tapify logo

Privacy Policy

Last updated on

This privacy policy explains what data we collect at Tapify, why we collect it, how we use it, and your rights regarding that data. We don't sell your personal data.

This policy applies to the Tapify product and services. It covers how we handle personal information from people who visit our website, use our web app, or make purchases in our shop. We refer to all of these as "you" throughout this policy.

This policy does not apply to personal information that Tapify processes on behalf of a customer under an applicable service agreement. In those cases, the customer determines how that information is used and acts as the "data controller" or "business" (or an equivalent role under relevant privacy laws). Tapify acts as a "data processor" or "service provider" and handles that data strictly according to the customer's instructions, as defined in our agreements and data protection terms. This kind of processing is outside the scope of this privacy policy.

If you are an end user of a Tapify customer and have questions about how your information is collected or used, please contact that organization directly.

What we collect and why

Our goal is to collect only what we need to provide and improve Tapify. Here's what that includes:

Identity and access

When you create an account, we ask for your email address — and optionally your name — so we can set up your account, personalize your experience, and send important service updates. With your permission, we may also send occasional product updates, newsletters, or surveys to understand how Tapify is being used and how we can improve.

We don't sell your personal information. We also won't use your name or company in marketing without your consent.

Billing information

If you purchase a paid Tapify plan or product, we ask for your payment details and billing address. Payment information is processed securely by our payment provider (Stripe) and is never stored in our servers. We store a record of the transaction — including the last 4 digits of your card — for billing history, invoicing, and support. We use your billing address for tax calculation, invoicing, and fraud detection. In aggregate, we may use billing data to guide business and marketing decisions.

Website interactions

We collect anonymized usage data about how you interact with our marketing site and app — such as pages visited, referral sources, browser type, and time spent. This helps us understand what's working, where users drop off, and how we can improve. If you're signed in, some of this data may be tied to your account.

Product usage

We store the information you create, upload, or manage while using Tapify. This may include personal details you choose to add — such as your job title, phone number, company name, profile photo, or social links — as well as content like images, text, or videos.

This information helps power the core functionality of the service and is stored for as long as your account is active. You can update or remove it at any time through your account settings.

If you use Tapify as part of a business account, certain information may be added or managed by an administrator on your behalf. Administrators are responsible for obtaining the appropriate consent before entering personal data, managing access controls, and ensuring that any data they handle is used only for legitimate business purposes. They are expected to follow their organization's privacy and data protection policies.

If you close your account, your data will be deleted within 60 days.

Voluntary correspondence

If you contact us for support or feedback, we'll keep a record of the conversation so we can better assist you in the future. If you participate in surveys or customer interviews, we'll store your input — and ask for your permission if we'd like to record the conversation or use your comments in any way.

When we access or disclose your information

We access or disclose your personal information only when necessary to provide our services, comply with the law, or ensure the security and integrity of our platform. Here's what that means in practice:

To provide and support the service

We may access your account or data when needed to provide support, troubleshoot issues, or investigate bugs — typically at your request. We only access what's necessary and always aim to limit this access to essential personnel.

To investigate misuse or abuse

In limited cases, we may review account activity or query our systems if we suspect the platform is being used for spam, fraud, or other forms of misuse. These reviews are not automated and are only done when necessary to protect Tapify and its service.

When using trusted subprocessors

We rely on select third-party providers (subprocessors) to help us deliver the Tapify service. These providers may process your personal information on our behalf and are contractually required to meet strict data protection standards.

Here's a list of the subprocessors we currently use:

  • Vercel

    • Purpose: Hosting
    • Location: USA

  • Stripe Payments Europe, Limited

    • Purpose: Payment processing
    • Location: Ireland

  • WorkOS, Inc.

    • Purpose: Single sign-on and directory sync
    • Location: USA

  • Resend

    • Purpose: Email delivery (transactional and marketing)
    • Location: USA

  • Zapier

    • Purpose: Workflow automation
    • Location: USA

  • Supabase

    • Purpose: Data services
    • Location: USA

We update this list as needed and ensure all subprocessors follow appropriate safeguards, especially when handling data transferred outside the EU.

When required under applicable law

Tapify is a company based in the Netherlands, with infrastructure hosted in the EU and the United States.

Requests for user data

Our policy is to not disclose user data unless we are legally required to do so. If we receive a binding legal request — such as a court order, warrant, or subpoena — we will comply only to the extent required by law. This includes requests from Dutch or EU authorities, or international requests processed through the appropriate legal channels.

We aim to notify affected users before disclosing any data, unless we are legally prohibited from doing so or in cases of emergency.

Preservation requests

We comply with lawful requests to preserve user data only if they are properly served and meet legal requirements. Preserved data will not be shared unless we receive a valid court order or equivalent legal mandate. If no such request is received before the retention period expires, the preserved data will be deleted.

Tax audits

If Tapify is audited by a tax authority, we may be required to share billing-related details. In such cases, we will disclose only what is necessary — typically limited to billing addresses and relevant tax documentation.

Business transfers

If Tapify is acquired, merges with another company, or goes through bankruptcy or reorganization, personal data may be transferred as part of that process. If this happens, we will provide notice before your data is subject to a different privacy policy.

Your rights and choices

Tapify operates in accordance with the EU General Data Protection Regulation (GDPR). This means you have a range of rights when it comes to your personal data. Below, we outline those rights and how they apply to your use of Tapify.

Your data rights

Right to know

You have the right to understand what personal data we collect, how we use it, and with whom it is shared. This privacy policy outlines the categories of data we collect and how that data is processed.

Right of access

You may request access to the personal data we hold about you and information about how we use and share that data.

Right to correction

You have the right to correct any inaccurate or incomplete personal data associated with your account.

Right to erasure (right to be forgotten)

You can request that we delete your personal data. In most cases, this can be done through your account settings. Please note: deleting your data may affect your ability to continue using Tapify, as essential information is required to maintain a functioning account.

Right to data portability

You have the right to receive a copy of your personal data in a structured, commonly used format and, where technically feasible, to request that it be transferred to another provider. We offer a CSV export of your account data upon request.

Right to restrict processing

You may request that we limit how we use your personal data — for example, if you contest its accuracy or object to certain types of processing.

Right to object

You can object to the processing of your personal data in certain situations, including for direct marketing purposes. You can unsubscribe from marketing emails using the link at the bottom of any email we send.

Right to not be subject to automated decision-making

Tapify does not use automated decision-making processes that have a legal or similarly significant impact on you.

Right to non-discrimination

We do not treat users differently based on whether they exercise their data rights. However, choosing to delete or restrict data may affect how you use the service.

Right to complain

You have the right to file a complaint with your local data protection authority if you're unhappy with how we handle your data.

Exercising your rights

You can access, update, or delete your personal information at any time through your account settings. If you decide to close your account, you can delete it yourself — no need to contact support. Once deleted, your data will be permanently removed from our systems within 60 days.

If your account is managed by an administrator (for example, as part of a company subscription), they may manage your data or delete your account on your behalf. In those cases, we recommend contacting your administrator if you have questions or need assistance.

Data portability

You can request a copy of your data at any time. We'll provide it in a CSV format containing all personal data associated with your account.

Communication preferences

If you no longer want to receive emails from us, you can unsubscribe at any time using the link in the footer of our emails. We automatically send emails related to your account and product usage, but marketing and newsletter emails are optional.

Authorized agents

You can access, update, or delete your data at any time by signing into your account. If your account is managed by an administrator (for example, as part of a company or team subscription), that administrator may control access to or deletion of your account. In such cases, we recommend reaching out to your administrator directly.

For other requests — such as obtaining a data export, restricting processing, or objecting to use — please contact us using the information at the end of this policy. We may ask you to verify your identity by confirming your name and email address. If someone is acting on your behalf, we may request written confirmation from you before proceeding.

If we deny your request, and local law grants you the right to appeal, we will provide instructions on how to do so.

How we protect your data

Tapify takes the security of your personal data seriously. We take every effort to protect your information from loss, unauthorized access, modification, or disclosure. That includes using modern encryption, secure infrastructure partners, and limiting internal access to only what's necessary.

That said, no method of electronic transmission or storage is 100% secure, and we can't guarantee absolute security. But we're committed to doing our part to keep your data safe — and to choosing partners who do the same.

Encryption by default

All data is encrypted in transit (using SSL/TLS) and at rest (using AES-256), including backups. These protections are applied across our systems by default.

Infrastructure security

Our services are hosted in EU-based data centers (eu-central) that comply with strict international standards for information security. These facilities hold certifications such as SOC 2 Type 2 and ISO/IEC 27001:2013, and follow formal information security protocols to safeguard personal data.

Account access and authentication

To help you keep your account secure, Tapify uses passwordless login options — including Login with Google and magic links via email. These methods help reduce reliance on weak or reused passwords while simplifying access.

However, it's your responsibility to secure your Google or email accounts. Keeping those secure is critical to maintaining the integrity of your Tapify account.

Monitoring and abuse prevention

We monitor platform activity to detect misuse and ensure stability. Rate limiting and other automated safeguards help us prevent abuse and maintain the reliability of the service.

Data retention and deletion

We only keep your personal data for as long as it's needed — either to provide the service or to meet legal and operational requirements.

Account deletion

When you delete your Tapify account, your personal data is permanently removed from our active systems immediately. A copy may remain in our encrypted backups for up to 7 days, after which it is fully deleted.

You can delete your account yourself at any time through your settings. You may also contact us directly to request manual deletion of your data.

Billing and legal retention

If you subscribe to a paid plan or purchase a product, we collect billing details such as your name, address, and VAT number (if applicable). This information is used to generate invoices and fulfill our legal obligations under Dutch tax law. We retain invoice data for 7 years as required by law.

Location of data and international transfers

Tapify is based in the European Union, and we primarily store and process personal data within the EU. All personal information we collect is hosted in the EU or in locations where we and our service providers maintain infrastructure necessary to operate Tapify.

Some of our subprocessors and partners may process personal data outside the EU — including in the United States. In such cases, the countries where data is transferred may not have the same level of data protection as your home country.

When we transfer personal data internationally:

  • We do so in accordance with applicable laws, such as the GDPR
  • We rely on appropriate safeguards, including Standard Contractual Clauses (SCCs) or equivalent legal mechanisms
  • We ensure the data remains protected under the standards outlined in this privacy policy

By using Tapify, you understand that your personal data may be processed in countries outside your own, and we take steps to ensure it remains secure and handled responsibly.

Changes and questions

We may update this privacy policy from time to time to reflect changes to our practices, legal requirements, or improvements to our services. The "last updated" date at the top of this page always shows when the latest changes were made.

We do not send notifications for policy updates, so we encourage you to review this page periodically to stay informed.

If you have any questions, concerns, or feedback about this privacy policy or how we handle your data, you can contact us at:

support@tapify.app

Jetzt auf digital umsteigen

Mit Tapify starten
Tapify

Produkt

Ressourcen

Rechtliches

© 2025 Tapify. Alle Rechte vorbehalten.