TAP ARUBA

Privacy Policy

Last updated: June 21, 2026

This Privacy Policy explains how Tap Aruba(“Tap Aruba”, “we”, “us”) collects, uses, and protects information when you use our platform, websites, NFC tags, and related services (the “Services”). It applies both to the businesses that use Tap Aruba (“Clients”) and to the people who interact with a Tap Aruba experience, such as by tapping an NFC tag or scanning a QR code (“Visitors”).

Who we are

Tap Aruba provides digital experiences delivered through NFC tags, QR codes, and web links — including ordering, marketing links, event check-in, and visitor analytics — together with dashboards for the businesses that use them. For any privacy question, contact us at arubatap@gmail.com.

Information we collect

From Clients (business accounts):

  • Account details: name, email address, and a password (stored in hashed form by our authentication provider).
  • Business information you provide: business name, phone, address, branding, menus, links, and guest lists.
  • Operational data you generate while using the dashboards.

From Visitors (people who tap a tag or use an experience):

  • Tap / scan events — which tag or experience was used, the date and time, the device type (derived from your browser’s user-agent), an approximate country (derived from your IP address), and the referral source.
  • Requests you submit — for example an order (items and any table, chair, or location reference) or details you enter to verify yourself, such as a name, room, or reservation number.
  • Event check-in — if a Client runs an event, the name or email you enter is checked against that Client’s guest list to record your attendance.
  • Website analytics — when you visit a website that uses our analytics, we record page views, the page path, the referring source, device type, and an approximate country. A random session identifier is stored in your browser’s session storage to count a visit; it is cleared when you close the tab.

We do not require Visitors to create an account, and we do not collect payment card details — payments are handled directly between you and the business, in person.

How we use information

  • To operate the Services — for example, to deliver the experience a tag opens, route an order to the right staff, or record an event check-in.
  • To provide Clients with dashboards and analytics about their own taps, visits, and activity.
  • To secure the Services, prevent abuse, and diagnose problems.
  • To communicate with Clients about their account (for example, invitations and password resets).

We do not sell your personal information, and we do not use it for advertising by third parties.

Cookies and similar technologies

We use a strictly necessary session identifier (stored in your browser’s session storage) to count website visits for our first-party analytics. We do not use third-party advertising or cross-site tracking cookies.

Service providers

We share information only with providers that help us run the Services, under their respective terms:

  • Supabase — database, authentication, and storage.
  • Vercel — application hosting and delivery.
  • Resend — transactional email (such as account invitations).

These providers may process and store data on infrastructure located outside Aruba, including in the United States.

Data ownership between Tap Aruba and Clients

Information collected through a Client’s experiences (such as their orders, guest check-ins, and tap analytics) belongs to that Client. Tap Aruba processes it on the Client’s behalf to provide the Services. If you are a Visitor and want a business to remove information about you, please contact that business directly; you may also contact us and we will assist.

Data retention

We keep information for as long as needed to provide the Services and for legitimate business or legal purposes. Clients may request deletion of their account and associated data by contacting us.

Security

We protect data in transit using encryption, restrict database access with row-level security so each business can only see its own data, and limit administrative access. No system is perfectly secure, but we work to safeguard your information.

Your rights

You may request access to, correction of, or deletion of personal information we hold about you by emailing arubatap@gmail.com. We will respond within a reasonable time.

Children

The Services are intended for businesses and general audiences and are not directed to children under 13.

Changes to this policy

We may update this Privacy Policy from time to time. We will revise the “Last updated” date above and, where appropriate, notify Clients of material changes.

Contact

Questions about this policy or your information? Email us at arubatap@gmail.com.

Privacy PolicyTerms of Service← Back to Tap Aruba