Tap Technology Logo

Privacy Policy

Last updated: September 2025

Website Privacy Policy

This section describes our website practices.

Information We Collect

When you use our contact form, we collect the following information:

  • Name (required)
  • Email address (required)
  • Phone number (optional)
  • Message content (required)

How We Use Your Information

We use the information you provide to:

  • Respond to your inquiries and messages
  • Provide customer support
  • Improve our services
  • Send you updates about Tap Technology (with your consent)

Data Protection

We take your privacy seriously. Your information is:

  • Stored securely and encrypted
  • Never sold to third parties
  • Only shared with authorized personnel
  • Retained only as long as necessary

Your Rights

You have the right to:

  • Access your personal data
  • Request correction of inaccurate data
  • Request deletion of your data
  • Opt-out of marketing communications

Security & Compliance

Tap Technology maintains the highest standards of security and compliance:

  • HIPAA-aligned practices for healthcare data
  • Data encrypted in transit and at rest
  • Least-privilege access controls
  • Comprehensive audit logs
  • Business Associate Agreement (BAA) available for Enterprise customers

App Privacy Policy

This section describes our Tap mobile app (the “App”) practices.

Information We Collect (App)

  • Account Information: Email and password for authentication, plus session tokens stored securely on-device.
  • Profile Information: Fields you choose to store (e.g., name, birthdate, address). Profile field contents are encrypted on-device before upload; our servers store only encrypted data.
  • Location Data: Precise location information is only collected when you explicitly authorize it for a specific sharing session. Location data is never stored on our servers and is only shared with the specific organization you choose to share it with during that session.
  • Technical: Limited operational data (e.g., OS, device capability) needed for security and updates. We do not collect contacts, photos, camera, or microphone data.
  • Recovery: A 24-word recovery phrase derived from your device-stored key; it is not sent to us.

How We Use Your Information (App)

  • Authenticate your account and provide the App.
  • Securely store your encrypted profile fields and make them available across sessions.
  • Enable voluntary, user-confirmed sharing of selected data with third parties, including location data when you explicitly authorize it for a specific sharing session.
  • Operate, maintain, and improve reliability of the App, including delivering updates.

We do not use your data for targeted advertising and we do not sell your personal information.

Service Providers (App)

We use third-party service providers (processors) to operate the App. These providers act on our behalf under contractual obligations and may process information only to deliver services to us, such as:

  • Authentication and account management
  • Cloud hosting and databases (storing only encrypted field data)
  • Secure on-device storage and cryptography runtimes
  • Application delivery and updates, including over-the-air updates
  • Error handling and operational diagnostics (non-personal, where applicable)

We require providers to implement appropriate security measures and prohibit them from using your information for their own independent purposes.

Location Data Sharing (App)

When you choose to share location data with an organization:

  • Location access is requested only when you initiate a sharing session that requires it
  • You must explicitly authorize location access each time it is requested
  • Location data is only shared with the specific organization you choose to share it with during that session
  • Location data is never stored on our servers or retained after the sharing session
  • You can revoke location access at any time through your device settings

Security & Compliance (App)

  • End-to-end encryption: A user master key is generated and stored in your device’s secure storage; it never leaves your device.
  • Per-field keys: Derived on-device; profile fields are encrypted with authenticated encryption before upload.
  • Key hash: A one-way hash of your key may be stored server-side solely for recovery phrase verification (does not allow decryption).
  • Session security: Auth tokens are encrypted at rest on-device; encryption keys are held in secure device storage.

No security practice can be guaranteed; keep your recovery phrase safe.

Data Retention (App)

App account data is retained while your account is active. Encrypted profile fields are retained until you remove them or request deletion. Minimal records may be retained where required by law, dispute resolution, or security. Your recovery phrase is never sent to or stored by us.

Your Rights (App)

You may access/update profile fields in the App, control sharing (no data is shared without your confirmation at the time of sharing), and request deletion via our support channels, subject to applicable law.

International Transfers (App)

Our service providers may process data in various jurisdictions. Where required, we rely on appropriate safeguards (e.g., standard contractual clauses).

Children’s Privacy (App)

The App is not intended for children under 13 (or the applicable local age). We do not knowingly collect personal information from children. If you believe a child has provided information, contact us to remove it.

Third-Party Links (App)

The App may open external websites (e.g., Support Center). Your interactions there are governed by those sites’ policies.

Changes & Contact (App)

We may update this App policy from time to time. Continued use after changes constitutes acceptance. For privacy questions or requests, visit https://tap-technology.com/support.

Back to Home