Security and Privacy

Here's some of the things Tap does to protect you and your data:

  • Encryption in flight: Tap uses current best practices for encrypting data between your devices and our servers, HTTPS.
  • Password Encryption: salting and hashing using industry standard tools and algorithms
  • Log Data: server logs (access, errors, and system health and other operational information) are free of user data and deleted after 7 days.

Regarding privacy of your data:

  • We do not sell data. That means we do not share your note information with any third parties. The only time your note data leaves our system via a third-party is when you request it to be sent via an email, sms or other connection. In these cases we rely on services to transmit the information to you.
  • The third-party services Tap uses are either privacy focused or highly restricted. See list below

Without the constraints of advertising and marketing objectives that leverage member data, we can build more powerful systems. And you get to decide what your notes mean.

If you'd like to take your data out of the Tap system you can download it any time from your Tap account page. You may also request your data permanently deleted by emailing

Third-party Services Used

  • Goatcounter: privacy-focused web analytics. No access to individual user information. Tap uses this service to understand system usage and gauge interest in content we publish.
  • Campaign Monitor: Email services. We restrict their access to only member email and specify no permission to track. Tap uses this service for marketing emails, product updates etc.
  • Mailchimp: Another email service. This is used for account management emails and spells (reset password, verify email and email digest spells).
  • Telnyx: telecom carrier that provides SMS services: phone verification and reminder Spells.
  • Stripe: used to collect payments. We share your email for them to provide billing notifications and reminders.