Security & GDRP

Data Center

We’ve partnered with Microsoft and our systems are hosted and managed within Microsoft Azure Cloud Computing Services.

Data Encryption

All communications between our clients (web, mobile, integrations, and extensions) and our servers are encrypted in transit by being served over HTTPS.

Authentication & Authorization

We use hash and encryption mechanisms to store passwords so they can’t be retrieved.
We support Single Sign On (SSO) for secure authentication.
We provide a user roles and permissions system that allows the account administrators to have different levels of access.

GPDR Compliance

We have implemented all the necessary mechanisms to be compliant with the new General Data Protection Regulation (GDPR).
Below are the most important rights that we guarantee for all users. If you have any specific question feel free to reach out to us hello@tapmyback.com.

Tailored consent by feature

Each organization can customize the features that will be available for end-users and give relevant information about how will they process the data generated.

Individual consents per user

After receiving an invitation to join Tap My Back, the end-user has the possibility to either accept it or reject it. They will be able to know which features are active in the account beforehand and how the data generated will be processed.

Right to be forgotten

We have an automatic process to remove your personal information (email address, name, profile picture, bio) from our system, the rest of the information is pseudonymized using artificial identifiers.

Data Correction

All your information can be changed in a quick and easy way, by either administrators or end-users.

Right to access your data

You can easily export all your personal information that is stored by us from your profile management area.