Privacy Policy

This Privacy Policy explains how Tapcare collects, uses, shares, and protects information for Your Room by Vanessa + Lia.

Information we collect

We collect information you provide, including email, password hash, display name, profile details, preferences, messages, uploaded photos or files, reactions, comments, reports, support requests, privacy requests, gifts, roses, purchases, and checkout metadata.

We also collect technical and usage information such as session tokens, device/browser details, IP-derived security data, logs, page views, notification permissions, delivery status, timestamps, error reports, fraud signals, and analytics events.

Payment card details are handled by payment processors such as Stripe. We do not store raw card numbers or full card security codes on our servers.

How we use information

We use information to create and secure your room, personalize the experience, remember preferences, process roses and gifts, deliver digital items, send room notifications, operate support, handle privacy/reporting requests, prevent abuse and fraud, debug errors, improve reliability, comply with law, and enforce policies.

Messages and room activity may be processed by automated systems, AI systems, human operators, and service providers for response generation, moderation, safety review, memory, analytics, and support.

Sharing

We share information with service providers that help operate the service, including hosting, database, storage, analytics, observability, email, push notification, payment, security, and AI/model providers. These providers may process data only as needed to provide their services to us.

We may share information when required by law, to protect rights and safety, to investigate fraud or abuse, to respond to valid legal requests, or in connection with a merger, acquisition, financing, reorganization, or sale of assets.

We do not sell personal information. We do not knowingly share personal information for cross-context behavioral advertising as that term is used in some U.S. state privacy laws.

Cookies, analytics, and notifications

We use cookies and similar storage for login sessions, security, preferences, analytics, and room functionality. Disabling cookies may prevent the room from working.

Email reminders include an unsubscribe link where required. Push notifications require opt-in and can be disabled in browser/device settings or room settings.

Retention

We retain information as long as needed for the room, support, safety, legal compliance, accounting, fraud prevention, dispute handling, backups, and audit records. Some records may be retained after deletion requests where necessary for legitimate business, legal, tax, payment, or safety reasons.

Your choices and rights

You may request access, export, correction, deletion, or privacy help by contacting support@tapcare.app or using the in-room support tools. We may need to verify your identity before completing a request.

Depending on your location, you may have additional rights to know, access, correct, delete, restrict, object, opt out, or appeal. California, Colorado, Connecticut, Virginia, Utah, Oregon, Texas, and other U.S. state residents may have specific privacy rights if legal thresholds apply.

European/UK users may have rights under GDPR/UK GDPR where applicable. Where we rely on consent, you may withdraw it. Where we rely on legitimate interests, you may object.

Security

We use administrative, technical, and organizational safeguards designed to protect the service, including protected sessions, private storage paths where supported, access controls, rate limits, and logs. No system is perfectly secure.

Contact

Privacy requests and questions can be sent to support@tapcare.app.

Mailing address: Available on request for legal notices.