Privacy Policy

How Tapsend handles your data
Updated July 21, 2021

1. Scope
We care about your online privacy. This Privacy Policy (the "Policy") describes our practices concerning collection, use, disclosure, and protection of your information when you use Tapsend (the "Platform"). Note that this Policy is only valid on our Platform, not any third party networks, even if they are referenced on our Platform. It is your responsibility to familiarize yourself and comply with any relevant third party networks.If you visit our Platform, that signifies your legal acceptance of the Policy. You must exit the Platform if you do not agree with any provision(s) of this Privacy Policy. We reserve the right to change this Policy at any time at our sole discretion. The last update's effective date is at the top of this page, so visit it occasionally to see if there are any changes.

2. Collection of User Data
Here are the types of information regarding the Platform users we may collect:a. Personal Info: name, email address, phone number, shipping, and billing addresses, IP address, company name (if required by the merchant), SMS / chat messaging transcript.b. PaymentInfo: we do not receive your credit or debit card information. Third-party payment processor handles payments, not us.c. Communications: if you contact us for any reason, we will receive whatever information you voluntarily provide (e.g., your feedback, ratings, and reviews).d. Your Devices: device identifiers, phone manufacturer and carrier, browser, IP address, operating system version, mobile advertising identifiers, application installations.e. Platform Interaction: we see what content our Platform users access, when, and how they interact with the Platform content/pages. We use third-party analytics tools like Google Analytics. You can opt-out of Google Analytics here: https://tools.google.com/dlpage/gaoptout

3. Use of Data
We use the collected data for the following purposes:a. To provide the services and/or information that you have asked for.b. To communicate with you regarding changes to your account or our Platform.c. To enforce our rights, carry out our obligations, prevent fraud, respond to government requests, facilitate disputes between users.d. To accomplish any other purpose for which the information was provided.

4. Disclosure of Data
We share data with services such as Heroku, AWS, Redis, and Twilio. We may disclose the collected personal information as follows:a. In case there is a sale, merger, or other transfer in the ownership of our Platform, the successor will receive personal information about our Platform users along with the assets transferred.b. To our contractors, business partners, third-party service providers, and other entities or individuals who support our Platform. For example, integration and API partners.c. Aggregated, anonymized information that does not identify any particular user can be disclosed without restriction.d. To respond to a court order, regulatory request, or legal process.e. If we decide that disclosure is appropriate to protect the Platform's property, safety, rights, its users, or the public.

5. Cookie Policy
Cookies are small bits of text data placed on your device when you visit sites. Cookies record data about your activity, such as which pages you view and what you click on. Cookies assist our Platform to recognize your device when you return. For example, cookies can help us to remember your preferences, username, analyze the performance of our Platform, and recommend content that may be most relevant to your interests.Here are the reasons we may use cookies:a. Analytics. This type of cookies shows us which pages users view, which links are popular, most viewed, etc. These cookies only provide anonymized information that does not identify anybody personally. This information is then bundled with similar information from the other users to analyze the general usage patterns.b. Essential cookies. These are necessary to provide the services that you have asked for. Without these essential cookies, our Platform would not be able to operate. They are required to enable users to navigate through the Platform and use its main features. E.g., essential cookies identify registered users so that they can access member-only areas of the site. Essential cookies keep users logged in. If a subscriber disables essential cookies, that subscriber won't have access to all of the content that a subscription entitles them to. These cookies don't collect information that could be utilized for marketing or figuring out what places on the Internet you have visited.c. To improve your browsing experience. This type of cookies enables the site to remember users' preferences and settings, such as geographic region or language. They can also be used to restrict the number of times an ad is shown, to remember which forms you have already filled in, so that you don't have to do it again.d. To implement tracking technology on our Platform. This tracking does not use your personal information; it uses de-identified data (i.e., data that cannot be explicitly tied to you). We will not combine this data with your other personal information without your prior express permission.e. To implement flash cookies. Those are locally stored objects that collect and store information about your preferences and navigation on our Platform. Flash cookies are not managed by the same browser settings as are used for browser cookies.There is a way to turn off cookies by going to your browser's Help or Settings menu. However, keep in mind that disabling cookies may limit your use of the Platform or delay or affect the way in which it operates.

6. Data Security
Only our administrators are allowed to access our Platform's password-protected server where your personal information is stored. We store personal data for 24 months. We utilize SSL. However, any transmission of information over the Internet has its inherent risks, so we cannot guarantee your personal information's absolute security. Transmit personal information over the Internet at your own risk. We shall not be liable for circumvention of security measures or privacy settings on the Platform. It is your responsibility to keep your login credentials, if any, confidential.

7. TCPA Compliance
Merchants that use our Platform must abide by all relevant anti-spam laws, including the Telephone Consumer Protection Act of 1991 which provides consumers with options to avoid unwanted telephone solicitations. Under the Federal Communications Commission (FCC) rules, no seller can initiate a telephone solicitation to a residential telephone subscriber who has registered his or her telephone number on the national "Do-Not-Call" registry. A safe harbor exists for an inadvertent violation of this requirement if the telemarketer can demonstrate that the violation was an error and that its routine practices include:a. Written procedures.b. Training of personnel.c. Maintenance of a list of telephone numbers excluded from contact.d. Use of a version of the national "Do-Not-Call" registry obtained no more than three months before the date any call is made (with records to document compliance).e. Process to ensure that it does not sell, rent, lease, purchase, or use the do-not-call database in any manner except in compliance with the FCC regulations.

8. Children's Privacy
We do not knowingly collect any personal information about children under the age of 13. Our Platform is not directed to children under the age of 13. If we become aware that a child under 13 has provided any personal info, it will be erased from our database as soon as reasonably possible, except when we need to keep that information for legal purposes or to notify a parent or guardian. However, portions of this data may remain in back-up archives or web logs even after we erase it from our databases. If a parent or guardian believes that a child has sent us personal information, send us an email.

9. Users' Rights, CCPA
a. We will not share your personal information with third parties for their direct marketing purposes to the extent it is forbidden by law. If our practices change, we will do so in accordance with applicable laws and will notify you in advance. California law requires that operators of online services disclose how they respond to a Do Not Track signal. Some browsers have incorporated "Do Not Track" features. Most of these features, when turned on, send a signal or preference to the online service that a user visits, indicating that the user does not wish to be tracked. At this time we do not respond to Do Not Track signal.b. You can request disclosure of your information collected by us by writing to the email at the end of this Policy. We will then provide the requested information, its sources and purposes of use, in a portable and easily accessible format within 45 days of the request.c. You have the right to request deletion of your personal information from our systems by submitting a request to the email at the end of this Policy.d. You have the right to nondiscrimination for exercising your rights. That means you cannot be denied goods or services, charged different prices, or provided different quality of goods/services for asserting your legal rights.

10. International Transfer
We process your personal information in Singapore. This is where it will be transferred to in case you are located somewhere else. By submitting any personal information to us, you agree to its transfer to and processing in Singapore.

11. EU Users' Rights
This section of our Privacy Policy applies to the users of our Platform in the EU. We would like to inform you about your GDPR rights and how we safeguard them.a. Your GDPR rights to be informed, to access, rectify, erase or restrict the processing of your personal information. You have the right to obtain free information about what personal data we have obtained about you, where it is stored, for how long, for what purposes it is used, to whom it was disclosed. You have the right to have us, without undue delay, rectify of inaccurate personal data concerning you. That means you can request we change your personal data in our records, or have your incomplete personal data completed. You have the "right to be forgotten," i.e. to have us delete your personal information, without undue delay, if the data is no longer necessary in relation to the purposes for which it was collected. However, GDPR gives us the right to refuse erasure if we can demonstrate compelling legitimate grounds for keeping your information.b. GDPR gives you the right to restrict processing if any of the following applies:
i. If you contest the accuracy of your personal data, we will restrict processing it for a period enabling us to verify its accuracy.
ii. The processing is unlawful and you oppose its erasure and request instead the restriction of its use.
iii. We no longer need your personal data for the purposes of the processing, but you require us to restrict processing for the establishment, exercise or defense of legal claims.
iv. You have objected to processing pursuant to Article 21(1) of the GDPR pending the verification whether our legitimate grounds override yours.c. Right to data portability. Upon request, we will provide you your personal data in our possession, in a structured, commonly used and machine-readable format. You have the right to transmit that data to another controller if doing so does not adversely affect the rights and freedoms of others.d. Right to object. You can object, on grounds relating your particular situation, at any time, to processing of your personal information, if based on point (e) or (f) of Article 6(1) of the GDPR. We will then have to stop processing, unless we can demonstrate compelling legitimate grounds for the processing. If you object to the processing for direct marketing purposes, we will have to stop processing for these purposes.e. Right to withdraw consent. GDPR grants you the right to withdraw your earlier given consent, if any, to processing of your personal data at any time.f. Rights related to automated decision making. As a responsible business, we do not rely on any automated decision making, such as profiling.

12. Accessing and Correcting Your Personal Information
You can view and edit some of your account information yourself after logging in. If you terminate account, we may retain some information for as long as necessary to evaluate Platform usage, troubleshoot issues, resolve disputes and collect any fees owed. If you have any questions or wish to ask to access, modify or delete any of your personal data on our Platform, please send us an email to hello@tapsend.co. Note that we can deny your request if we think it would violate any law or cause the information to be incorrect.