Privacy Policy

TapToGo (“we”, “us”) operates taptogo.io. This Privacy Policy explains what data we collect, why, and how we handle it.

1. Data we collect

• Account data: email address and password hash, provided via Supabase Auth.
• Content you create: bio pages, links, QR codes, custom themes, and any text or images you upload.
• Analytics: when a visitor clicks one of your links or views your bio page, we record the timestamp, anonymised IP-derived country/city, browser, operating system, language, referrer, and any UTM parameters.
• Billing: if you subscribe to Pro, Stripe stores your payment details. We never see your card number; we only store your Stripe customer and subscription IDs.

2. How we use it

• To provide the service: render your bio page, route smart links, generate analytics.
• To process subscription payments and prevent fraud (via Stripe).
• To send transactional account email (login, billing). No marketing email without consent.

3. Sharing

We do not sell personal data. We share data only with the sub-processors required to run the service: Supabase (database, auth), Stripe (payments), Railway (hosting), and Cloudflare (DNS/CDN).

4. Cookies

We use a single first-party cookie/session for authentication. We do not load third-party advertising or tracking cookies.

5. Your rights

You can export, correct, or delete your data at any time from the dashboard, or by emailing hi@taptogo.io. Deletion is permanent and propagates to all sub-processors within 30 days.

6. Retention

Account and content data: kept until you delete your account. Click and scan analytics: kept for 24 months, then aggregated. Billing records: retained as required by tax law (up to 10 years).

7. Contact

Questions? Email hi@taptogo.io.

← Back to TapToGo