1. Introduction
Welcome to the Tapp website, operated by Tapp ApS ("Tapp", "we", "us", "our"). We are committed to protecting the privacy of visitors to our website (www.usetapp.io). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website.
Tapp ApS is a company registered in Denmark (CVR 45241203) with its registered office at Store Kongensgade 59A, 4, 1264 København K, Denmark. We operate in the United Kingdom. You can contact us at hello@usetapp.io.
For the purposes of the General Data Protection Regulation (EU) 2016/679 ("GDPR") and the UK General Data Protection Regulation ("UK GDPR"), Tapp ApS is the data controller for personal data collected through this website.

2. What Information We Collect
We may collect the following types of personal data about you when you use our website:
* Contact Information: If you contact us via our contact form, email (hello@usetapp.io), or other means, we collect your name, email address, phone number (optional), company name (optional), and the content of your message.
* Technical Data: Information automatically collected when you visit our website, such as your IP address, browser type and version, operating system, device type, time zone setting, geographical location (country/city level), referral source, pages visited, and duration of visit.
* Cookie Data: Information collected through cookies and similar tracking technologies. Please see our Cookie Policy section below for details.
* Marketing Preferences: Information about your preferences for receiving marketing communications from us.

3. How We Collect Information
* Directly from You: When you fill out contact forms, subscribe to newsletters (if offered), or communicate with us directly.
* Automatically: Through server logs and the use of cookies and other tracking technologies when you navigate our website.

4. Legal Basis for Processing
We process your personal data based on the following legal grounds under GDPR and UK GDPR:
* Legitimate Interests: To operate and maintain our website, understand how it is used, improve our content and offerings, respond to your inquiries (when not leading directly to a contract), ensure network and information security, and prevent fraud.
* Consent: For placing non-essential cookies on your device, sending direct marketing communications (where required), or other processing where we explicitly ask for your consent. You can withdraw your consent at any time.
* Performance of a Contract: If your inquiry leads to discussions about entering into a service agreement with us.
* Legal Obligation: If required to comply with applicable laws or regulations.

5. How We Use Your Information
We use the information we collect for the following purposes:
* To operate, maintain, and improve our website.
* To respond to your comments, questions, and requests.
* To send you technical notices, updates, security alerts, and support messages.
* To monitor and analyze trends, usage, and activities in connection with our website.
* To personalize the website content.
* To protect against fraudulent, unauthorized, or illegal activity.
* For marketing purposes (with your consent where required), such as informing you about our services that may be of interest.
* To comply with legal obligations.

6. Cookies and Tracking Technologies
Our website uses cookies and similar technologies (e.g., pixels, web beacons) to distinguish you from other users, provide essential functionality, analyze performance, and potentially for targeting purposes.
* What are Cookies: Small text files placed on your device when you visit a website.
* Types of Cookies We Use: For specific information on active cookie types, please refer to the embedded cookie widget in the bottom left of our website.
* Strictly Necessary Cookies: Essential for the website to function (e.g., security, navigation). These do not require consent.
* Analytical/Performance Cookies: Allow us to recognize and count visitors and see how they move around our website. This helps us improve website performance (e.g., using Google Analytics, Meta Pixel). Requires consent in most jurisdictions.
* Functionality Cookies: Used to recognize you when you return to our website and remember your preferences (e.g., language). Requires consent.
* Targeting/Marketing Cookies: Record your visit, pages visited, and links followed to make advertising more relevant to your interests (e.g., using Meta Pixel). Requires consent.
* Your Choices: When you first visit our website, you will be presented with a cookie banner requesting your consent for non-essential cookies via our Consent Management Platform (Usercentrics). You can manage your cookie preferences at any time through the settings provided by Usercentrics or your browser settings. Blocking some types of cookies may impact your experience on the site.

7. Data Sharing and Disclosure
We do not sell your personal data. We may share your information with the following categories of third parties:
* Service Providers: Companies that provide services on our behalf, such as website hosting (Framer), analytics providers (Google Analytics, Meta Pixel), email delivery services, and IT support. These providers are contractually obligated to protect your data and use it only for the purposes we specify.
* Legal Requirements: If required by law, regulation, legal process, or governmental request, or to protect the rights, property, or safety of Tapp ApS, our users, or others.
* Business Transfers: In connection with any merger, sale of company assets, financing, or acquisition of all or a portion of our business by another company. We will notify you if such a transfer occurs and any changes to this policy.

8. International Data Transfers
Your information may be transferred to, stored, and processed in countries outside of the European Economic Area (EEA) or the UK, including countries that may not have data protection laws equivalent to those in your jurisdiction (e.g., the United States, where some of our service providers may be located).
When we transfer your data internationally, we ensure appropriate safeguards are in place, such as:
* Transferring to countries deemed adequate by the European Commission or the UK Government.
* Using Standard Contractual Clauses (SCCs) approved by the European Commission or the UK Information Commissioner's Office (ICO).
* Implementing supplementary measures as necessary.
Details of these safeguards can be provided upon request.

9. Data Security
We implement appropriate technical and organizational measures to protect your personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access. These measures are designed to ensure GDPR compliance and handle user data securely, and include, for example, measures like SSL/TLS encryption for data in transit, access controls to limit data access to authorized personnel, and secure server infrastructure. However, no internet transmission is completely secure, and we cannot guarantee absolute security.

10. Data Retention
We retain your personal data only for as long as necessary to fulfil the purposes for which we collected it, including for the purposes of satisfying any legal, accounting, or reporting requirements.
* Contact form data: Retained for up to 36 months after the inquiry is resolved, unless needed longer for legal reasons or an ongoing relationship.
* Analytics data: Retained in an aggregated or anonymized form for longer periods. Cookie data retention varies by cookie type (see Cookie Policy/Settings via Usercentrics).
We will securely delete or anonymize your data when it is no longer needed.

11. Your Data Protection Rights
Under GDPR and UK GDPR, you have the following rights regarding your personal data:
* Right to Access: Request a copy of the personal data we hold about you.
* Right to Rectification: Request correction of inaccurate or incomplete data.
* Right to Erasure ('Right to be Forgotten'): Request deletion of your data under certain conditions.
* Right to Restrict Processing: Request limitation of how we use your data under certain conditions.
* Right to Data Portability: Request transfer of your data to you or another controller in a structured, commonly used format (applies to data processed based on consent or contract).
* Right to Object: Object to processing based on legitimate interests or for direct marketing purposes.
* Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent.
To exercise these rights, please contact us at hello@usetapp.io or via mail at our registered address. We may need to verify your identity before processing your request.

12. Children's Privacy
Our website is not intended for children under the age of 13, and we do not knowingly collect personal data from children under 13. If we become aware that we have collected data from a child under 13 without parental consent, we will take steps to delete it.

13. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of any significant changes by posting the new policy on this page and updating the "Last Updated" date. We encourage you to review this policy periodically.

14. Contact Us
If you have any questions or concerns about this Privacy Policy or our data practices, please contact us at:
Email: hello@usetapp.io
Postal Address: Tapp ApS, Store Kongensgade 59A, 4, 1264 København K, Denmark

15. Supervisory Authority
You have the right to lodge a complaint with a supervisory authority if you believe our processing of your personal data infringes data protection laws.
* In Denmark: Datatilsynet (www.datatilsynet.dk)
* In the UK: Information Commissioner's Office (ICO) (www.ico.org.uk)
We would appreciate the chance to address your concerns first, so please contact us initially.