Privacy Policy

Effective date: March 8, 2026

TapMe Contact LLC (“TapMe”, “we”, “us”, or “our”) operates the tapme.contact website, account.tapme.contact customer portal, and related NFC device services (collectively, the “Service”). This Privacy Policy explains what information we collect, how we use it, and your rights regarding that information.

1. Information We Collect

1.1 Account Information

When you create an account, we collect your name, email address, and optionally your phone number, job title, company name, and profile photo. This information is used to create and manage your TapMe profile.

1.2 NFC Device Data

When you register or activate a TapMe NFC device, we record the device serial number, device type, and the use case it is programmed for. We do not store data written to the physical NFC chip beyond what is required to route taps to your profile.

1.3 Tap Analytics

For accounts with an active membership, we log tap events including timestamp, approximate geographic region (city/state derived from IP address), and device/browser type. We do not log the full IP address of tap recipients after geolocation is resolved. Raw tap logs are retained for 24 months.

1.4 Transaction Data

When you purchase a device or membership through our store, order details (items purchased, shipping address, order total) are retained for tax and accounting purposes. Payment card numbers are never stored on TapMe servers—all payment processing is handled by our PCI-compliant payment processor.

1.5 Usage and Technical Data

We collect standard web server logs (pages visited, referring URLs, browser type, operating system) to monitor service health and improve the product. These logs are retained for 90 days.

2. How We Use Your Information

We use collected information to:

• Provide, operate, and improve the Service
• Authenticate your identity when you log in
• Route NFC taps to your profile or programmed destination URL
• Send transactional emails (order confirmations, device activation, password reset)
• Provide tap analytics to membership holders
• Respond to support requests
• Meet legal, tax, and accounting obligations

We do not sell your personal information to third parties. We do not use your profile data for advertising purposes.

3. Profile Visibility

Your TapMe profile is publicly accessible to anyone who taps your NFC device or visits your profile URL. Only the information you add to your profile is shown publicly. You can remove or hide profile fields at any time from your account settings.

4. Data Sharing

We share data only in the following limited circumstances:

• Service Providers: We use trusted third-party providers for hosting (OVHcloud), authentication (FusionAuth), email delivery (Hostinger), and payment processing. These providers are contractually bound to handle data only as directed by us.
• Team Administrators: If you are a member of a Team account, your team administrator can see your device list, tap counts, and profile status.
• Legal Requirements: We may disclose information if required by law, court order, or to protect the rights and safety of TapMe or its users.

5. Data Retention

Account data is retained while your account is active and for 30 days after deletion to allow recovery. After that period, personal data is purged from production systems. Anonymized, aggregated analytics may be retained indefinitely for product improvement.

6. Your Rights

Depending on your location, you may have the right to:

• Access the personal data we hold about you
• Request correction of inaccurate data
• Request deletion of your account and associated data
• Object to or restrict certain processing activities
• Data portability (export of your profile and tap history)

To exercise these rights, email us at privacy@tapme.contact. We respond within 30 days.

7. Security

We implement industry-standard security measures including TLS encryption in transit, encrypted storage of sensitive fields, and access controls limiting employee access to production data. We are targeting SOC 2 Type II certification. No system is completely secure; we encourage you to use a strong password and enable two-factor authentication where available.

8. Children

The Service is not directed at children under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, contact us and we will delete it.

9. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the effective date above and, where appropriate, notify account holders by email. Continued use of the Service after changes take effect constitutes acceptance of the updated policy.

10. Contact

If you have questions about this Privacy Policy, contact us at: