TAPIFLOST
TapIfLost Legal

Privacy Policy

This Privacy Policy explains how TapIfLost collects, uses, discloses, stores, and otherwise processes information in connection with the platform and related services.

Updated Date: March 11, 2026 Domain: tapiflost.com

Effective Date: March 11, 2026

This Privacy Policy explains how TAPIFLOST LLC (“TAPIFLOST,” “we,” “us,” or “our”) collects, uses, discloses, stores, and otherwise processes information in connection with the TapIfLost platform, including our website, hosted dashboards, NFC-enabled recovery products, support channels, recovery interfaces, and related services (collectively, the “Services”).

This Privacy Policy is intended to be read together with the TapIfLost Terms of Service and any product-specific or supplemental notices we may provide at the point of collection.

By accessing or using the Services, you acknowledge the practices described in this Privacy Policy. Where required by applicable law, we will seek your consent for specific processing activities.

1. Scope

This Privacy Policy applies to information we collect:

(a) when you visit or interact with our website or hosted interfaces;
(b) when you create, maintain, or use an account;
(c) when you purchase, register, activate, or manage a TAPIFLOST-supported product;
(d) when a Finder accesses a recovery interface after interacting with a supported product;
(e) when you communicate with us for support, account management, legal requests, safety issues, or other inquiries; and
(f) when we process information in connection with security, fraud prevention, analytics, compliance, product improvement, or dispute handling.

This Privacy Policy does not apply to third-party websites, services, apps, payment processors, platforms, or devices that are not controlled by TAPIFLOST, even if they interoperate with or are linked from the Services.

2. Categories of Information We Collect

We may collect the following categories of information, depending on how you use the Services.

2.1 Account and Identity Information

When you create or manage an account, we may collect:

  • name or display name
  • email address
  • login credentials or credential-related records
  • account settings and preferences
  • communication preferences
  • account status, verification, and administrative metadata

2.2 Transaction and Purchase Information

When you make a purchase or engage in a transaction through the Services, we may collect:

  • order details
  • product selections
  • billing and shipping metadata
  • transaction identifiers
  • payment status
  • refund, exchange, replacement, or dispute history

Payment card information is generally processed by our third-party payment processors and not stored by us in full form, except to the extent necessary for receipts, reconciliation, fraud review, or processor-linked records.

2.3 Product Registration and Item Profile Information

When you activate or manage a TAPIFLOST-supported product, we may collect:

  • product identifier or activation identifier
  • tag assignment information
  • item category
  • item description
  • item nickname or profile label
  • pet profile details, where applicable
  • profile photos or uploaded media
  • reward details or reward text, where provided
  • recovery preferences and contact settings
  • dashboard configuration and ownership history

2.4 Finder and Recovery Interaction Information

When a Finder accesses a recovery interface, we may collect:

  • recovery session information
  • device and browser metadata
  • IP address
  • timestamps
  • interaction logs
  • approximate geolocation inferred from IP or device/browser context where permitted
  • communications sent through a Temporary Messaging Channel
  • anti-abuse and fraud signals
  • recovery workflow status information

Finders may provide limited information voluntarily during a recovery interaction, such as a message. We may retain that information as described in this Policy.

2.5 Communications and Support Information

When you contact us or communicate through the Services, we may collect:

  • the contents of support requests, emails, messages, or forms
  • attachments, screenshots, photos, or documentation you submit
  • records of customer service interactions
  • complaint, dispute, or legal claim information
  • communication preferences and outcomes

2.6 Device, Usage, and Technical Information

We may automatically collect information about your interaction with the Services, including:

  • IP address
  • browser type and version
  • operating system
  • device type
  • language settings
  • time zone
  • referring URLs
  • pages viewed
  • clickstream information
  • session duration
  • error logs
  • crash data
  • authentication events
  • security telemetry
  • cookie identifiers or similar technologies

2.7 Analytics, Diagnostic, and Security Information

We may generate or collect:

  • fraud indicators
  • abuse detection signals
  • suspicious login indicators
  • device integrity signals
  • rate-limit and bot-detection information
  • internal analytics and operational metrics
  • service health and troubleshooting logs

2.8 Legal and Compliance Information

Where necessary, we may collect and maintain records related to:

  • consent status
  • privacy requests
  • legal notices
  • intellectual property complaints
  • law enforcement or governmental requests
  • sanctions screening or export compliance
  • dispute resolution and arbitration matters

3. Sources of Information

We may collect information:

(a) directly from you;
(b) from Finders and other users through recovery interactions;
(c) automatically through your use of the Services;
(d) from payment processors, fraud prevention providers, hosting providers, analytics providers, and similar service providers;
(e) from shipping or fulfillment partners;
(f) from public or lawful third-party sources when necessary for fraud review, legal compliance, or account support; and
(g) from cookies, pixels, SDKs, logs, and similar technologies.

4. How We Use Information

We may use information for the following purposes:

4.1 To Provide the Services

Including to:

  • create and administer accounts
  • activate and manage supported products
  • associate products with item profiles
  • enable recovery workflows
  • facilitate Temporary Messaging Channels
  • send recovery-related notifications
  • provide dashboards, settings, and account controls
  • process orders, refunds, exchanges, and replacements

4.2 To Operate, Maintain, and Improve the Services

Including to:

  • troubleshoot issues
  • monitor uptime and functionality
  • improve product performance and usability
  • develop new features
  • understand user engagement and service effectiveness
  • optimize workflows, interfaces, and reliability

4.3 To Protect the Services, Users, and the Public

Including to:

  • detect and prevent fraud, abuse, scraping, and unauthorized access
  • investigate suspicious activity
  • enforce our Terms, Acceptable Use Policy, and other rules
  • protect against spam, coercion, scams, and misuse of recovery interfaces
  • respond to safety issues and urgent incidents

4.4 To Communicate With You

Including to:

  • provide transactional communications
  • deliver support responses
  • send account notices
  • provide legal notices
  • send service updates, policy changes, and security alerts
  • provide marketing communications where permitted by law and consistent with your preferences

4.5 To Comply With Law and Defend Legal Rights

Including to:

  • comply with legal obligations
  • respond to lawful requests from courts, regulators, or law enforcement
  • establish, exercise, or defend legal claims
  • preserve evidence and maintain records
  • comply with tax, accounting, and regulatory requirements

4.6 To Perform Internal Business Functions

Including auditing, recordkeeping, risk management, reporting, financing diligence, merger or acquisition preparation, and similar business operations to the extent permitted by law.

5. Legal Bases for Processing

Where applicable law requires a legal basis for processing, we may rely on one or more of the following:

  • performance of a contract
  • compliance with legal obligations
  • legitimate interests, including service operation, fraud prevention, information security, product improvement, and business continuity
  • consent, where required
  • protection of vital interests
  • establishment, exercise, or defense of legal claims

6. How We Disclose Information

We do not sell personal information in the ordinary meaning of the word “sell,” and we do not disclose personal information to data brokers for their independent marketing use. We may disclose information as follows:

6.1 Service Providers and Processors

We may disclose information to vendors and service providers that perform services on our behalf, such as:

  • cloud hosting providers
  • payment processors
  • customer support platforms
  • analytics providers
  • fraud prevention and security providers
  • email and communications providers
  • shipping and fulfillment providers
  • infrastructure, monitoring, and logging providers
  • legal, tax, audit, or compliance advisors

6.2 Within the Recovery Workflow

We may disclose limited information as necessary to facilitate a recovery interaction. The Services may be structured to reduce direct exposure of personal contact information; however, information you choose to provide in a message or profile may be disclosed consistent with the way the feature works.

6.3 Legal, Safety, and Compliance Disclosures

We may disclose information if we believe in good faith that disclosure is necessary to:

  • comply with law, regulation, court order, subpoena, or legal process
  • respond to governmental requests
  • enforce our agreements or policies
  • detect, investigate, or prevent fraud, abuse, security incidents, or illegal activity
  • protect the rights, property, safety, or security of TAPIFLOST, users, Finders, Owners, or the public

6.4 Corporate Transactions

We may disclose or transfer information in connection with an actual or proposed merger, acquisition, financing, bankruptcy, restructuring, asset sale, or similar corporate transaction, subject to appropriate confidentiality and legal safeguards.

6.5 Aggregated and De-Identified Information

We may use, disclose, and commercialize aggregated, statistical, or de-identified information that does not reasonably identify you, subject to applicable law.

7. Cookies and Similar Technologies

We and our service providers may use cookies, pixels, local storage, SDKs, scripts, and similar technologies to:

  • authenticate users
  • maintain sessions
  • remember preferences
  • analyze traffic and usage
  • measure performance
  • support security and fraud detection
  • improve the Services
  • support limited advertising or remarketing, where used and permitted by law

You may be able to manage cookies through your browser or device settings. Blocking all cookies may impair some functionality.

8. Data Retention

We retain information for as long as reasonably necessary for the purposes described in this Privacy Policy, including to provide the Services, maintain legitimate business records, resolve disputes, enforce agreements, comply with legal obligations, and protect security and integrity.

Retention periods may vary depending on the type of information, context of collection, legal requirements, and technical constraints. For example:

  • account information may be retained while the account remains active and for a reasonable period afterward
  • order and transaction records may be retained for accounting, tax, fraud prevention, and legal compliance purposes
  • support records may be retained for quality, training, legal, and operational reasons
  • recovery interaction records and messaging data may be retained for abuse prevention, dispute handling, safety, and compliance needs
  • logs and security records may be retained according to operational, security, and forensic needs

We may also retain information in backup systems for limited periods consistent with disaster recovery and continuity practices.

9. Data Security

We use administrative, technical, and physical safeguards designed to protect information appropriate to the nature of the data and the risks involved. Such measures may include:

  • encryption in transit
  • access controls
  • role-based permissions
  • logging and monitoring
  • network security controls
  • authentication protections
  • backup and recovery controls
  • vendor due diligence
  • incident response procedures

No system is completely secure, and no method of transmission, storage, or processing can be guaranteed to be infallible. You are responsible for maintaining the security of your account credentials, devices, and any information you choose to disclose.

10. International Data Transfers

If you access the Services from outside the United States, your information may be transferred to, processed in, and stored in the United States and other jurisdictions where TAPIFLOST or its service providers operate. Those jurisdictions may have data protection laws that differ from those of your jurisdiction.

Where required by law, we will implement appropriate safeguards for cross-border data transfers.

11. Your Rights and Choices

Depending on your jurisdiction, you may have rights regarding your personal information, including the right to:

  • access personal information
  • correct inaccurate information
  • request deletion
  • request portability
  • object to certain processing
  • restrict certain processing
  • withdraw consent where processing is based on consent
  • opt out of certain marketing communications
  • appeal a denial of a privacy request, where required by law

We may need to verify your identity before processing a request. We may deny or limit a request where permitted by law, including where compliance would conflict with legal obligations, security requirements, privilege, or the rights of others.

12. U.S. State Privacy Disclosures

Residents of certain U.S. states may have additional rights under applicable privacy laws. Where such laws apply, TAPIFLOST will honor qualifying requests consistent with those laws. We may require verification and may apply exceptions permitted by law.

If applicable law requires a separate state-specific notice, we may provide one by supplement, addendum, or updated policy posting.

13. Children’s Privacy

The Services are not directed to children under 13, and we do not knowingly collect personal information from children under 13 without authorization recognized by applicable law. If we learn that we have collected personal information from a child in a manner inconsistent with applicable law, we will take steps to delete or otherwise address the information as required.

14. Third-Party Services

The Services may contain links to, or integrations with, third-party services. We do not control and are not responsible for the privacy, security, or business practices of those third parties. Your use of third-party services is governed by their own terms and privacy policies.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. The “Effective Date” above indicates when this version became effective. If we make material changes, we may provide additional notice through the Services or by other reasonable means where required by law.

Your continued use of the Services after an updated Privacy Policy becomes effective constitutes acknowledgment of the updated Policy to the extent permitted by law.

16. Contact

Questions, privacy requests, legal notices, and data protection inquiries may be submitted through the contact or support channels made available on tapiflost.com.