When developing 1tap, we knew that we were carrying the great responsibility of winning and maintaining your trust. For this reason, privacy and data security have always been on the top of our priority list. We fully commit that we will never disclose, sell or share any Personal Information that you may provide during the interaction with our Service to non-authorised third parties or as otherwise described below.
1tap is a global company, offering a global service to its users and business partners. This Policy is drafted with reference to both the Data Protection Act 1998 and the EU General Data Protection Regulation (from 25 May 2018) (together, the “Data Protection Legislation”). 1tap believes that compliance with the data protection principles outlined in the Data Protection Legislation creates a strong framework to ensure that individuals’ Personal Information is secured, protected and used appropriately.
When we refer to 1tap, “we” or “us” in this Policy, we are referring to 1tap itself together with, as applicable, the 1tap Products. The Policy will address how 1tap uses, transfers and stores the personal data (as defined in the Data Protection Legislation) and any other information (collectively, “Personal Information”) we collect about individuals (“Users”) when they access our websites at the following domains: 1tapreceipts.io, 1tapreceipts.com, 1tap.io, 1taptax.com and 1taptax.io (together, the “Site”), use any of 1tap’s mobile and tablet applications (the “Apps”) or use any of our Services or products, including via the Site (collectively, the “1tap Products”), or otherwise have their Personal Information submitted to us.
By using, and submitting information and documents, to the Apps and via the Site, visiting the Site, as well as sharing written materials distributed to you via our communication channels, which we manage such as social media, customer support, newsletter, etc. (“Services”), and/or agreeing to our Terms and Conditions, you are accepting the practices and guidelines set out in this document (the “Policy”), so please take a few minutes to read it over carefully.
For the purposes of the Data Protection Legislation, where we are the party that determines the purposes for which and the manner in which any personal data is processed, the data controller of any such personal data comprised in Personal Information is 1Tap Limited of 154-160 Fleet Street, London EC4A 2DQ 1 (“1tap”). However, we may also collect or be provided with certain personal data comprised in Personal Information pursuant to our agreements with our customers and partners who remain the data controller of that personal data – in this case, we act as a data processor of the relevant customer or partner. Where we act as a data processor of any personal data comprised in Personal Information, we will process such personal data in accordance with this Policy, our Terms and Conditions and the relevant data controller’s instructions.
Two areas that we recommend our Users particularly focus on are the sections titled:
All the Personal Information 1tap stores about its Users is stored on servers based in the European Economic Area (“EEA”) by Amazon Web Services. If the location of our servers changes in the future, we will update this Policy.
Users should note that, although their Personal Information is stored in the EEA, 1tap’s data extraction team, certain members of which are based outside the EEA, receive access to the content uploaded via the 1tap Products. Members of our data extraction team are not given access to any Personal Information beyond any data which is outlined on any submissions uploaded via the Apps or the Services – for example, they may be able to see a User’s name or address that is present on an invoice, but they will not have access to any other information about that User. 1tap imposes strict contractual obligations on its data extraction team to ensure data on any submissions uploaded by Users is secure, protected and treated in accordance with this Policy.
As a modern company, 1tap uses various cloud-based systems and tools, including certain customer relationship management and marketing automation services (“Tools”) to allow us to provide the 1tap Products to our Users quickly and efficiently. For example, to help us manage our client relationships, we use software provided by internationally renowned companies such as Salesforce (NYSE: CRM) and HubSpot (NYSE: HUBS). As part of our use of the Tools, certain limited client and User profile information is sent to the providers of the Tools, some of whom are based outside the EEA. Where Users’ personal data is sent by 1tap to Tool providers based outside the EEA, we ensure such transfers are conducted in accordance with 1tap’s obligations under the Data Protection Legislation.
By accepting this Policy, Users’ agree to the transfer, processing, and storage of their Personal Information outside the EEA in accordance with the practices described in this International Data Transfer section of this Policy. We will take all steps reasonably necessary to ensure that such Personal Information is treated securely and in accordance with this Policy.
To deliver the full 1tap Services to you we need some data. We use multiple sourcing strategies to obtain, analyze, store, and manage this data.
We collect the following Personal Information:
Information provided when Users sign up on the Site or an App. When Users register for a subscription through the Site or an App (or update any information previously given to us), we collect personal details which can include: names, postal addresses, email addresses, phone numbers, fax numbers, usernames, passwords and demographic information (for example, a User’s occupation).
Information provided through the use of the 1tap Products. When using the 1tap Products, Users may provide us with additional Personal Information that might be contained on any receipts, invoices and other information (such as earnings information) that they submit to us through the 1tap Products. Users may also provide us with Personal Information which relates not only to Users themselves, but also certain third party individuals. We will treat such data in accordance with this Policy. Users may also provide us with certain Personal Information when they report a problem with the 1tap Products or send us any other information either directly on the Site or via the Apps.
Information Users submit to blogs, boards, or discussion forums. If Users choose to participate in commenting on any blogs or posting on our board or forums on the Site or via an App, they may submit certain Personal Information to us. Please also note that Personal Information that Users submit in this way can be read, collected, or used by other Users. As Users control what they submit, we are not responsible for the information (including Personal Information) they choose to submit to blogs, discussion boards or forums we host. We urge Users to be very careful when deciding to submit their Personal Information in this fashion.
Information we get from others. We may get Personal Information about Users from other sources. As an example of how we might get Personal Information other than via the Apps or the Site – we might collect certain information Users have uploaded to their accounting software when any 1tap Product is integrated with that software. We may add this to information we get from this Site or the Apps or otherwise through Users’ use of the 1tap Products. Where we obtain such Personal Information from third party sources, if we combine or associate that Personal Information from other sources with Personal Information that we collect through the Services, we will treat the combined information as Personal Information in accordance with this Policy.
Information automatically collected through the Site and the Apps. Each time Users visit the Site or use the Apps we may automatically collect the following information:
Testimonials and Feedback. 1tap does not post any Personal Information relating to its Users along with testimonials unless we have been given permission to do so by the User. We get in touch with our Users to confirm that they are happy for their Personal Information to be posted on our Site before anything is posted to request their permission to do so. Users may submit or ask us to withdraw a testimonial by contacting us email@example.com.
We may log and collect certain Personal Information using “Cookies”. Cookies are small data files stored on Users’ hard drives by a website. We may use both session Cookies (which expire once Users close their web browser) and persistent Cookies (which stay on Users’ computers or devices until they delete them) to provide Users with a more personal and interactive experience on our Site and the Apps. This type of information is collected to distinguish different Users of the Apps or the Site. This helps us to provide Users with a good experience when they use the Apps or browse the Site. It also allows us to improve the Apps and the Site to make them more useful and to tailor each User’s experience to meet their special interests and needs.
Please note that the Cookies that we may use include both Cookies we place and those which are placed by our third party partners – these are commonly referred to as “third party Cookies”. Third-party Cookies are Cookies that are set by a domain other than the one being visited by the User – for example, if an individual visit the Site and a company other than 1tap sets a cookie through the Site, this would be a third party cookie.
Some of the Cookies we place are essential to allow us to provide certain aspects of the Site and the Apps – for example, some are necessary to enable Users to log into certain secure areas. Users will typically be able to remove and reject Cookies from our Site or the Apps by changing their settings. Many browsers and devices are set to accept Cookies until you change your settings. If Users remove or reject our Cookies, it could affect how our Site or the Apps work for them.
We may, from time to time, offer certain location-based services. If you elect to use such location-based services, we must periodically receive your location in order to provide such location-based services to you. By using the location-based services, you authorise us to: (i) locate the device on which you have installed a 1tap App; (ii) record, compile and display your location; and (iii) publish your location to third parties designated by you by means of location publication controls available within the applications (for example, settings, user preferences). As part of the location-based services, we may also collect and store certain information about the users who elect to use such location-based services, such as a device ID. This information will be used to provide you the location-based services.
Collecting Personal Information allows 1tap to offer a more customized, secure, and efficient service to our Users. Here’s a brief description of how we use Personal Information:
We will take all steps reasonably necessary to ensure that Personal Information is treated securely and in accordance with this Policy and, where it applies, the Data Protection Legislation.
The Data Protection Legislation requires that we have a clear legal basis for processing your Personal Information. To be open and transparent with you in respect of our use of your Personal Information, here are the legal basis for our processing:
We do not use your Personal Information for the purposes of automated decision-making or profiling as those terms’ meanings apply in the context of the Data Protection Legislation. However, we may do so in order to fulfill obligations imposed by law, in which case we will inform of any such processing and provide you with an opportunity to object.
Sharing of Personal Information
1tap does not use Users’ Personal Information to introduce them to third parties.
However, we may share certain Personal Information as follows:
When we use the term “Anonymous Data”, we are referring to data and information that does not permit an individual person to be identified or identifiable, either alone or when combined with any other information available to a third party – this could include data derived from Personal Information which is aggregated and compiled in anonymous form, Analytics Information and information collected from Cookies.
We may create Anonymous Data records from the Personal Information we receive about our Users and other individuals whose Personal Information is submitted to us. We make Personal Information into Anonymous Data by excluding information (such as a User’s name) that makes the data personally identifiable to them. We use this Anonymous Data to analyze requests and usage patterns so that we may enhance the 1tap Products and improve Site navigation and the functionality of the Apps.
We may use Anonymous Data for a number of purposes, which could include disclosing that Anonymous Data to third parties.
Our Services were developed, marketed and intended for use by sole traders only (legally accepted at an age no less than 18). We do not knowingly engage in any data collection, processing or storage of Users under 18. Our communication, marketing, and sales activities are never aimed at children.
In the event that we identify a User who is under-age, we will take all the reasonable measures to prevent this person from continuing their interaction with the Service, and delete the information.
If you are 18 or under, please do not access or use our Services without parental consent and supervision. If you are a parent or a legal guardian or concerned third party of a child under 18 who interacted with the Services, please alert us via firstname.lastname@example.org.
Personal Information on 1tap is protected by an email address and password login. Users are responsible for keeping their password secret and should be careful to log out of their accounts after they have finished any given session, especially if they are using a public computer. The security of Personal Information is important to us. When Users enter sensitive information on our registration forms (such as their name, mailing address, or credit card information), we encrypt that information using 256-bit secure socket layer technology.
Only employees or service providers that need to access Personal Information (such as customer service representatives or our data processing teams) will have access to Personal Information. 1tap takes reasonable steps to ensure that it keeps all employees informed and reminded of privacy and security practices.
We seek to use reasonable organizational, technical and administrative measures to protect Personal Information within our organization. Unfortunately, no transmission or storage system can be guaranteed to be completely secure, and transmission of information via the internet is not completely secure. If a User has any reason to believe that their interaction with us is no longer secure (for example, if they feel that the security of their account might have been compromised), they should notify us of this problem immediately by contacting us at email@example.com. If we learn of a security system breach, we will notify you electronically and take all the necessary protective measures to eliminate the inconvenience. To receive the free written notice of security breach, please apply at firstname.lastname@example.org.
We note that retention time can also impact the security of Personal Information and should be considered. In compliance with our obligations under the Data Protection Legislation, we only retain Users’ Personal Information for so long as necessary to meet the purposes for which it was collected.
The Data Protection Legislation gives you certain rights in respect of your Personal Information (these are listed below). 1tap has put in place policies and procedures to ensure that it respects those rights.
If you wish to exercise any of these rights, please contact us at email@example.com and make clear: (i) what Personal Information is concerned; and (ii) which of the rights below you would like to enforce.
We cannot be responsible for any violation of other people’s privacy if you misused their Personal Information. In this case, you are responsible for the violation of misrepresentation.
The majority of data is anonymised for statistical and analytical purposes so that we can learn more about our Users. However, with your consent, some contact data is used for marketing communications. All the direct marketing communication materials (emails, social media messages, posts and automated referrals, SMSs, etc.) that we send to you, have an option to restrain us from sending more direct marketing communication materials your way.
Users may always opt not to disclose certain Personal Information, but that may mean that they will not be able to access certain 1tap Products. For example, a User’s name and email address are necessary to complete the registration process. If Users have a complaint about this Policy, please send it via email to firstname.lastname@example.org. Users’ complaints will be filed and reviewed by a qualified member of the 1tap team. If required, Users will receive a response to their message as soon as possible.
1tap may amend or change this Policy at its sole discretion at any time. The use of the Personal Information we collect at any given point is subject to the Policy in effect at the time of collection. Users should periodically check the Policy to make sure they understand the current Policy. When we do make changes to the Policy, we will change the Last Updated date at the top of this document.
1tap will notify Users by sending an email to the email address they have registered with their account, or by posting a prominent notice on the Site or the Apps before we implement any material changes regarding our privacy practices or this Policy.
Although we do not use Users’ Personal Information to send them marketing emails without their consent, we may still send non-marketing emails. Non-marketing emails include emails about Users’ accounts and our business dealings with them – for example, if any part of the 1tap Products is temporarily disrupted or suspended or if there are any upcoming features or developments to the 1tap Products we need to communicate. In addition, please note that all Users will receive an automatic welcome email necessary to complete their registration process.
If Users do not wish to receive these communications, they have the option of deactivating their account. Users may request that their account be deleted or deactivated from 1tap by sending an email email@example.com.
Our Site may contain links to and from the websites of our partner networks, advertisers, and affiliates. If Users follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Users should please check these policies before they submit any Personal Information to these websites. The links to third party websites or locations are for convenience only and do not signify our endorsement of such third parties or their products, content, or websites. If Users disclose information to others or authorize us to do the same under this Policy, the use and disclosure restrictions contained in this Policy will not apply to any third party. We do not control the privacy policies of third parties, and Users are subject to the privacy policies of those third parties where applicable.
We ask that Users do not send us and that Users not disclose, any sensitive Personal Information about themselves or anyone else (e.g., social security numbers, information related to racial or ethnic origin, political opinions, religion or other beliefs, health, biometrics or genetic characteristics, criminal background or trade union membership) on or through the 1tap Products or otherwise to us.
Please contact us with any questions, concerns, and comments about this Policy, your Personal Information, data security, or your privacy setting choices at firstname.lastname@example.org. We are committed to promptly resolve any questions and concerns that you may have.