Privacy Policy
How Synapseus Technologies collects, uses, stores and protects personal data across TapID — the website, app, NFC/QR profiles, events and related services.
Effective · 1 June 2026 · Last updated · 1 June 2026
1. Introduction
This Privacy Policy explains how SYNAPSEUS TECHNOLOGIES (PRIVATE) LIMITED, a company incorporated in Sri Lanka, collects, uses, stores, discloses and protects personal data when users access or use TapID, thetapid.com, TapID mobile or web applications, NFC/QR profiles, digital business card services, connection CRM features, event registration and networking features, analytics, integrations and related current or future TapID services.
In this Privacy Policy, “TapID”, “we”, “us” and “our” refer to SYNAPSEUS TECHNOLOGIES (PRIVATE) LIMITED. “User”, “you” and “your” refer to any person, company, employee, event organizer, attendee, website visitor, sponsor, exhibitor or other person who uses or interacts with TapID.
By using TapID, creating an account, publishing a TapID profile, scanning or tapping a TapID NFC/QR code, submitting contact information, registering for an event, or otherwise using our services, you acknowledge that you have read and understood this Privacy Policy.
2. Scope of this Privacy Policy
This Privacy Policy applies to the TapID website, web application, mobile application, digital profiles, NFC and QR routing links, contact exchange forms, lead capture features, business card scan/OCR features, company and corporate workspaces, event registration, ticketing, check-in, attendee networking, analytics, notifications, integrations and any related current or future TapID services.
This Privacy Policy does not apply to third-party websites, payment gateways, event platforms, social media platforms, CRM systems, analytics providers, hosting providers or other services that are not owned or controlled by us. Those third-party services may have their own privacy policies and terms.
3. Who uses TapID
TapID is designed for multiple user groups, including individual users, professionals, entrepreneurs, company and corporate users, employees using company-issued cards, event organizers, event attendees, sponsors, exhibitors, website visitors and other users who interact with TapID services.
Where TapID is used by a company, event organizer or other organization, that organization may have its own rules, permissions and responsibilities regarding the personal data it collects, views, exports or manages through TapID.
4. Information we collect
5. Information you choose to make public
TapID profiles are designed to help users share professional identity and contact information. Information you add to your public TapID profile may be visible to anyone who accesses your profile link, scans your QR code, taps your NFC card or receives your shared profile.
You are responsible for the accuracy, legality and suitability of the information you choose to publish or share through TapID. You should not publish information that you do not want others to see, save, copy, share or contact you through.
To the fullest extent permitted by applicable law, Synapseus Technologies is not responsible for consequences arising from information you voluntarily publish, disclose, share or make visible through your TapID profile, event networking opt-in, contact exchange or other TapID features, or from third-party use or misuse of such information outside our reasonable control.
6. How we collect information
We collect information directly from you when you create an account, edit your profile, activate a card, submit a form, scan or upload a business card, register for an event, opt into event networking, contact support or use TapID features.
We may collect information from other TapID users, companies, event organizers or attendees when they submit leads, invite you to an event, assign you to a company workspace, issue you a company TapID card, register you for an event or interact with you through TapID.
We may collect technical and usage information automatically when you access the website, app, NFC/QR links, public profiles, event pages or other TapID services.
We may receive payment, ticketing, analytics, infrastructure or integration-related data from third-party service providers such as OnePay, OneTicket, bank transfer/payment processors, DigitalOcean, Cloudflare, Google Analytics or other service providers we choose to use.
7. How we use information
We use personal data to provide, operate, maintain, secure and improve TapID and related services. This includes creating and managing accounts, publishing and routing TapID profiles, enabling vCard saving, managing NFC/QR cards, processing contact exchange submissions, maintaining connection CRM records, generating follow-up reminders, enabling business card scan/OCR, supporting company workspaces, managing events, issuing QR tickets, enabling check-in, supporting event networking, providing analytics, processing payments and handling customer support.
We may also use information to communicate with you, send service notifications, send event-related messages, provide support, prevent fraud and misuse, enforce our terms, comply with legal obligations, improve our services, develop current and future TapID features and generate aggregated or de-identified analytics.
8. Legal basis for processing
Where applicable, we process personal data based on one or more lawful grounds, including your consent, performance of a contract or requested service, our legitimate business interests, compliance with legal obligations, protection of our rights and interests, and other lawful bases recognized under applicable privacy and data protection laws.
For users in jurisdictions with GDPR-style privacy rights, our processing may rely on consent, contract necessity, legitimate interests, legal obligations or other applicable lawful bases depending on the feature and context.
9. Company-issued cards and company-owned leads
Where a TapID card, profile, account or lead is created under a company or corporate workspace, the relevant company or organization may own or control certain data connected to that workspace, including company-issued card data, company-owned leads, employee activity within the workspace and business relationship records created through company-owned cards or company-hosted events.
If an employee leaves a company, the company may retain company-owned leads and may reassign those leads, cards or relationship records to another authorized company user. The employee may retain access to their personal TapID account and personal data, subject to the account structure and applicable legal requirements.
Company users should understand that work-related TapID activity inside a company workspace may be visible to authorized company administrators.
10. Event networking and attendee visibility
TapID may offer event networking features that allow attendees to opt in to an attendee directory or networking experience. If you opt in, certain information such as your name, company, job title, role, profile photo, public TapID profile and other permitted details may be visible to event organizers, attendees, sponsors or exhibitors depending on the event settings.
You are responsible for deciding whether to opt in to event networking and for the information you choose to make visible. Synapseus Technologies is not responsible for third-party interactions, communications, business dealings, misuse of information or consequences arising outside our reasonable control after you voluntarily opt in or share information through event networking features.
Event organizers may have access to attendee registration information, check-in records and event analytics. Sponsor or exhibitor reports should be provided in aggregated or consent-based form where appropriate.
11. Business card scan / OCR data
TapID may allow users to scan or upload physical business cards or similar contact materials. OCR or manual entry features may extract names, job titles, company names, phone numbers, email addresses, websites, addresses or other details visible on the card.
Users are responsible for ensuring they have a lawful and appropriate reason to store, use, contact or share information obtained from scanned business cards or other third-party contact materials. TapID provides tools to organize such information, but users remain responsible for their own communications and compliance obligations.
12. Payments, ticketing and third-party payment providers
TapID may support paid services, subscriptions, card purchases, event tickets, event setup fees, networking add-ons or other payments. Payments may be processed through OnePay, OneTicket, bank transfer and/or other payment service providers we may use in the future.
We may receive payment status, transaction references, order details, ticket status, bank transfer reference information or reconciliation data. We do not intend to collect or store full payment card numbers or complete payment credentials on TapID servers.
Payment providers, banks and ticketing partners may process your information under their own privacy policies, terms and security standards. We are not responsible for payment provider systems, bank processing delays, gateway downtime or third-party payment handling outside our reasonable control.
13. Cookies, analytics and tracking technologies
TapID may use cookies, pixels, local storage, device identifiers, analytics scripts and similar technologies to operate the website and app, remember preferences, improve performance, secure accounts, analyze usage and improve our services.
We may use Cloudflare Analytics, Google Analytics and/or similar analytics tools or performance services from time to time. These tools may collect technical information such as IP address, device, browser, pages visited, usage events and approximate location or network information.
More detailed information about cookies and tracking technologies is provided in our Cookies Policy, published on thetapid.com.
14. How we share information
We do not sell personal data in the ordinary course of business. However, we may share information where necessary to provide TapID services, operate our business, comply with law, protect rights or support integrations requested by users or organizations.
15. Hosting, infrastructure and international transfers
TapID may be hosted on DigitalOcean, AWS and/or other cloud infrastructure providers, and may use Cloudflare or similar services for DNS, security, performance, analytics and traffic management. These providers may process, store or transmit data in countries outside Sri Lanka depending on server location, infrastructure configuration and provider operations.
By using TapID, you understand that your information may be processed or stored in Sri Lanka or other countries where our service providers, hosting providers, analytics providers, payment partners or integration providers operate. We take reasonable steps to use service providers that maintain appropriate security and operational standards.
To the fullest extent permitted by law, Synapseus Technologies is not responsible for outages, incidents, interruptions, security failures, data processing practices or service limitations of third-party infrastructure providers, payment providers, analytics providers, hosting providers or other third-party services outside our reasonable control.
16. Data security
We take reasonable technical, administrative and organizational measures to protect personal data against unauthorized access, loss, misuse, alteration, disclosure or destruction. These measures may include access controls, encryption where appropriate, secure hosting practices, audit logs, restricted administrative access, backups, monitoring and other security controls.
No website, app, network, server, payment gateway, email system or cloud service can be guaranteed to be completely secure. You are responsible for keeping your account credentials secure, using strong passwords, protecting your devices and notifying us promptly if you suspect unauthorized access to your account.
17. Data retention
We retain personal data for as long as necessary to provide TapID services, maintain accounts, comply with legal obligations, resolve disputes, enforce agreements, prevent fraud, maintain security, support legitimate business purposes and operate current or future TapID services.
Users may request deletion of their account or personal data, subject to legal, accounting, security, backup, fraud-prevention, dispute-resolution and operational retention requirements. Some data may remain in backups, audit logs, transaction records, payment records, legal records or de-identified/aggregated analytics for a limited or legally required period.
18. Your rights and choices
Depending on applicable law and your relationship with TapID, you may request access to your personal data, correction of inaccurate data, deletion of your account or public profile, export of your data, withdrawal of consent, restriction or objection to certain processing and opt-out from marketing communications.
To make a request, contact us at [email protected]. We may need to verify your identity before processing certain requests. We may decline or limit requests where permitted by law, including where we must retain information for legal, security, accounting, dispute-resolution or legitimate operational purposes.
Where your data is controlled by a company, event organizer or other organization using TapID, we may direct you to that organization or coordinate with them where appropriate.
19. Marketing and service communications
We may send you service-related communications such as account notices, security alerts, profile activity, card notifications, event registrations, ticket confirmations, payment status updates, reminders and important product updates. These communications are necessary for the service and may not always be optional.
We may also send marketing or promotional communications where permitted by law or where you have opted in. You may opt out of marketing emails by using the unsubscribe link or contacting us. Opting out of marketing does not prevent us from sending service-related communications.
20. Children and minors
TapID is primarily designed for professional, business, corporate and event networking use. Minors may use TapID only with appropriate parent, guardian, school, institution, event organizer, company or lawful consent where required.
If we become aware that we have collected personal data from a minor without required consent, we may delete or restrict the relevant account or data. Parents or guardians may contact us at [email protected] regarding a minor's data.
21. Third-party links, social platforms and external services
TapID profiles and event pages may include links to websites, social media profiles, maps, payment pages, event pages, CRM tools or other third-party services. We are not responsible for the content, privacy practices, terms, security or data handling of third-party websites or services.
Users should review the privacy policies and terms of any third-party service they access through TapID.
22. Automated processing and analytics
TapID may use automated processing to route NFC/QR links, generate analytics, detect duplicates, support follow-up reminders, manage event attendance, process integration logs, display dashboards or improve platform performance.
We do not intend to make legally significant decisions about users solely by automated processing without appropriate human review or lawful basis where required.
23. Changes to this Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our services, legal obligations, technology, integrations, business operations or privacy practices. Updated versions may be published on thetapid.com and/or communicated through the app, website or email where appropriate.
Your continued use of TapID after an updated Privacy Policy becomes effective indicates that you acknowledge the updated policy, subject to any additional consent requirements under applicable law.
24. Governing law
This Privacy Policy is governed by the laws of Sri Lanka.
25. Contact us
If you have questions, requests, concerns or complaints about this Privacy Policy or how TapID handles personal data, please contact us using the details below. Data-protection requests and privacy queries can be sent directly to our Data Protection Officer.
Questions about this policy?
Write to [email protected] and we'll get back to you.