Last Updated: Aug 1, 2020
Effective Date: Sep 1, 2020
“Personal information” is any information which is related to an identified or identifiable natural person. When you register for an account or use our Service, we may collect the following personal information from you: first and last name, business name, job title, email address, website address, mailing address, billing address, IP address, phone number, payment information, or any other personal information provided by you voluntarily (including personal information you enter into the service of non TapTac users).
We or any third party we work with may collect data which is anonymous and pseudonymous, including, but not limited to, web browser type, operating system type, browsing history, number of logins, the date, times and frequency with which you access the Service and the way you use and interact with its content, page views, language settings, and your average customer value (how much you earn, on average, by working with one client).
You may be required to provide certain personal information to us when (a) registering for an account; (b) signing up for special offers from selected third parties; (c) submitting your credit card or other payment information when subscribing to our Service; and (d) request support through our support center or online chat . Moreover, we may collect your personal information when you contact us through the Service, by phone, post, email or through other means or when you elect to receive marketing communications from us.
We only use information about you to support your experience throughout the Service or to communicate with you about the Service or other products or services we may offer in the future. In particular, we collect information about you to:
- recognize you as a registered user of the Service;
- verify your identity;
- process your orders and subscriptions;
- respond to your inquiries or requests;
- send you newsletters and information about the Service;
- conduct market research;
- allow our partners and vendors (including payment processing, marketing and shipping companies) to help us run our business smoothly;
- comply with all applicable laws or if we are required by law or by a court order to do so;
- analyze non-personal or aggregate information for Service improvement;
- transfer information in connection with the sale or merger or change of control of TapTac.
We reserve the right to use and disclose non-personal information and anonymous aggregate statistics for any purpose and to any third party at our sole discretion.
If you leave any feedback or suggestions (“Feedback”) via the Service or in an email to us, you hereby assign to TapTac all rights in the Feedback and agree that TapTac shall have the right to use such Feedback and related information in any manner it deems appropriate. We will treat any Feedback you provide to us as non-confidential and non-proprietary. You agree that you will not submit to us any information or ideas that you consider to be confidential or proprietary.
We may sell, transfer or otherwise share some or all of our assets, including your personal information, in connection with a merger, acquisition, reorganization or sale of assets or in the event of bankruptcy.
Once you cancel your subscription, you will be able to decide whether you would like us to keep your data associated with your account or whether you would like us to delete it. Currently, our policy is to keep all data by default so that it will be available in case you would like to access it later by purchasing a new subscription. For the avoidance of doubt, you will be able to access, export, or print any data associated with your account as long as your account is active. Notwithstanding the foregoing, we can not guarantee that we will continue this practice indefinitely, and we reserve the right to delete any data from an inactive account at any time.
To delete your account:
- if your account is still active: navigate to your profile and click on “Delete Account”;
- if your account is inactive: submit a request to delete your account through our Exercise Your Rights webpage.
This action is final, no backups will be retained; it will not be possible to retrieve any data after it has been deleted.
The security of your information is very important to us. We and Google Cloud apply all reasonable security measures and comply with the industry standards to protect your personal information (including, preventing the loss, misuse, unauthorized access, disclosure, alteration and destruction of your personal information). Notably, on our end, access to the Service’s database with your personal information is held behind administrative logins and managed, controlled and limited to authorized website administrators and support technicians only.
Moreover, Google will implement and maintain technical and organizational measures to protect your personal information against accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access as described in Appendix 2 of Google’s Data Processing and Security Terms (the “Security Measures”). The Security Measures include measures to encrypt personal data; to help ensure ongoing confidentiality, integrity, availability and resilience of Google’s systems and services; to help restore timely access to personal data following an incident; and for regular testing of effectiveness. Google may update the Security Measures from time to time provided that such updates do not result in the degradation of the overall security of its services.
Please be aware, however, that despite our efforts, no security measures are impenetrable. No method of transmission over the Internet, or method of electronic storage, is 100% secure. Thus, while we strive to protect your personal information, we cannot ensure and do not warrant the security of any information you transmit to us.
When you use your login credentials on our Service, you are solely responsible for keeping them confidential. Do not share them with anyone. If you believe your password has been misused, please contact us immediately. You are also responsible for the security of your personal devices and for making sure they are protected against unauthorized access.
Our Service does not respond to and does not support the Do Not Track (DNT) header request field. If you turn DNT on in your browser, those preferences will not be communicated to us in the HTTP request header, and we will continue tracking your browsing behavior.
The age of majority depends upon jurisdiction and application, but it is generally set at eighteen (18). Minors may use the Service but only with the consent of a parent or a legal guardian. We do not knowingly collect or solicit personal information from anyone under the age of majority. If you are under the age of majority or have not reached the age of consent, your parent or legal guardian shall place an order for you on the Service. If you are under the age of majority, please do not send or share any information about yourself to us, or other users of the Service, including your name, address, telephone number, or email address. In the event that we learn that we have collected personal information from an individual under the age of majority without the consent of a parent or legal guardian, we will delete that information as quickly as possible.
The European General Data Protection Regulation (“GDPR”) is a regulation in EU law on data protection and privacy for all individuals accessing websites from the European Union and the European Economic Area. It also addresses the transfer of personal data outside the EU and EEA areas. Our collection, processing and protecting of personal information of those who access the Service from a European country, is compliant with GDPR.
If you are accessing and using the Service from the European Union and the European Economic Area, you have the following rights with regard to your personal information:
- the right of access (you can request us to provide you verbally or in writing the type of information we store about you and we have 30 days to respond to your request);
- the right to rectify (amend/correct) any personal information about you that is inaccurate;
- the right to erasure (some conditions apply, see Data Retention section below);
- the right to restrict processing your personal information, however, if you restrict us from processing a part of your personal information that is essential to our provision of the Service, you may be asked to stop using the Service;
- the right to data portability (the right to data portability allows users of the Service to obtain and reuse their personal information for their own purposes across different services; you may request us to transmit your personal information directly from our servers to another company’s servers and we will do so if it is technically feasible);
- the right to object (for example, you have an absolute right to stop us from using your personal information for direct marketing - read our opt-out instructions below; you may express your objection verbally or in writing and we have 30 days to respond to any such objection; we might still continue processing your personal information if we are able to show that we have a compelling reason for doing so);
- the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or that affects you significantly.
If you would like to exercise any of the above rights, please contact us through our Exercise Your Rights webpage and your request will be processed within thirty (30) days.
We represent and warrant that your personal information is:
- processed lawfully, fairly and transparently;
- collected only for specific legitimate purposes;
- collection of personal data is adequate, relevant and limited to what is necessary;
- accurate and kept up to date (with your help);
- stored only as long as is necessary; and
- is secure and kept in confidence.
Data Retention: Generally, your personal information will be erased when (i) it is no longer needed for its original processing purpose, (ii) you withdraw your consent for us to store by deleting your account, (iii) there is no preferential justified reason for the processing of your personal information and you object to our processing of your personal information, or (iv) erasure of your personal information is required in order to fulfil a statutory obligation under the EU law or the right of the EU Member States. Therefore, we will make sure your personal information will be erased under all of the above-mentioned circumstances. You may request us to erase your personal information verbally, in writing or through our Exercise Your Rights webpage and we have 30 days to respond to any such request.
Data Breach Notification: Should there be a personal data breach leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored or otherwise processed, we will notify you and appropriate supervisory authority without undue delay and, where feasible, not later than seventy-two (72) hours after having become aware of it.
The California Consumer Privacy Act (“CCPA”) is a state-wide data privacy law that regulates how businesses all over the world are allowed to handle the personal information of California residents. CCPA provides California residents with five core rights to data privacy and an effective way to control their personal information.
If you are a California resident, you have the following rights with regard to your personal information:
- the right to know what personal information is being collected about you.
- the right to know whether your personal information is sold or disclosed and to whom.
- the right to say no to the sale of personal information (“the right to opt out”); we have created a Do Not Sell My Personal Information webpage that provides you with more details on this matter.
- the right to access your personal information (under CCPA, a business may provide personal information to a consumer at any time, but shall not be required to provide personal information to a consumer more than twice in a 12-month period).
- the right to equal service and price, even if you exercise your privacy rights.
Additionally, a California consumer has the right to request that a business delete any personal information about the consumer which the business has collected from the consumer. However, a business or a service provider shall not be required to comply with a consumer’s request to delete the consumer’s personal information if it is necessary for the business or service provider to maintain the consumer’s personal information in order to:
- complete the transaction for which the personal information was collected, provide a good or service requested by the consumer, or reasonably anticipated within the context of a business’s ongoing business relationship with the consumer, or otherwise perform a contract between the business and the consumer;
- detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity; or prosecute those responsible for that activity;
- debug to identify and repair errors that impair existing intended functionality;
- exercise free speech, ensure the right of another consumer to exercise his or her right of free speech, or exercise another right provided for by law;
- comply with the California Electronic Communications Privacy Act pursuant to Chapter 3.6 (commencing with Section 1546) of Title 12 of Part 2 of the Penal Code;
- engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the businesses’ deletion of the information is likely to render impossible or seriously impair the achievement of such research, if the consumer has provided informed consent;
- enable solely internal uses that are reasonably aligned with the expectations of the consumer based on the consumer’s relationship with the business;
- comply with a legal obligation;
- otherwise use the consumer’s personal information, internally, in a lawful manner that is compatible with the context in which the consumer provided the information.
If you would like to exercise any of the above rights, please contact us through our Exercise Your Rights webpage and your request will be processed within forty-five (45) days.
Conflict resolution under CCPA: Prior to initiating any action against a business for statutory damages on an individual or class-wide basis, a California consumer shall provide a business 30 days’ written notice identifying the specific provisions of this title the consumer alleges have been or are being violated. In the event a cure is possible, if within the 30 days the business actually cures the noticed violation and provides the consumer an express written statement that the violations have been cured and that no further violations shall occur, no action for individual statutory damages or class-wide statutory damages may be initiated against the business. Contact us should you need to exercise any of your rights under CCPA.
Lei Geral de Proteção de Dados (“LGPD”) is the Brazilian general data protection law, which applies to businesses that process the personal data of users located in Brazil. LGPD establishes rules on collecting, handling, storing and sharing of personal data managed by organizations.
According to the article 18 of LGPD, individuals have the following nine rights over their data processing:
- The right to receive a confirmation about processing of their personal data;
- The right to access their personal data;
- The right to correct incomplete, inaccurate or out-of-date personal data;
- The right to anonymize, block or delete unnecessary or excessive data or data processed in noncompliance with the provisions of LGPD;
- The right of portability of the data to another service or product provider, by means of an express request and subject to commercial and industrial secrecy, pursuant to the regulation of the controlling agency;
- The right to delete their personal data;
- The right to know who their data is being shared with (e.g., third parties, sub-processors, public, and private entities);
- The right to know how to deny consent and what would be the consequences of denying consent to collect personal data; and
- The right to revoke consent.
You have the right to know what personal information we keep about you. You may also modify or remove information about you that is stored by us by logging into your account and changing your information there, by submitting a request through our Exercise Your Rights webpage or by emailing us at firstname.lastname@example.org.