Back to Home

How Prunegram Handles Your Telegram Access

Updated July 2026

Prunegram asks for access to your Telegram account, so you deserve a precise answer to "what exactly can you see, and how do I take it back?" This page is that answer — no marketing gloss.

How login works

Prunegram uses Telegram's official API(the same MTProto API that Telegram's own desktop and web apps use). When you open the Mini App, Telegram itself verifies who you are. If you link your account for full cleanup features, Telegram sends a login code to your Telegram app — we never see your password, and there is no Prunegram password to create.

Logging in creates a session — the same thing that appears in your Telegram settings when you sign in on a new device. Prunegram shows up there like any other device, fully under your control.

Where your session lives

  • Your session is stored encrypted, server-side in our database. It is what lets Prunegram scan your chat list without asking you to log in every time.
  • We use it to read chat metadata only: chat names, types, mute status, unread counts, and last-activity dates.
  • We never read or store message content, contact lists, or media. The scanning code requests dialog lists, not message histories.

How to revoke access (anytime, instantly)

You don't need us to remove Prunegram's access — Telegram gives you a kill switch:

  1. Open Telegram → Settings
  2. Tap Devices (called "Active Sessions" on some clients)
  3. Find Prunegram in the list
  4. Tap it and choose Terminate Session

The session dies immediately and Prunegram loses all access to your account from that second. You can do this at any moment, for any reason.

Deletion & retention

  • Log out = deleted immediately. When you log out inside Prunegram, we invalidate the session with Telegram and delete the stored session from our database right away. There is no retention window for sessions — logout means gone.
  • You can also request deletion of all your data (profile, cleanup history, preferences) via the /support command in @prunegrambot.

Two-factor authentication (2FA)

If you have a Telegram cloud password (2FA) enabled, Telegram asks for it during login the same way it would on a new phone. The password goes to Telegram, not to us — Prunegram never stores your 2FA password. Keeping 2FA enabled is a good idea whether or not you use Prunegram.

Payments

Purchases are processed by Telegram Stars or TON Connect— inside Telegram's own payment rails. No card number, wallet seed, or banking detail ever touches Prunegram's servers. We only receive a confirmation that a payment happened.

The short version

  • Official Telegram API, no password of ours to leak.
  • Encrypted server-side session; metadata only, never message content.
  • Revocable by you in Telegram → Settings → Devices, instantly.
  • Deleted immediately when you log out.
  • Payments stay inside Telegram (Stars / TON).

Questions?

Use the /support command in @prunegrambot or read the privacy policy for the full data-handling details.

Try Prunegram Free