Privacy Policy

This Privacy Policy explains how TappRFID collects, uses, and protects information when you use the TappRFID app, website, and related services.

1. Information We Collect

Depending on which features you use, we may collect the following:

• Account and billing details: subscription status and purchase metadata managed through Apple.
• App usage data: basic diagnostics needed to maintain reliability, performance, and security.
• Routine data: tasks, logs, tags, and completion history you create in the app.
• Support communications: information you provide when you contact us.

2. How We Use Information

We use information to:

• provide and operate app features;
• process subscriptions and trial access;
• improve app quality and fix issues;
• respond to support requests; and
• protect against abuse, fraud, and security risks.

3. Local-First and Optional Sync

TappRFID is designed with a local-first approach. Most routine data is stored on your device by default. If you enable cloud sync or integrations, relevant data may be transmitted to deliver those features.

4. Home Assistant and HACS Integrations

TappRFID offers optional integration with Home Assistant. If you enable this feature, relevant task and log data, identifiers, states, timestamps, and service-call metadata may be exchanged between TappRFID services and your Home Assistant environment to provide integration features.

Installation and updates for integration components may be performed through HACS or other third-party channels. Those third-party tools and platforms (including GitHub-hosted repositories) process data under their own terms and privacy policies.

5. AWS Infrastructure and Storage

When cloud features are enabled, TappRFID may use Amazon Web Services (AWS) infrastructure to store and process data required to deliver those features (for example, cloud-synced routine data, account-linked records, and service logs).

AWS acts as a service provider that processes data on our behalf. Data may be stored in AWS-managed storage services and protected using industry-standard security controls such as encryption in transit and access controls.

6. AWS SES Email Delivery

We may use Amazon Simple Email Service (AWS SES) to send service-related emails, such as account, billing, trial, support, or policy-update communications.

To deliver email, AWS SES may process your email address and delivery metadata (for example, send status, bounce, and complaint events) so messages can be delivered reliably and abuse can be prevented.

7. Sharing and Disclosure

We do not sell your personal information. We may share limited data with service providers that help us operate the product (for example, app distribution, payments, infrastructure, and email delivery), or where disclosure is required by law.

8. Data Retention

We retain information for as long as needed to provide the service, comply with legal obligations, resolve disputes, enforce agreements, and maintain security and abuse-prevention records.

If you request deletion, we will delete or de-identify eligible personal data, subject to legal, tax, accounting, security, and backup-retention requirements.

9. Your Choices and Opt-Out Options

You can generally:

• delete app data from your device;
• disable optional features such as cloud sync and integrations;
• disconnect optional Home Assistant integrations from app settings and in your Home Assistant instance;
• manage subscriptions through your Apple account settings;
• unsubscribe from non-essential emails using an unsubscribe link (where available); and
• opt out of push notifications through your device settings.

Please note that essential service emails (for example, billing, security, and important policy or account notices) may still be sent when needed to operate the service.

10. Access, Export, and Deletion Requests

You may request access to, correction of, export of, or deletion of your cloud-stored personal data. To submit a request, use the support contact details in the TappRFID App Store listing and include enough information for us to verify your request.

We will process verified requests within a reasonable timeframe, typically within 30 days, unless a longer period is required by law or operational constraints.

11. Third-Party Services

TappRFID may rely on third-party platforms such as Apple App Store services, AWS infrastructure, AWS SES email delivery, Home Assistant, HACS, GitHub-hosted integration repositories, and optional integration providers. Their data handling practices are governed by their own privacy policies.

12. Security

We use reasonable technical and organizational safeguards to protect information. No method of storage or transmission is completely secure, so we cannot guarantee absolute security.

13. Children's Privacy

TappRFID is not directed to children under 13, and we do not knowingly collect personal information from children under 13.

14. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the date above and publish the revised policy on this page.

15. Contact

For privacy questions or data-rights requests, use the support contact details provided in the TappRFID App Store listing.