Privacy Policy

2. INFORMATION WE COLLECT

2.1 Information from Business Customers (Purchasers)

When you purchase our NFC cards or Google Review standees, we collect:

• Personal Information: Full name, email address, phone number
• Business Information: Company/business name
• Billing Information: Billing address
• Shipping Information: Shipping/delivery address
• Account Information: Username, password (encrypted), and account preferences if you create an account

2.2 Information from End Users (NFC Card Tappers)

When someone taps your TapSera NFC card or standee, we collect minimal technical information through our intermediate landing page (review.tapsera.com) for analytics purposes only:

• Technical Data: IP address, device type, browser type, operating system
• Usage Data: Timestamp of tap, number of taps per card
• Demographic Data: General usage patterns and statistics

2.3 Website Usage Information

When you visit our website, we automatically collect:

• Cookies and Tracking Technologies: Session cookies, preference cookies, and analytics cookies
• Analytics Data: Page views, time spent on site, navigation paths, referring websites
• Device Information: Browser type, device type, IP address, operating system

2.4 Information You Provide

• Contact Form Submissions: Name, email, phone number, and message content
• Customer Support: Any information you provide when contacting our support team

3. HOW WE USE YOUR INFORMATION

3.1 Business Customers

We use your information to:

• Process and fulfill your orders
• Create and manage your user account
• Communicate about your orders, including shipping updates
• Provide customer support and respond to inquiries
• Send important account and service notifications
• Send marketing communications (only with your consent)
• Improve our products and services
• Comply with legal obligations
• Prevent fraud and ensure transaction security

3.2 End User Data

We use aggregated, non-personal data from NFC card taps to:

• Provide tap count statistics to our business customers
• Analyze product usage and performance
• Improve our NFC technology and redirect functionality
• Generate demographic insights for business customers

3.3 Website Analytics

We use website data to:

• Analyze website traffic and user behavior
• Improve website functionality and user experience
• Optimize marketing campaigns
• Debug technical issues

4. HOW WE SHARE YOUR INFORMATION

We do not sell, rent, or trade your personal information to third parties. We may share your information only in the following circumstances:

4.1 Service Providers

We share information with trusted third-party service providers who assist us in operating our business:

• Stripe: Payment processing (processes payment card information; we do not store full card details)
• SendGrid: Email communication services
• GoDaddy: Website hosting services
• Google Analytics: Website analytics and performance tracking
• Facebook: Advertising and analytics through Facebook Pixel

These service providers are contractually obligated to protect your information and use it only for the purposes we specify.

4.2 Legal Requirements

We may disclose your information if required to do so by law or in response to:

• Valid legal processes (court orders, subpoenas, warrants)
• Requests from law enforcement or government authorities
• Protection of our rights, property, or safety
• Investigation of potential fraud or security issues

4.3 Business Transfers

In the event of a merger, acquisition, sale, or transfer of assets, your information may be transferred to the acquiring entity.

5. COOKIES AND TRACKING TECHNOLOGIES

5.1 Types of Cookies We Use

• Essential Cookies: Necessary for website functionality, user authentication, and security
• Analytics Cookies: Google Analytics to understand how visitors use our website
• Marketing Cookies: Facebook Pixel for targeted advertising and campaign measurement
• Preference Cookies: Remember your settings and preferences

5.2 Managing Cookies

You can control cookies through your browser settings. However, disabling cookies may limit your ability to use certain features of our website. To opt out of Google Analytics, visit: https://tools.google.com/dlpage/gaoptout

6. DATA RETENTION

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

• Business Customer Data: Retained for the duration of your account plus 7 years for accounting and legal compliance purposes
• Order Information: Retained for 7 years to comply with tax and business regulations
• NFC Tap Analytics: Retained for 2 years for statistical analysis
• Marketing Communications: Retained until you unsubscribe or request deletion

You may request deletion of your data at any time by contacting us at info@techvetrix.com.

7. DATA SECURITY

We implement industry-standard security measures to protect your personal information:

• Encryption: All sensitive data is encrypted in transit using SSL/TLS protocols
• Secure Storage: Data at rest is encrypted using industry-standard encryption
• Access Controls: Strict access controls limit who can view personal information
• Regular Audits: We conduct regular security assessments and updates
• Secure Payment Processing: Payment information is processed securely through Stripe's PCI-DSS compliant systems

Despite our security measures, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security of your information.

8. YOUR PRIVACY RIGHTS

8.1 Rights Under Canadian Law (PIPEDA)

As a Canadian company, we comply with the Personal Information Protection and Electronic Documents Act (PIPEDA). You have the right to:

• Access: Request access to your personal information
• Correction: Request correction of inaccurate information
• Withdrawal of Consent: Withdraw consent for marketing communications
• Deletion: Request deletion of your personal information (subject to legal retention requirements)
• Complaint: File a complaint with the Privacy Commissioner of Canada

8.2 Rights Under GDPR (European Users)

If you are in the European Economic Area, you have additional rights:

• Right to Access: Obtain confirmation of whether we process your data and access to your data
• Right to Rectification: Correct inaccurate or incomplete personal data
• Right to Erasure: Request deletion of your personal data ("right to be forgotten")
• Right to Restriction: Request restriction of processing
• Right to Data Portability: Receive your data in a structured, machine-readable format
• Right to Object: Object to processing of your personal data
• Right to Withdraw Consent: Withdraw consent at any time

8.3 Rights Under CCPA (California Users)

If you are a California resident, you have the right to:

• Know: Request information about the categories and specific pieces of personal information we have collected
• Delete: Request deletion of your personal information
• Opt-Out: Opt-out of the sale of personal information (Note: We do not sell personal information)
• Non-Discrimination: Not be discriminated against for exercising your privacy rights

8.4 How to Exercise Your Rights

To exercise any of these rights, please contact us at:

• Email: info@techvetrix.com
• Phone: +1-833-307-6555
• Mail: 34 Meltwater Crescent, Brampton, ON L6P 3V8, Canada

We will respond to your request within 30 days (or as required by applicable law).

9. MARKETING COMMUNICATIONS

9.1 Opt-In

We will only send you marketing emails if you have explicitly opted in to receive them. This may occur when you:

• Create an account and check the marketing consent box
• Make a purchase and consent to receive promotional emails
• Subscribe through a sign-up form

9.2 Opt-Out

You can unsubscribe from marketing communications at any time by:

• Clicking the "unsubscribe" link in any marketing email
• Contacting us at info@techvetrix.com
• Updating your account preferences

Please note that you will continue to receive transactional emails (order confirmations, shipping updates, account notifications) even if you opt out of marketing communications.

10. CHILDREN'S PRIVACY

Our services are not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at info@techvetrix.com, and we will promptly delete such information.

11. INTERNATIONAL DATA TRANSFERS

Your information is processed and stored in Canada. If you are accessing our services from outside Canada, please note that your information will be transferred to, stored, and processed in Canada, where our servers and central database are located. Canada has been recognized by the European Commission as providing adequate data protection.

By using our services, you consent to the transfer of your information to Canada.

12. THIRD-PARTY LINKS

Our website may contain links to third-party websites, including Google Review pages. This Privacy Policy does not apply to those websites. We are not responsible for the privacy practices of third-party websites. We encourage you to review the privacy policies of any third-party sites you visit.

13. HOW NFC CARD REDIRECT WORKS

13.1 TapSera NFC Functionality

When an end user taps a TapSera NFC card or standee:

1. The NFC chip initiates a connection with the user's device
2. The device is redirected to our intermediate landing page (review.tapsera.com)
3. Our system logs minimal technical information (IP address, device type, timestamp) for analytics
4. The user is immediately redirected to the Google Review page configured by the business customer
5. No personal information is collected during this process

13.2 Purpose of Intermediate Page

The intermediate landing page allows us to:

• Track tap counts and usage statistics for our business customers
• Ensure the NFC redirect is functioning properly
• Provide analytics and demographic insights
• Improve our product performance

14. DATA BREACH NOTIFICATION

In the event of a data breach that poses a risk to your rights and freedoms, we will:

• Notify affected individuals within 72 hours of becoming aware of the breach (as required by GDPR)
• Notify relevant authorities as required by law
• Provide information about the nature of the breach and steps being taken
• Offer guidance on protective measures you can take

15. CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by:

• Posting the updated policy on our website with a new "Last Updated" date
• Sending an email notification to registered users (for significant changes)
• Displaying a prominent notice on our website

Your continued use of our services after any changes indicates your acceptance of the updated Privacy Policy.

16. CONTACT US

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

17. CONSENT

By using TapSera's website, purchasing our products, or interacting with our services, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy.