Privacy Policy

Last updated: 01/19/2026

This Privacy Policy describes how the personal data of users who access and use the TAPPALO platform (hereinafter "Platform") is processed, in compliance with EU Regulation 2016/679 ("GDPR").

1. Data Controller

The Data Controller is:
Emanuele De Amicis
Address: via Laurentina, 1222 – Rome (Italy)
Email: info@tappalo.com

2. Types of Data Processed

The Platform processes the following categories of personal data:

a) Registration and Account Data

Name and surname
Email address
Login credentials (encrypted)
Technical data related to the account

b) Data Associated with NFC / QR Tags

Voluntarily entered by the user, including but not limited to:

Phone number
Email address
Pet's name
Descriptive information or custom notes

c) Usage and Technical Data

IP Address
Device type and browser
Access and usage logs
Navigation data

3. Data Made Public via NFC and QR

Some personal data entered by the user may be made publicly accessible to anyone who scans the associated NFC tag or QR code, exclusively upon the user's explicit choice.

Key Features:

Data publication is optional
The user decides which data to make visible
Data can be modified or removed at any time
TAPPALO does not automatically publish any personal data

The main purpose of this feature is to allow contact in case of loss of the animal or similar needs.

4. Purpose of Processing

Personal data is processed for the following purposes:

Creation and management of the user account
Association and management of NFC and QR tags
Displaying data chosen by the user following a scan
Provision of services offered by the Platform
Assistance and support
Fulfillment of legal obligations
Security, prevention of fraud and misuse

5. Legal Basis for Processing

Processing is based on:

Execution of a contract (Art. 6.1.b GDPR)
Consent of the data subject (Art. 6.1.a GDPR)
Legal obligations (Art. 6.1.c GDPR)
Legitimate interest of the Controller (Art. 6.1.f GDPR)

6. Processing Methods and Security

Processing takes place using IT and telematic tools, adopting adequate technical and organizational measures to ensure the security, integrity, and confidentiality of the data.
Passwords and sensitive information are processed with appropriate encryption and protection techniques.

7. Data Retention

Personal data is retained:

For the entire duration of the user account
Until a request for deletion
For the time necessary to fulfill legal obligations

Data published via NFC/QR remains visible as long as the user keeps it active.

8. Data Communication to Third Parties

Personal data is not disseminated.

It may be communicated to:

Technical service and hosting providers
Technical or legal consultants
Competent authorities, if required by law

These subjects operate as Data Processors or independent Controllers.

9. Data Transfer Outside the EU

Should data be transferred outside the European Union, the transfer will take place in compliance with the guarantees provided by the GDPR (adequacy decisions or standard contractual clauses).

10. Rights of the Data Subject

The user has the right to:

Access their personal data
Request rectification or updating
Request deletion
Limit or object to processing
Request data portability
Withdraw consent at any time
File a complaint with the Data Protection Authority

Requests can be sent to: info@tappalo.com

11. User Responsibility for Public Data

The user is responsible for the personal data they decide to make publicly accessible via NFC or QR.
TAPPALO exclusively provides the technical infrastructure and is not responsible for the improper use of data made public by third parties, except for legal obligations.

12. Cookies

The Platform uses technical cookies and, with consent, third-party cookies.
For more information, the specific Cookie Policy is available.

13. Changes to the Privacy Policy

The Data Controller reserves the right to modify this Privacy Policy at any time. Changes will be published on this page indicating the update date.