🔐 Your Privacy is Our Priority
This Privacy Policy explains how tap-3 ("we," "us," or "our") collects, uses, and protects your personal information when you use our social media landing page platform. We are committed to GDPR and CCPA compliance.
1. Information We Collect
Personal Information You Provide
- Account Information: Name, email address, and password when you create an account
- Profile Information: App names, descriptions, logos, and app store links you provide
- Payment Information: Billing details processed securely through third-party payment processors
- Communication Data: Messages and feedback you send us through contact forms or support channels
Information We Collect Automatically
- Usage Data: Page views, clicks, time spent on pages, and user interactions with your landing pages
- Device Information: Browser type, operating system, device type (mobile/desktop), and IP address
- Cookies and Tracking: We use cookies and similar technologies to improve your experience and analyze usage
- Analytics Data: Aggregated and anonymized data about how visitors interact with your landing pages
2. How We Use Your Information
We use your personal information for the following purposes:
- Service Provision: Creating and hosting your social media landing pages
- Account Management: Managing your account, processing payments, and providing customer support
- Analytics and Reporting: Providing you with insights about your landing page performance
- Communication: Sending service updates, security alerts, and responding to your inquiries
- Improvement: Analyzing usage patterns to improve our platform and develop new features
- Legal Compliance: Meeting legal obligations and protecting our rights and interests
3. Legal Bases for Processing (GDPR)
For users in the European Economic Area, we process your personal data based on:
- Contract Performance: Processing necessary to provide our services to you
- Legitimate Interests: Improving our services, preventing fraud, and ensuring security
- Consent: For marketing communications and optional features (you can withdraw consent anytime)
- Legal Obligation: Complying with applicable laws and regulations
4. Information Sharing and Disclosure
We do not sell your personal information. We may share your information in these limited circumstances:
- Service Providers: Third-party vendors who help us operate our platform (hosting, payment processing, analytics)
- Legal Requirements: When required by law, court order, or to protect our rights and safety
- Business Transfers: In connection with a merger, acquisition, or sale of assets
- Consent: When you explicitly authorize us to share your information
🛡️ We Never Sell Your Data
We do not and will never sell, rent, or trade your personal information to third parties for marketing purposes.
5. Data Retention
We retain your personal information for as long as necessary to provide our services and comply with legal obligations:
- Account Data: Retained while your account is active and for 90 days after deletion
- Analytics Data: Aggregated data retained for up to 3 years for business analysis
- Communication Records: Support tickets and communications retained for 2 years
- Legal Data: Information required for legal compliance retained as required by law
6. Your Rights and Choices
GDPR Rights (EU Users)
- Access: Request a copy of your personal data
- Rectification: Correct inaccurate or incomplete data
- Erasure: Request deletion of your personal data
- Portability: Receive your data in a machine-readable format
- Restriction: Limit how we process your data
- Objection: Object to processing based on legitimate interests
- Withdraw Consent: Withdraw consent for consent-based processing
CCPA Rights (California Users)
- Know: Request information about data collection and sharing practices
- Delete: Request deletion of your personal information
- Opt-Out: Opt-out of the sale of personal information (we don't sell data)
- Non-Discrimination: Equal service regardless of privacy choices
To exercise your rights, contact us at info@tap-3.com. We will respond within 30 days (GDPR) or 45 days (CCPA).
7. Data Security
We implement industry-standard security measures to protect your personal information:
- Encryption: Data encrypted in transit using TLS and at rest using AES-256
- Access Controls: Strict access controls and authentication requirements
- Regular Audits: Security assessments and vulnerability testing
- Employee Training: Staff trained on data protection and security practices
- Incident Response: Procedures for detecting and responding to security incidents
- Authentication Tokens: Social media authentication keys are encrypted and stored securely
🔒 Security Disclaimer
While we implement robust security measures, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security of your information.
8. International Data Transfers
Your data may be processed in countries outside your residence. For EU users, we ensure adequate protection through:
- European Commission adequacy decisions
- Standard Contractual Clauses (SCCs)
- Other approved transfer mechanisms
9. Cookies and Tracking Technologies
We use cookies and similar technologies to:
- Essential Cookies: Enable core platform functionality
- Analytics Cookies: Understand how you use our service
- Preference Cookies: Remember your settings and preferences
You can control cookies through your browser settings. Some features may not work if you disable cookies.
10. Children's Privacy
Our service is not intended for children under 13 (or 16 in the EU). We do not knowingly collect personal information from children. If we become aware that we have collected information from a child, we will delete it promptly.
11. Third-Party Services
Our platform integrates with third-party services:
- Analytics: Google Analytics (with IP anonymization)
- Payment Processing: Stripe (PCI DSS compliant)
- Hosting: Vercel (SOC 2 compliant)
- Email: SendGrid for transactional emails
These services have their own privacy policies and we encourage you to review them.
12. Changes to This Policy
We may update this Privacy Policy periodically. We will:
- Notify you of material changes via email or platform notification
- Post the updated policy with a new "Last Updated" date
- Obtain consent for changes that expand data collection or use
13. Data Breach Notification
In the event of a data breach that may compromise your personal information, we will:
- Notify affected users within 72 hours of discovering the breach
- Provide details about what information was involved
- Explain the steps we are taking to address the breach
- Offer guidance on protective measures you can take
- Report to relevant authorities as required by law
14. API and Third-Party Platform Integration
Our service integrates with social media platforms and app stores. When you connect your accounts:
- Platform Authentication: We store encrypted authentication tokens to post on your behalf
- Platform Policies: Your use is also governed by each platform's terms and privacy policies
- Data Synchronization: We may sync basic profile information to improve your experience
- Revocation: You can revoke platform connections at any time in your account settings
Important: While we encrypt and secure your authentication keys, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security.
15. Global Privacy Control
We recognize and respect Global Privacy Control (GPC) signals. When we detect a GPC signal from your browser, we will treat it as a request to opt-out of data sharing where applicable under CCPA.
Data Controller:
tap-3
Email: info@tap-3.com
EU Representative: For EU-related privacy matters, contact us at info@tap-3.com