, or resources. This Privacy Policy applies only to Tokto. Tokto is not responsible for the privacy practices, content, or security of third party websites or services.
16. Changes to this Privacy Policy
16.1 Updates
Tokto may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated Last updated date. Your continued use of Tokto after an updated Privacy Policy is posted means you acknowledge the updated Privacy Policy, except where applicable law requires a different form of notice or consent.
17. Contact us
17.1 Privacy contact
If you have questions about this Privacy Policy or how Tokto handles information, please contact Tokto at Tokto AI Ltd., Delaware, USA, full company address to be provided before final publication, privacy@tokto.ai.
Terms of Use
Last updated: May 2026
These Terms of Use govern access to and use of the Tokto.ai website, platform, software, products, demos, support services, documentation, APIs, and related offerings provided by Tokto AI Ltd. and its affiliates where applicable. By accessing or using Tokto, you agree to these Terms.
If you access or use Tokto on behalf of a company or other organization, you represent that you have authority to bind that organization, and the terms Customer, you, and your refer to that organization. If there is a separate written agreement between Tokto and Customer, such as an order form, master services agreement, on premise software license agreement, IP protection addendum, data processing agreement, support agreement, or service level agreement, that written agreement will control to the extent of any conflict with these Terms.
1. The Tokto services
1.1 Service description
Tokto provides enterprise AI accountability infrastructure and an AI System of Record for enterprise AI. The services may include AI governance, visibility, policy enforcement, audit records, monitoring, routing, cost management, budget controls, metadata capture, reporting, integrations, administrative controls, APIs, support, and related functionality. Specific functionality depends on the product edition, deployment model, customer configuration, enabled features, roadmap status, and applicable written agreement.
2. Accounts and authorized users
2.1 Accounts
Customers and authorized users may be required to create an account to access certain services. Customer is responsible for ensuring that all account information is accurate, current, and complete.
2.2 Authorized users
Access to Tokto is limited to Customer’s authorized employees, contractors, agents, or representatives who require access for Customer’s internal business purposes and who are bound by confidentiality obligations no less protective than these Terms.
2.3 Account security
Customer is responsible for maintaining the confidentiality of account credentials and for all activity under its accounts. Customer must promptly notify Tokto of any unauthorized access, suspected breach, or misuse of the services.
3. License and access rights
3.1 Limited license
Subject to these Terms, the applicable order, and payment of all applicable fees, Tokto grants Customer a limited, non exclusive, non transferable, non sublicensable right to access and use the services solely for Customer’s internal business purposes during the applicable subscription or license term.
3.2 On premise software
If Tokto provides on premise software, Customer may install and use the software only on Customer controlled infrastructure and only as permitted under the applicable Tokto agreement, order form, on premise software license agreement, IP protection addendum, and related documentation.
3.3 No other rights
No rights are granted except as expressly stated in these Terms or a written agreement signed by Tokto.
4. Restrictions
4.1 Prohibited conduct
Customer shall not, and shall not permit any third party to, sublicense, sell, rent, lease, loan, distribute, host as a service, make available, or provide access to Tokto for the benefit of any third party unless expressly authorized in writing by Tokto. Customer shall not modify, adapt, translate, copy, create derivative works of, reverse engineer, decompile, disassemble, or attempt to derive source code, hidden configuration, routing logic, system prompts, internal APIs, or underlying ideas of the services except to the extent mandatory law expressly prohibits this restriction. Customer shall not use Tokto or its outputs to develop, train, fine tune, improve, or benchmark a competing product, service, model, routing layer, governance system, or AI accountability platform. Customer shall not publicly report benchmarks, performance comparisons, latency, throughput, routing behavior, model orchestration, system prompts, internal performance metrics, or security testing results without Tokto’s prior written consent. Customer shall not remove, obscure, or alter proprietary notices, use the services in violation of law, use the services to infringe third party rights, interfere with the operation or security of the services, or attempt unauthorized access to any system, account, data, or network.
5. Customer responsibilities
5.1 Customer data and instructions
Customer is responsible for customer content, data, prompts, outputs, configurations, policies, users, internal entity identifiers, approvals where configured, records, and instructions provided to or processed through Tokto.
5.2 Compliance
Customer is responsible for complying with applicable laws, rules, regulations, internal policies, employment obligations, privacy obligations, security obligations, industry requirements, and data processing requirements applicable to Customer’s use of Tokto.
5.3 Infrastructure
For on premise deployments, Customer is solely responsible for operating, licensing, securing, monitoring, and maintaining Customer controlled infrastructure, including databases, servers, cloud accounts, network configuration, storage, access controls, credentials, and related systems.
5.4 Customer systems
Tokto is not responsible for Customer systems, Customer infrastructure, Customer data breaches caused by Customer systems, third party model behavior, third party applications, third party integrations, or Customer’s failure to configure or use the services properly, except as expressly stated in a signed written agreement.
6. Customer content and data
6.1 Ownership
Customer retains ownership of customer content. Tokto does not claim ownership of customer content.
6.2 License to provide services
Customer grants Tokto a limited right to use, process, transmit, store, display, analyze, and otherwise handle customer content only as necessary to provide, secure, support, maintain, and improve the services, comply with law, and perform obligations under the applicable agreement.
6.3 No model training without authorization
Tokto will not use customer content to train, fine tune, or improve general purpose AI models unless Customer expressly authorizes such use in writing or through an applicable product setting that clearly permits such use.
6.4 Aggregated, deidentified, and incognito data
Tokto may use aggregated, deidentified, pseudonymous, or incognito information to analyze usage, improve services, develop features, monitor performance, support security, evaluate cost behavior, evaluate risk behavior, and improve visibility, provided such information does not identify Customer, Customer users, Customer clients, or Customer content. Tokto may use internally created entity identifiers that are disconnected from real world identities, unless Customer separately provides or configures the mapping between those identifiers and real entities.
6.5 Future data processing agreement
Tokto expects to prepare a data processing agreement for enterprise customers where required or appropriate, including for future collection of incognito, aggregated, deidentified, or pseudonymous operational statistics relating to AI behavior, costs, risks, policy actions, and visibility. The data processing agreement should reflect that Tokto does not need customer personal information or real customer entity identities for such statistics unless a customer expressly configures or provides such data.
7. Tokto intellectual property
7.1 Ownership
Tokto retains all right, title, and interest in and to the services, software, models, documentation, user interfaces, internal APIs, routing logic, model orchestration, prompt engineering logic, system prompts, architecture, configurations, templates, client libraries, improvements, derivatives, updates, trademarks, service marks, and all related intellectual property rights. No ownership rights are transferred to Customer.
8. Feedback
8.1 Use of feedback
Customer and users may provide feedback, suggestions, ideas, comments, or recommendations regarding Tokto. Tokto may freely use, modify, incorporate, commercialize, and otherwise exploit feedback without restriction, payment, attribution, or obligation to Customer. Feedback does not grant Customer rights in Tokto software, services, or intellectual property.
9. Confidentiality
9.1 Confidential information
Tokto confidential information includes the software, source code if provided, binaries, API schemas, internal APIs, routing strategies, model orchestration, prompt engineering logic, system prompts, performance characteristics, latency, throughput, pricing, non public documentation, technical materials, business information, and any information that is marked confidential or should reasonably be understood as confidential. Customer shall protect Tokto confidential information using at least reasonable care and shall not use or disclose it except as necessary to use the services as permitted by these Terms or an applicable written agreement.
10. Third party components and open source licenses
10.1 Third party notices
Tokto may include third party and open source components. Such components are not owned by Tokto and remain governed by their applicable licenses. Customer must comply with applicable third party license terms. Tokto may provide Third Party Notices identifying third party components and applicable license information.
11. Support, updates, and changes
11.1 Support
Support services, if purchased or provided, are governed by the applicable order form, support agreement, service level agreement, or support terms.
11.2 Updates
Tokto may provide updates, patches, modifications, or new releases. Unless otherwise stated, use of updates is governed by these Terms and any applicable license agreement.
11.3 Changes to services
Tokto may modify, improve, suspend, or discontinue features from time to time. Tokto will use commercially reasonable efforts to avoid material disruption to active paid services, subject to security, legal, operational, or technical requirements.
12. Fees and payment
12.1 Fees
Customer shall pay all fees set forth in the applicable order form or written agreement. Fees are non refundable unless expressly stated otherwise in the applicable agreement. Customer is responsible for taxes, duties, levies, and similar governmental charges, excluding taxes based on Tokto’s net income.
13. Term and termination
13.1 Term
These Terms apply while Customer or any user accesses or uses Tokto.
13.2 Termination for breach
Tokto may suspend or terminate access to the services if Customer or any user breaches these Terms, fails to pay amounts when due, creates security risk, violates law, or uses the services in a way that may harm Tokto, other customers, users, or third parties.
13.3 Effect of termination
Upon termination, Customer must stop using the services and, for on premise software, destroy or return all copies as required by the applicable license agreement. Sections concerning restrictions, ownership, confidentiality, feedback, third party components, fees, disclaimers, limitation of liability, indemnity, governing law, and general provisions survive termination.
14. Privacy and data protection
14.1 Privacy Policy
Use of Tokto is subject to the Tokto Privacy Policy. Where Tokto processes personal information on behalf of Customer, the applicable data processing agreement, if any, will govern such processing.
15. Security incidents
15.1 Notice
Tokto will use commercially reasonable efforts to notify affected customers of a confirmed security incident involving customer data as required by applicable law or the applicable written agreement. For on premise deployments, Customer is responsible for notifying Tokto promptly of unauthorized access or suspected compromise involving Customer accounts, credentials, infrastructure, databases, network, storage, or systems. Security incident notice timing, service levels, and response obligations should be defined in the applicable enterprise agreement or service level agreement.
16. Export controls and sanctions
16.1 Compliance
Customer shall comply with all applicable export control, sanctions, anti corruption, and trade compliance laws. Customer shall not use, export, re export, or transfer Tokto software, services, technical data, or related materials in violation of applicable law.
17. Disclaimers
17.1 As is
To the maximum extent permitted by law, Tokto and all services, software, documentation, third party components, support, and related materials are provided as is and as available, without warranties of any kind, whether express, implied, statutory, or otherwise. Tokto disclaims all implied warranties of merchantability, fitness for a particular purpose, title, non infringement, accuracy, reliability, uninterrupted operation, error free operation, and system integration. Tokto does not warrant that the services will meet Customer’s requirements, produce particular outcomes, prevent all AI risk, identify every issue, or ensure legal or regulatory compliance.
18. Limitation of liability
18.1 Liability cap
To the maximum extent permitted by law, Tokto shall not be liable for any indirect, incidental, special, consequential, exemplary, enhanced, or punitive damages, or for lost profits, lost revenue, loss of goodwill, business interruption, loss of data, procurement of substitute services, or similar damages, even if advised of the possibility of such damages. Tokto’s total aggregate liability arising out of or relating to these Terms or the services shall not exceed the amounts paid by Customer to Tokto for the applicable services during the twelve months preceding the event giving rise to the claim, unless a different cap is stated in a signed written agreement.
19. Indemnity
19.1 Customer indemnity
Customer shall defend, indemnify, and hold harmless Tokto, its affiliates, officers, directors, employees, contractors, licensors, and representatives from and against third party claims, losses, damages, liabilities, costs, and expenses, including reasonable attorneys’ fees, arising out of or related to customer content, Customer’s use of the services, Customer’s breach of these Terms, Customer’s violation of law, Customer’s systems or infrastructure, or Customer’s infringement or misappropriation of third party rights.
20. Publicity
20.1 Customer logo use
Tokto may use Customer’s name and logo in customer lists, presentations, marketing materials, and website listings only as permitted by the applicable order form or signed written agreement.
21. Governing law and venue
21.1 Governing law
The governing law and venue for these Terms are as stated on the Tokto website, applicable legal notice, applicable order form, or signed written agreement. If no governing law or venue is specified for a particular relationship, Tokto should complete this section before publication or include the governing provision in the applicable customer agreement.
22. General provisions
22.1 General
Customer may not assign these Terms without Tokto’s prior written consent, except to a successor in connection with a merger, acquisition, corporate reorganization, or sale of substantially all assets, provided the assignee agrees to be bound by these Terms. Tokto may assign these Terms as part of a merger, acquisition, reorganization, sale of assets, financing, or corporate transaction. If any provision is held invalid or unenforceable, the remaining provisions remain in effect. Failure to enforce a provision is not a waiver. These Terms, together with any applicable order form and written agreement, constitute the entire agreement regarding their subject matter.
No Cookie and Basic Analytics Notice
1. Current website analytics approach
Tokto.ai is currently an informational website. Tokto does not currently use cookies on the public website. Tokto may use basic analytics to understand general website usage and performance. The product itself runs on premise for enterprise customers where deployed in that model and is accessed through customer controlled internal web dashboards and API connectivity, subject to customer configuration and applicable agreement.
2. No current marketing cookies
Tokto does not currently represent that it uses marketing cookies, advertising cookies, pixels, or cross site tracking technologies on the public website. If Tokto later introduces cookies, pixels, advertising identifiers, or marketing analytics, Tokto should update this notice and implement any consent or preference mechanism required by applicable law.
3. Managing browser settings
Because Tokto does not currently use public website cookies, there are currently no Tokto website cookie preferences to manage through the website. Users may still control general browser settings according to their browser provider’s instructions.
4. Updates
Tokto may update this No Cookie and Basic Analytics Notice from time to time by posting an updated version on the website.
Publication Checklist and Legal Review Notes
Before publication, Tokto should confirm the full company address, confirm that privacy@tokto.ai is the correct privacy contact, confirm all website analytics statements, confirm that no cookies are currently used on the public website, confirm that telemetry is default on unless disabled or modified by contract, confirm that customer logo use is order form based, confirm that customer content is not used for general purpose model training without authorization, prepare a data processing agreement for enterprise customers when needed, align security incident notice timing with enterprise agreements and service level standards, publish or attach Third Party Notices for open source and third party software components where required, prepare a subprocessor list when Tokto begins using subprocessors that enterprise customers need to review, and obtain final legal review before website publication or customer signature.
The current draft intentionally does not claim support for desktop AI usage, mobile application usage, direct Slack, Teams, Zoom, or Meet integrations, current file support, full SIEM export outside API or customer directed export, or broad human approval workflows for every AI interaction. Those items should be added only if and when they accurately reflect implemented or contractually offered product functionality.