Tapflow Privacy Policy
Last Updated: April 6, 2025
Introduction
Tapflow is dedicated to safeguarding the privacy and personal data of our users. This Privacy Policy outlines our practices concerning the collection, use, and protection of personal data within the Tapflow platform. We are committed to complying with the EU General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other applicable data protection laws.
What is Personal Data?
"Personal Data" means any information that can identify an individual directly or indirectly. This includes names, contact details, online identifiers, and location data as outlined by the GDPR.
Information We Collect
Data from Prospeo and Our Proprietary Database:
- Partner Data via Prospeo: To ensure the highest quality candidate contact information, Tapflow partners with Prospeo, a trusted provider known for its verified and compliant data sourcing. Through this partnership, we obtain professionally verified contact details (including work emails and mobile numbers) directly from Prospeo’s database, which is maintained in full compliance with GDPR, CCPA, and other relevant regulations.
- Our Own Data: In addition to the data provided by Prospeo, Tapflow maintains its own proprietary database built from historical data, user interactions, and consent based data collection. This database is continually updated, enriched, and verified to ensure accuracy and compliance.
- Information Provided by You:
Information you provide directly, such as during account setup, service usage, communications with us, and details regarding your search preferences.
Information related to your search preferences and candidate sourcing requirements.
- Automatically Collected Information: Technical data such as IP addresses, device and browser information, and user interactions that help tailor our services to your needs.
- Cookies: Cookies are used to enhance user experience. Settings can be managed in your browser.
Personalized Talent Search Optimization
To improve the relevance of candidate searches and enhance your outreach messages, we collect and store data regarding your search queries, preferences, and interactions with our platform. This information is used solely to refine search results and is collected only with your explicit consent.
Google API Integration and Use of Third-Party Tools
To enhance your experience on our platform, we integrate with select third-party services, including Google APIs, for the following purposes:
- Google Sign-In: Simplifies authentication by allowing you to log in using your Google account.
- Email Account Connection: With your explicit consent, you may connect your email account to Tapflow to enable features such as sending emails on your behalf.
- Sending Emails on Your Behalf: We use Google APIs (e.g., Gmail API) solely for transmitting emails as part of our service strictly in accordance with Google's API Services User Data Policy and Limited Use requirements. No email data is used for AI model training or shared with unrelated third parties.
Data Subject's Rights
Under GDPR, you have the right to access, rectify, delete, and transfer your personal data. We facilitate all such requests promptly.
Use and Sharing of Personal Information
We use personal information to provide, enhance, and communicate our services. Any data sharing with partners or third parties is conducted under strict compliance measures and only with your explicit consent.
Storing Personal Information
Data from Prospeo and Our Database:
- Verified Public DataOnly: We store data that is verified via our Prospeo partnership and from our own proprietary database. This data includes work related contact details and candidate profiles ensuring we do not collect private information without explicit consent.
- Data Security and Retention: Personal data is securely maintained and stored only as long as necessary. We conduct regular data minimization checks to ensure that no data is retained longer than needed.
Data Protection Mechanisms
We employ robust security measures, including:
- Encryption: All data transmitted between your device and our servers is encrypted using industry standard TLS protocols. Data stored in our systems is protected with advanced encryption methods.
- Access Control: Access to personal data is limited to authorized personnel through strict role based access and authentication procedures.
- Secure Data Storage: Data is stored in secure, firewalled servers with redundant backups.
- Incident Response: We have an established incident response plan to promptly address and mitigate any potential security breaches.
Processing in the EEA
For users in the EEA, Tapflow operates in full compliancewith GDPR, using approved data transfer mechanisms.
Changes to Privacy Policy
Any updates to our Privacy Policy will be clearly communicated and reflected with a new "Last Updated" date.
Contact Information
For inquiries or concerns about our privacy practices, please contact our Data Protection Officer at: contact@tapflow.app.