After the Ledger debacle last weeks I've decided to do something I never did: read the Terms of Service (ToS) of both Ledger Live and Trezor Suite. I was looking for things related to data privacy and personal data handling, specially when you use such services.

Main points are outlined below.

Trezor Suite

Trezor Suite's ToS guides us to Going to their general Privacy Policy, which reads:

[...] We usually collect and process only the following personal data:

your name, email address and any other personal data you provide us with when filling out one of the contact forms on the Website (such as Enterprise solutions, Affiliate and other).

Information and feedback we receive from you that helps us improve our Website and your user experience.

Regarding Cookies:

We will, as a data controller, collect, store and process any personal data collected by such cookies (the personal data may include your IP address, information about your activity on our website, information about your advertisement preferences etc.). It is in our legitimate interest to collect, store and process such personal data for marketing purposes and for website traffic analysis, since (i) it allows us to improve our products and services and to provide you with personalized content and advertisement, (ii) we do not attempt to identify you using such personal data, (iii) there is little to no restriction of your interests, rights and freedoms, and (iv) you may at any time delete stored cookies permanently and change your cookie settings to disable or limit storage of any new cookies

Other interesting things:

6.1 Coinjoin Service: You may at any time after your Device initialization within your Suite interface create a new privacy enhanced Bitcoin account that allows you to increase the privacy of your transactions (“Coinjoin account”). In a Coinjoin account, inputs from multiple senders are combined into a single transaction utilizing a Coinjoin Coordinator Service (as defined below), making it difficult for third parties to analyze your connection to an old address. You acknowledge that the use of a Coinjoin account does not ensure your anonymity.

In short, the policy is fair enough and isn't much different from what other companies in the scene do.

Ledger Live

Similar to Trezor, their ToS guides us to Going to their general Privacy Policy, which reads:

**What is personal data?**Personal data (‘Data’) is information that makes it possible to identify you:

directly, such as your name or email address;

or indirectly, such as your customer number or IP address.

Specifically about Ledger Live, they collect

Device session identifier, IP address*, clicks, actions (e.g. launching the application, use of transactional functionalities, pages viewed), properties (e.g. type, version, language and region recorded for your operating system), currency, time stamp, amount and status of transactions, transaction identifier, identifier used by our partners to identify you (when you use their services)

[...]

*Your IP address is only collected to be transmitted to our partners when this information is required to provide their services, and is not stored by Ledger

Third parties:

5.2.1 Third Party Services terms and conditions. Ledger Live may incorporate, reference and/or provide access to Third Party Services. For instance, buy, sell and crypto to crypto exchange (“swap”) services are Third Party Services. You agree that your use of Third Party Services is subject to separate terms and conditions between you and the third-party identified in Ledger Live. For ease of reference, a list of links to Third Party Services terms and conditions is available below. Ledger does not guarantee that such a list is comprehensive and it’s your responsibility to review and understand the applicable terms and conditions before using a Third Party Service:

Coinify Terms and conditions

Moonpay Terms of use

Ramp Terms of service

BTC Direct User agreement

Banxa Terms of use

Transak Terms of service

Mercuryo Legal terms

Wyre User agreement

Simplex Terms of use

Zerion Terms

Bitrefill Terms

Changelly Terms of use

FTX Terms of service

Paraswap Terms of service

5.2.2 No warranty. Ledger is not responsible for the content, accuracy, security, availability, any performance, or failure to perform of the Third Party Services or any issue in relation with the use of Third Party Services. Ledger does not provide any guarantees that access to Third Party Services will not be interrupted or that there will be no delays, failures, errors, omissions, corruption or loss of transmitted information, data or funds, and Ledger shall not be liable for any such Third Party Services. You agree to use the Third Party Services at your own risk. [...]

This makes me uncomfortable, though. It's like our services use third parties' ones by default, but you're using them at your own risk. In addition to that,

5.2.3 Personal data. Some Third Party Services may request or require access to your personal data. The processing of such data will be handled in accordance with the relevant Third Party’s privacy policy and best practices.

4.10 No liability. There may be additional risks that we have not foreseen or identified in these Terms. Before you use the Services, you are strongly encouraged to carefully assess whether your financial situation and risk tolerance is compatible with such use. For the avoidance of doubt, and notwithstanding the generality of the Limitation of Liability under these Terms, you hereby agree that Ledger shall have no liability for any loss that incurs as a consequence of the risks highlighted in this section and/or your failure to follow the recommendations herein.

So even if a situation isn't covered by the ToS, it's on the user to do the math.

Finally, the trackers on Ledger Live. This was fetched by /u/zoomercoomer9000 and credits are due to them:

com.facebook.flipper.android.diagnostics.FlipperDiagnosticActivity com.appboy.ui.activities.AppboyContentCardsActivity com.appboy.ui.activities.AppboyFeedActivity com.appboy.ui.AppboyWebViewActivity com.google.android.gms.measurement.AppMeasurementJobService com.google.android.gms.measurement.AppMeasurementService com.adjust.sdk.AdjustReferrerReceiver com.appsamurai.storyly.util.notification.StorylyNotificationReceiver com.google.android.gms.measurement.AppMeasurementReceiver io.sentry.android.core.SentryInitProvider io.sentry.android.core.SentryPerformanceProvider

Many unnecessary trackers are in place when we use Ledger Live. This comes from an Android device, so I believe it is an Android/Google flaw rather than Ledger's, as per the trackers' names.

I've tried on iOS and found no trackers for neither LL or TS (I'm using a track blocker).

TL;DR

Both ToS are OK-ish from a legal perspective, in the sense that they're not much different from all the other companies in the scene. Neither company is preferred to that regard. The main problem is trusting in the third parties, e.g. LL still has FTX on its website, so at the end it gets down to who are the third parties of each service.