Privacy Policy

Your privacy is very important to us. It is Towo Labs AB's policy to respect your privacy regarding any information we may collect from you across our website,, and other sites we own and operate.

We only ask for personal information when we truly need it to provide a service to you. We collect it by fair and lawful means, with your knowledge and consent. We also let you know why we’re collecting it and how it will be used. Your continued use of our website will be regarded as acceptance of our practices around privacy and personal information.

XRP Ledger

Transactions submitted to the XRP ledger become publicly accessible. This includes information such as your public account address, the destination account, the amount sent, and any other data you attach. Information stored on the XRP ledger is immutable and can never be deleted.

Transaction Signing

When you send transactions with XRP Toolkit, you sign them with your hardware wallet or mobile wallet. We do not receive or store any passwords, PIN codes, secret keys or recovery words. We have no access to your wallets, accounts or assets. All transaction signing takes place client-side on your own device. You are responsible for backing up your wallets and there is nothing we can do if you lose access to them.

Local Storage

When you connect a wallet, its account address is saved to your browser's local storage and released when you clear your session. The account addresses in your browser's local storage is only used client-side, to for example remember what account you've selected. No data from your browser's local storage is sent to our servers. We don't know what accounts you have added and we don't know which account is set as active, that information is only stored locally on your device.


By design XRP Toolkit doesn't use any cookies, with a single exception for Xumm users that want to receive push requests. In order for XRP Toolkit to push sign requests to your Xumm wallet, the following security cookies are needed:

  • __cfduid: Helps CloudFlare detect malicious visitors to and minimizes blocking legitimate users.
  • Hash (32 byte): Used to authenticate users to our Xumm proxy and push sign requests.

If you do not consent to the security cookies described above, please block them in your browser settings. XRP Toolkit will fail pushing sign requests to your Xumm wallet and fallback to QR code scanning for every transaction.

Log Data

We receive certain information when you view content on our websites or interact with the XRP Toolkit application, we refer to this as "Log Data". The Log Data we receive includes your IP address, user agent, referrer and visited URL. We protect all Log Data within commercially acceptable means to prevent loss and theft, as well as unauthorized access, disclosure, copying, use or modification. Log Data is used to operate our services and ensure their security, reliability and performance. We retain Log Data for 30 days and never share it, except when required to by law. Note that we never log XRP Ledger addresses, transactions or other wallet details.


Our website may link to external sites that are not operated by us. Please be aware that we have no control over the content and practices of these sites, and cannot accept responsibility or liability for their respective privacy policies.

Contact Us

If you have any questions about how we handle user data and personal information, feel free to contact us at