← Back to Home

Privacy Policy

Last updated: 7/6/2025

1. Introduction

ReTap S.r.l. ("ReTap," "we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our universal loyalty card services, including our website, mobile applications, and related services (collectively, the "Service").

By using our Service, you consent to the data practices described in this Privacy Policy. If you do not agree with our policies and practices, please do not use our Service.

2. Information We Collect

2.1 Personal Information You Provide

We may collect the following personal information:

  • Account Information: Name, email address, phone number, business information (for merchants)
  • Card Information: NFC card UID, card activation data
  • Profile Information: Preferences, settings, and account configurations
  • Communication Data: Messages, support requests, and feedback

2.2 Automatically Collected Information

We automatically collect certain information when you use our Service:

  • Usage Data: Transaction history, points earned/redeemed, card usage patterns
  • Device Information: Device type, operating system, browser type, IP address
  • Location Data: Geographic location (with your consent)
  • Log Data: Access times, pages viewed, features used
  • Analytics Data: Service performance, error reports, usage statistics

3. How We Use Your Information

We use the collected information for the following purposes:

  • Service Provision: To provide, maintain, and improve our loyalty card services
  • Transaction Processing: To process card transactions, manage points, and handle rewards
  • Account Management: To create and manage your account, verify your identity
  • Communication: To send you service updates, support messages, and marketing communications (with consent)
  • Analytics: To analyze usage patterns, improve user experience, and develop new features
  • Security: To detect and prevent fraud, abuse, and security threats
  • Legal Compliance: To comply with applicable laws, regulations, and legal processes

4. Information Sharing and Disclosure

We do not sell, rent, or trade your personal information to third parties. We may share your information in the following circumstances:

  • With Your Consent: When you explicitly authorize us to share your information
  • Affiliated Merchants: With participating merchants to process transactions and manage loyalty programs (limited to necessary data only)
  • Service Providers: With trusted third-party vendors who assist us in operating our Service (under strict confidentiality agreements)
  • Legal Requirements: When required by law, court order, or government regulation
  • Business Transfers: In connection with a merger, acquisition, or sale of assets (with appropriate safeguards)
  • Safety and Security: To protect our rights, property, or safety, or that of our users or the public

5. Data Security

We implement comprehensive security measures to protect your personal information:

  • Encryption: All data is encrypted in transit and at rest using industry-standard protocols
  • Access Controls: Strict authentication and authorization procedures for data access
  • Network Security: Firewalls, intrusion detection, and regular security audits
  • Data Backup: Regular, secure backups with disaster recovery procedures
  • Employee Training: Regular security training for all employees with access to personal data
  • Incident Response: Established procedures for responding to security incidents

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

6. Your Rights and Choices

Depending on your location, you may have the following rights:

  • Access: Request access to your personal information
  • Correction: Request correction of inaccurate or incomplete information
  • Deletion: Request deletion of your personal information (subject to legal requirements)
  • Portability: Request a copy of your data in a portable format
  • Restriction: Request restriction of processing in certain circumstances
  • Objection: Object to processing based on legitimate interests
  • Withdrawal: Withdraw consent where processing is based on consent

To exercise these rights, please contact us using the information provided below. We will respond to your request within 30 days, unless additional time is required.

7. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. Specific retention periods include:

  • Account Data: Retained while your account is active and for 7 years after deactivation
  • Transaction Data: Retained for 10 years for tax and regulatory compliance
  • Log Data: Retained for 2 years for security and troubleshooting
  • Marketing Data: Retained until you opt out or for 3 years after last interaction

When we no longer need your information, we will securely delete or anonymize it.

8. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience, analyze usage, and provide personalized content. These technologies include:

  • Essential Cookies: Required for basic service functionality
  • Analytics Cookies: Help us understand how users interact with our Service
  • Preference Cookies: Remember your settings and preferences
  • Marketing Cookies: Deliver relevant advertisements (with consent)

You can control cookie settings through your browser preferences. However, disabling certain cookies may affect service functionality.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. We ensure that such transfers comply with applicable data protection laws through:

  • Adequacy decisions by relevant authorities
  • Standard contractual clauses approved by regulatory bodies
  • Other appropriate safeguards as required by law

10. Children's Privacy

Our Service is not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately. We will take steps to remove such information from our records.

11. Third-Party Services

Our Service may contain links to third-party websites or integrate with third-party services. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies before providing any personal information.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by:

  • Posting the updated policy on our website
  • Sending you an email notification
  • Displaying a prominent notice in our Service

Your continued use of our Service after such changes constitutes acceptance of the updated Privacy Policy.

13. Contact Information

If you have any questions about this Privacy Policy or our data practices, please contact us:

ReTap S.r.l.

Email: info@retapcard.com

WhatsApp: +39 380 2418839

For EU residents: You also have the right to lodge a complaint with your local data protection authority.