Legal

Privacy Policy

How we collect, use and protect your data — in plain English, not lawyer-speak.

Last updated: May 22, 2026
Privacy Terms of Service Refund Policy Contact us

The short version

  • We collect only what we need to run TAPLY for you — your account info, what's on your digital business card, and basic usage analytics.
  • Your leads and contacts are yours. We don't sell them. We don't mine them. We don't share them with advertisers.
  • We use a small number of trusted vendors (hosting, email, payments) — listed in Section 5.
  • You can export or delete your data anytime from your dashboard, or by emailing privacy@taply.app.

01 Who we are & what this covers

This Privacy Policy explains how TAPLY ("we", "us", "our") handles your personal information when you visit our website, sign up for an account, or use our products and services (the "Services").

TAPLY is operated by TAPLY Ltd., headquartered at Banani, Dhaka, Bangladesh. If you have questions or want to exercise your privacy rights, contact us at privacy@taply.app.

By using TAPLY, you agree to the practices described here. If you don't agree, please don't use the Services.

02 Information we collect

In plain English: Account info you give us, content you put on your card, and basic analytics about how you use the app.

2.1 Information you give us

  • Account data: name, email, password (hashed), phone number, company.
  • Profile content: the information you put on your digital business card — photo, bio, contact links, social profiles, services.
  • Billing info: for paid plans, we collect payment details via our payment processor (we don't store full card numbers on our servers).
  • Support messages: emails, chat messages and form submissions you send us.

2.2 Information we collect automatically

  • Usage data: profile views, taps, link clicks, lead-form submissions — so you (and we) can understand performance.
  • Device & log data: IP address, browser type, OS, timestamps, referring URLs.
  • Cookies & similar tech: see Section 6.

2.3 Information from third parties

If you sign up using a social provider (e.g. Google, LinkedIn) we receive the basic profile info you authorize that provider to share.

03 How we use information

We use your information to:

  • Create and operate your account and digital profile.
  • Deliver core features — NFC sharing, QR codes, lead capture, analytics, team management.
  • Send essential service emails (account confirmations, security alerts, billing receipts).
  • Provide customer support.
  • Improve and develop new features based on aggregated, non-identifying usage patterns.
  • Detect, prevent and respond to fraud, abuse and security incidents.
  • Comply with legal obligations.
  • Send marketing emails — only if you opted in, and you can unsubscribe anytime.

We do not sell your personal information. We do not share your leads or contacts with advertisers. We do not use your customer data to train third-party AI models.

05 When we share data

We share data only in these limited cases:

  • Service providers — vendors we use to operate TAPLY, bound by data-processing agreements. Including: cloud hosting, transactional email, payment processing, analytics, customer support tooling.
  • Your team / company admin — if you join a company account on TAPLY, your profile and lead data are visible to your company's admins.
  • Legal & safety — when required by law, court order, or to protect rights, safety or property.
  • Business transfers — if TAPLY is acquired or merges, your data may transfer to the new entity. We'll notify you and your data remains protected by this policy.

We do not sell personal data, period.

06 Cookies & tracking

We use a minimal set of cookies and similar technologies:

  • Essential cookies: required to log you in and keep your session secure.
  • Preference cookies: remember your settings (theme, language).
  • Analytics cookies: aggregate, non-identifying usage stats so we can improve the product.

You can disable non-essential cookies in your browser settings or via our cookie banner.

07 How we keep data safe

In plain English: Encrypted in transit, encrypted at rest, access on a need-to-know basis.
  • TLS encryption in transit (HTTPS everywhere).
  • At-rest encryption for sensitive data in our databases.
  • Passwords hashed with industry-standard algorithms — we never see them in plain text.
  • Role-based access for our team; only authorized personnel can access production data.
  • Regular security reviews, dependency updates and vulnerability monitoring.

No system is 100% secure. If a breach affects you, we'll notify you and the relevant authorities as required by law.

08 How long we keep data

  • Account & profile data: for as long as your account is active. After you delete your account, we remove personal data within 30 days (except where legal/financial retention obligations apply).
  • Lead data: kept while your account is active or until you delete individual leads.
  • Billing records: retained as required by tax and accounting laws (typically up to 7 years).
  • Backups: data in encrypted backups is purged on our backup rotation schedule (max 90 days).

09 International data transfers

TAPLY is operated from Bangladesh. We use service providers based in other countries, including the EU, UK and US. Where data is transferred outside your country, we rely on appropriate safeguards such as Standard Contractual Clauses or recognized adequacy mechanisms.

10 Your privacy rights

Depending on where you live, you may have the right to:

  • Access a copy of your personal data.
  • Correct inaccurate or incomplete information.
  • Delete your data ("right to be forgotten").
  • Restrict or object to certain processing.
  • Port your data to another service (export).
  • Withdraw consent at any time, where processing is based on consent.
  • Lodge a complaint with a data protection authority.

Most of these you can do yourself from your account settings. For anything else, email privacy@taply.app — we respond within 30 days.

California residents: the CCPA/CPRA grants the rights above plus the right to know about data sales (we don't sell data) and the right to non-discrimination for exercising your rights.

11 Children's privacy

TAPLY is not intended for children under 16. We do not knowingly collect personal data from children. If you believe a child has provided us data, contact us at privacy@taply.app and we will delete it.

12 Changes to this policy

We may update this Privacy Policy from time to time. If we make material changes, we'll notify you by email or via a prominent notice in the app before the changes take effect. The "Last updated" date at the top of this page always reflects the latest revision.

13 Contact us

Questions, concerns, or want to exercise a right? We're real humans and we read every message.

Send us a message Read Terms of Service