When developing 1tap, we knew that we were carrying the great responsibility of winning and maintaining your trust. For this reason, privacy and data security have always been on the top of our priority list. We fully commit that we will never disclose, sell or share any personal data (as defined in the Data Protection Legislation referenced in the following paragraph) that you may provide during the interaction with our Service to non-authorised third parties or as otherwise described below.
1tap is a global company, offering a global service to its users and business partners. This Policy is drafted with reference to both the Data Protection Act 1998 and the EU General Data Protection Regulation (from 25 May 2018) (together, the "Data Protection Legislation"). 1tap believes that compliance with the data protection principles outlined in the Data Protection Legislation creates a strong framework to ensure that individuals’ personal data is secured, protected and used appropriately.
When we refer to 1tap, “we” or “us” in this Policy, we are referring to 1tap itself together with, as applicable, the 1tap Products. The Policy will address how 1tap uses, transfers and stores the personal data (as defined in the Data Protection Legislation) we collect about individuals ("Users") when they access our websites at the following domains: 1tapreceipts.io, 1tapreceipts.com, 1tap.io, 1taptax.com and 1taptax.io (together, the "Site"), use any of 1tap’s mobile and tablet applications (the "Apps") or use any of our Services or products, including via the Site (collectively, the "1tap Products"), or otherwise have their personal data submitted to us.
By using, and submitting information and documents, to the Apps and via the Site, visiting the Site, as well as sharing written materials distributed to you via our communication channels, which we manage such as social media, customer support, newsletter, etc. ("Services"), and/or agreeing to our Terms and Conditions, you are accepting the practices and guidelines set out in this document (the "Policy"), so please take a few minutes to read it over carefully.
For the purposes of the Data Protection Legislation, where we are the party that determines the purposes for which and the manner in which any personal data is processed, the data controller of any such personal data comprised in personal data is 1Tap App Limited of 99 Clifton Street, London EC2A 4LG ("1tap"). However, we may also collect or be provided with certain personal data pursuant to our agreements with our customers and partners who remain the data controller of that personal data – in this case, we act as a data processor of the relevant customer or partner. Where we act as a data processor of any personal data comprised in personal data, we will process such personal data in accordance with this Policy, our Terms and Conditions and the relevant data controller’s instructions.
Two areas that we recommend our Users particularly focus on are the sections titled:
All the Personal Information 1tap stores about its Users is stored on servers based in the European Economic Area (“EEA”) by Amazon Web Services. If the location of our servers changes in the future, we will update this Policy.
Users should note that, although their personal data is stored in the EEA, 1tap’s data extraction team, certain members of which are based outside the EEA, receive access to the content uploaded via the 1tap Products. Members of our data extraction team are not given access to any personal data beyond any data which is outlined on any submissions uploaded via the Apps or the Services – for example, they may be able to see a User’s name or address that is present on an invoice, but they will not have access to any other information about that User. 1tap imposes strict contractual obligations on its data extraction team to ensure data on any submissions uploaded by Users is secure, protected and treated in accordance with this Policy.
As a modern company, 1tap uses various cloud-based systems and tools, including certain customer relationship management and marketing automation services (“Tools”) to allow us to provide the 1tap Products to our Users quickly and efficiently. For example, to help us manage our client relationships, we use software provided by internationally renowned companies such as Salesforce (NYSE: CRM) and HubSpot (NYSE: HUBS). As part of our use of the Tools, certain limited client and User profile information is sent to the providers of the Tools, some of whom are based outside the EEA. Where Users’ personal data is sent by 1tap to Tool providers based outside the EEA, we ensure such transfers are conducted in accordance with 1tap’s obligations under the Data Protection Legislation.
By accepting this Policy, Users’ agree to the transfer, processing, and storage of their personal data outside the EEA in accordance with the practices described in this International Data Transfer section of this Policy. We will take all steps reasonably necessary to ensure that such personal data is treated securely and in accordance with this Policy.
To deliver the full 1tap Services to you we need some data. We use multiple sourcing strategies to obtain, analyze, store, and manage this data.
We collect the following personal data:
Information provided when Users sign up on the Site or an App. When Users register for a subscription through the Site or an App (or update any information previously given to us), we collect personal details which can include: names, postal addresses, email addresses, phone numbers, fax numbers, usernames, passwords and demographic information (for example, a User’s occupation).
Information provided through the use of the 1tap Products. When using the 1tap Products, Users may provide us with additional personal data that might be contained on any receipts, invoices and other information (such as earnings information) that they submit to us through the 1tap Products. Users may also provide us with personal data which relates not only to Users themselves, but also certain third party individuals. We will treat such data in accordance with this Policy. Users may also provide us with certain personal data when they report a problem with the 1tap Products or send us any other information either directly on the Site or via the Apps.
Information Users submit to blogs, boards, or discussion forums. If Users choose to participate in commenting on any blogs or posting on our board or forums on the Site or via an App, they may submit certain personal data to us. Please also note that personal data that Users submit in this way can be read, collected, or used by other Users. As Users control what they submit, we are not responsible for the information (including personal data) they choose to submit to blogs, discussion boards or forums we host. We urge Users to be very careful when deciding to submit their personal data in this fashion.
Information we get from others. We may get personal data about Users from other sources. As an example of how we might get personal data other than via the Apps or the Site – we might collect certain information Users have uploaded to their accounting software when any 1tap Product is integrated with that software. We may add this to information we get from this Site or the Apps or otherwise through Users’ use of the 1tap Products. Where we obtain such personal data from third party sources, if we combine or associate that personal data from other sources with personal data that we collect through the Services, we will treat the combined information as personal data in accordance with this Policy.
Information automatically collected through the Site and the Apps. Each time Users visit the Site or use the Apps we may automatically collect the following information:
Testimonials and Feedback. 1tap does not post any personal data relating to its Users along with testimonials unless we have been given permission to do so by the User. We get in touch with our Users to confirm that they are happy for their personal data to be posted on our Site before anything is posted to request their permission to do so. Users may submit or ask us to withdraw a testimonial by contacting us email@example.com.
We may log and collect certain personal data using “Cookies”. Cookies are small data files stored on Users’ hard drives by a website. We may use both session Cookies (which expire once Users close their web browser) and persistent Cookies (which stay on Users’ computers or devices until they delete them) to provide Users with a more personal and interactive experience on our Site and the Apps. This type of information is collected to distinguish different Users of the Apps or the Site. This helps us to provide Users with a good experience when they use the Apps or browse the Site. It also allows us to improve the Apps and the Site to make them more useful and to tailor each User’s experience to meet their special interests and needs.
Please note that the Cookies that we may use include both Cookies we place and those which are placed by our third party partners – these are commonly referred to as “third party Cookies”. Third-party Cookies are Cookies that are set by a domain other than the one being visited by the User – for example, if an individual visit the Site and a company other than 1tap sets a cookie through the Site, this would be a third party cookie.
Some of the Cookies we place are essential to allow us to provide certain aspects of the Site and the Apps – for example, some are necessary to enable Users to log into certain secure areas. Users will typically be able to remove and reject Cookies from our Site or the Apps by changing their settings. Many browsers and devices are set to accept Cookies until you change your settings. If Users remove or reject our Cookies, it could affect how our Site or the Apps work for them.
We may, from time to time, offer certain location-based services. If you elect to use such location-based services, we must periodically receive your location in order to provide such location-based services to you. By using the location-based services, you authorise us to: (i) locate the device on which you have installed a 1tap App; (ii) record, compile and display your location; and (iii) publish your location to third parties designated by you by means of location publication controls available within the applications (for example, settings, user preferences). As part of the location-based services, we may also collect and store certain information about the users who elect to use such location-based services, such as a device ID. This information will be used to provide you the location-based services.
Collecting personal data allows 1tap to offer a more customized, secure, and efficient service to our Users. Here’s a brief description of how we use personal data.:
We will take all steps reasonably necessary to ensure that personal data is treated securely and in accordance with this Policy and, where it applies, the Data Protection Legislation.
The Data Protection Legislation requires that we have a clear legal basis for processing your Personal Information. To be open and transparent with you in respect of our use of your Personal Information, here are the legal basis for our processing:
|Category(ies) of personal data involved||Purpose/use||Legal basis for processing|
|To provide, operate, maintain, develop and improve the 1tap Products and associated administrative purposes.||Contractual necessity – without being able to process your personal data as described in this Policy, we would not be able to perform the contract with you that is formed under our Terms and Conditions.|
|Marketing and sales purposes, including communicating with you in relation to upcoming features, developments, and news relating to the 1tap Products.||Consent – you have authorised us to contact you for certain specified purposes.|
|To provide customer service||Contractual necessity (see above).|
|To create and maintain your User account||Contractual necessity (see above).|
|Market research and User experience research||Legitimate interests – 1tap has a legitimate interest in conducting such research in order to provide, operate, maintain, and improve the 1tap Products|
|To prevent malfunctions, to investigate fraudulent, unauthorized or illegal activity and other misuses.||Legitimate interests – 1tap has a legitimate interest in ensuring that we can prevent malfunctions and protect and secure the 1tap Products.|
|To analyze, audit and benchmark our Service, including analysis of Users’ preferences, needs and wants||Legitimate interests - 1tap has a legitimate interest in undertaking these activities in order to continue improving the 1tap Products and responding to Users’ requirements.|
|To provide and deliver any other products and services that Users request.||Contractual necessity (see above).|
We do not use your personal data for the purposes of automated decision-making or profiling as those terms’ meanings apply in the context of the Data Protection Legislation. However, we may do so in order to fulfil obligations imposed by law, in which case we will inform of any such processing and provide you with an opportunity to object.
Sharing of Personal Information
1tap does not use Users’ Personal Information to introduce them to third parties.
However, we may share certain Personal Information as follows:
When we use the term “Anonymous Data”, we are referring to data and information that does not permit an individual person to be identified or identifiable, either alone or when combined with any other information available to a third party – this could include data derived from personal data which is aggregated and compiled in anonymous form, Analytics Information and information collected from Cookies.
We may create Anonymous Data records from the personal data we receive about our Users and other individuals whose personal data is submitted to us. We make personal data into Anonymous Data by excluding information (such as a User’s name) that makes the data personally identifiable to them. We use this Anonymous Data to analyze requests and usage patterns so that we may enhance the 1tap Products and improve Site navigation and the functionality of the Apps.
We may use Anonymous Data for a number of purposes, which could include disclosing that Anonymous Data to third parties.
Our Services were developed, marketed and intended for use by sole traders only. We do not knowingly engage in any data collection, processing or storage of Users under 18. Our communication, marketing, and sales activities are never aimed at children.
In the event that we identify a User who is under 18, we will take all the reasonable measures to prevent this person from continuing their interaction with the Service, and delete the information.
If you are under 18, please do not access or use our Services without parental consent and supervision. If you are a parent or a legal guardian or concerned third party of a child under 18 who interacted with the Services, please alert us via firstname.lastname@example.org.
Personal data on 1tap is protected by an email address and password login. Users are responsible for keeping their password secret and should be careful to log out of their accounts after they have finished any given session, especially if they are using a public computer. The security of personal data is important to us. When Users enter sensitive information on our registration forms (such as their name, mailing address, or credit card information), we encrypt that information using 256-bit secure socket layer technology.
Only employees or service providers that need to access personal data (such as customer service representatives or our data processing teams) will have access to personal data. 1tap takes reasonable steps to ensure that it keeps all employees informed and reminded of privacy and security practices.
We seek to use reasonable organizational, technical and administrative measures to protect personal data within our organization. Unfortunately, no transmission or storage system can be guaranteed to be completely secure, and transmission of information via the internet is not completely secure. If a User has any reason to believe that their interaction with us is no longer secure (for example, if they feel that the security of their account might have been compromised), they should notify us of this problem immediately by contacting us at email@example.com. If we learn of a security system breach, we will notify you electronically and take all the necessary protective measures to eliminate the inconvenience. To receive the free written notice of security breach, please apply at firstname.lastname@example.org.
We note that retention time can also impact the security of personal data and should be considered. In compliance with our obligations under the Data Protection Legislation, we only retain Users’ personal data for so long as necessary to meet the purposes for which it was collected.
The Data Protection Legislation gives you certain rights in respect of your personal data (these are listed below). 1tap has put in place policies and procedures to ensure that it respects those rights.
If you wish to exercise any of these rights, please contact us at email@example.com and make clear: (i) what personal data is concerned; and (ii) which of the rights below you would like to enforce.
The majority of data is anonymised for statistical and analytical purposes so that we can learn more about our Users. However, with your consent, some contact data is used for marketing communications. All the direct marketing communication materials (emails, social media messages, posts and automated referrals, SMSs, etc.) that we send to you, have an option to restrain us from sending more direct marketing communication materials your way.
Users may always opt not to disclose certain personal data, but that may mean that they will not be able to access certain 1tap Products. For example, a User’s name and email address are necessary to complete the registration process. If Users have a complaint about this Policy, please send it via email to firstname.lastname@example.org. Users’ complaints will be filed and reviewed by a qualified member of the 1tap team. If required, Users will receive a response to their message as soon as possible.
1tap may amend or change this Policy at its sole discretion at any time. The use of the personal data we collect at any given point is subject to the Policy in effect at the time of collection. Users should periodically check the Policy to make sure they understand the current Policy. When we do make changes to the Policy, we will change the Last Updated date at the top of this document.
1tap will notify Users by sending an email to the email address they have registered with their account, or by posting a prominent notice on the Site or the Apps before we implement any material changes regarding our privacy practices or this Policy.
Although we do not use Users’ personal data to send them marketing emails without their consent, we may still send non-marketing emails. Non-marketing emails include emails about Users’ accounts and our business dealings with them – for example, if any part of the 1tap Products is temporarily disrupted or suspended or if there are any upcoming features or developments to the 1tap Products we need to communicate. In addition, please note that all Users will receive an automatic welcome email necessary to complete their registration process.
If Users do not wish to receive these communications, they have the option of deactivating their account. Users may request that their account be deleted or deactivated from 1tap by sending an email email@example.com.
Our Site may contain links to and from the websites of our partner networks, advertisers, and affiliates. If Users follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Users should please check these policies before they submit any personal data to these websites. The links to third party websites or locations are for convenience only and do not signify our endorsement of such third parties or their products, content, or websites. If Users disclose information to others or authorize us to do the same under this Policy, the use and disclosure restrictions contained in this Policy will not apply to any third party. We do not control the privacy policies of third parties, and Users are subject to the privacy policies of those third parties where applicable.
We ask that Users do not send us and that Users not disclose, any sensitive personal data about themselves or anyone else (e.g., social security numbers, information related to racial or ethnic origin, political opinions, religion or other beliefs, health, biometrics or genetic characteristics, criminal background or trade union membership) on or through the 1tap Products or otherwise to us.
Please contact us with any questions, concerns, and comments about this Policy, your personal data, data security, or your privacy setting choices at firstname.lastname@example.org. We are committed to promptly resolve any questions and concerns that you may have.