PRIVACY POLICY
Effective Date: October 23, 2025
Last Updated: October 23, 2025
INTRODUCTION
Welcome to Tapout Rewards. This Privacy Policy explains how Tapout Rewards, LLC ("Tapout Rewards," "we," "us," or "our") collects, uses, discloses, and protects information about you when you use our mobile application, website, and related services (collectively, the "Services").
We take your privacy seriously, especially when it comes to information about minors. Please read this Privacy Policy carefully to understand our practices regarding your information.
By using the Services, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with our policies and practices, do not use the Services.
Contact Information:
Email: [insert privacy email]Mail: [insert business address]Phone: [insert phone number]
TABLE OF CONTENTS
Information We CollectHow We Collect InformationHow We Use Your InformationHow We Share Your InformationChildren's Privacy (COPPA Compliance)Data RetentionData SecurityYour Privacy RightsCalifornia Privacy Rights (CCPA)International Data TransfersThird-Party Services and LinksChanges to This Privacy PolicyContact Us
1. INFORMATION WE COLLECT
We collect several types of information from and about users of our Services.
1.1 Information You Provide Directly
Parent/Guardian Account Information:
Full nameEmail addressPhone numberPassword (encrypted)Payment information (credit card, bank account details)Billing addressTeen User Information (Provided by Parents):
First name and last initial or full name (at parent's discretion)Age or date of birthPhone number (optional)Device information
Tapout Configuration Information:
Tapout schedules (bedtime, homework, dinner, etc.)Selected apps to block during tapoutsAllowance amounts and payment preferencesCustom rules and settingsParent notes or labels for tapout sessions
Communications:
Customer support inquiriesFeedback and survey responsesMessages sent through the Services
1.2 Information Collected Automatically
Usage Data:
Tapout session data (start time, end time, completion status)App blocking eventsSession completion rates and streaksLogin and access timesFeatures used within the app
Device Information:
Device type, model, and operating systemUnique device identifiersMobile network informationNFC hardware capabilitiesApp version and settings
Technical Data:
IP addressBrowser type and versionTime zone settingCrash reports and diagnostic dataPerformance metrics
1.3 Information from Third Parties
Payment Processors:
Transaction confirmation dataPayment status and historyFraud detection information
iOS Screen Time API:
App usage data during tapout sessions (for blocking enforcement only)Screen time statistics (when enabled by parent)
Analytics Providers:
Aggregated usage statisticsFeature engagement metrics
1.4 Location Information
We DO NOT collect precise location data. The Services do not track your teen's location or use GPS technology. Location services are not required to use Tapout Rewards.
We may collect general location information (city/state level) based on IP address for:
Fraud preventionCompliance with local lawsDisplaying relevant support resources
2. HOW WE COLLECT INFORMATION
We collect information through various methods:
2.1 Direct Collection
Information you enter when creating an accountData you provide when configuring tapout schedulesContent you submit through customer support
2.2 Automatic Collection
Through cookies and similar tracking technologies on our websiteThrough the mobile app's built-in analyticsVia NFC tap events recorded by the app
2.3 Third-Party Collection
From payment processors when you make purchasesFrom iOS Screen Time API when enforcing app blocksFrom cloud storage providers (iCloud) if you enable backup features
3. HOW WE USE YOUR INFORMATION
We use the information we collect for the following purposes:
3.1 To Provide and Maintain the Services
Core Functionality:
Create and manage user accountsProcess tapout sessions and enforce app blockingCalculate and distribute allowancesSend notifications about tapout eventsSynchronize data across devicesProvide customer support
Service Improvements:
Analyze usage patterns to improve featuresTest new functionalityDebug and fix technical issuesOptimize app performance
3.2 To Process Payments and Prevent Fraud
Process subscription fees and allowance paymentsVerify payment methodsDetect and prevent fraudulent transactionsManage billing and invoicingProcess refunds when applicable
3.3 To Communicate With You
Send transactional emails (account creation, password resets, receipts)Provide customer support responsesSend important service updates or changesNotify you of new features (if you've opted in)Request feedback or surveys (optional)
3.4 To Ensure Safety and Security
Verify user identitiesProtect against unauthorized accessEnforce our Terms and ConditionsComply with legal obligationsRespond to legal requests and prevent harm
3.5 For Analytics and Research
Understand how users interact with the ServicesMeasure the effectiveness of featuresConduct research to improve family digital wellnessGenerate aggregated, de-identified statistics
Note: We only use aggregated, de-identified data for research purposes. Individual user data is never sold or shared for research without explicit consent.
3.6 With Your Consent
We may use information for other purposes with your explicit consent, which you can withdraw at any time.
4. HOW WE SHARE YOUR INFORMATION
We do not sell your personal information. We share information only in the following limited circumstances:
4.1 Within Your Family Account
Parent-Teen Data Sharing:
Parents can view all tapout session data for their registered teensTeens can view their own session history and earned allowancesAll family members sharing an account can see shared schedules and settings
4.2 With Service Providers
We share information with third-party vendors who perform services on our behalf:
Payment Processing:
Stripe or other payment processorsOnly payment information necessary to process transactionsSubject to their respective privacy policies
Cloud Infrastructure:
Amazon Web Services (AWS) or similar providersFor secure data storage and hostingSubject to strict data processing agreements
Customer Support:
Customer service platformsOnly information necessary to resolve your inquiry
Analytics:
Google Analytics (website only)Firebase Analytics (mobile app)Only aggregated, non-personally identifiable data when possible
Email Services:
For transactional and marketing emails (if opted in)
All service providers are contractually obligated to:
Use data only for providing services to usMaintain appropriate security measuresComply with applicable privacy lawsNot use the data for their own purposes
4.3 For Legal Reasons
We may disclose information if we believe it's necessary to:
Comply with applicable laws, regulations, or legal processesRespond to lawful requests from public authorities (court orders, subpoenas)Enforce our Terms and ConditionsProtect our rights, property, or safetyProtect the rights, property, or safety of our users or the publicPrevent fraud or other illegal activityInvestigate potential violations of our policies
4.4 Business Transfers
If we are involved in a merger, acquisition, sale of assets, bankruptcy, or other business transaction, your information may be transferred as part of that transaction. We will notify you via email and/or prominent notice in the app before your information becomes subject to a different privacy policy.
4.5 With Your Consent
We may share information for other purposes with your explicit consent.
4.6 Aggregated or De-Identified Data
We may share aggregated or de-identified information that cannot reasonably be used to identify you, such as:
Statistical data about app usage patternsTrends in teen digital wellnessGeneral effectiveness of screen time management techniques
5. CHILDREN'S PRIVACY (COPPA COMPLIANCE)
We take children's privacy very seriously and comply with the Children's Online Privacy Protection Act (COPPA).
5.1 Age Requirements
The Services are intended for use by parents/guardians (18+) and their teen children (13-17)We do not knowingly collect information from children under 13 without verifiable parental consentParents must create accounts on behalf of their teens
5.2 Parental Consent
Before collecting any personal information from a teen user, we require:
Verified parental consent during account setupParent acknowledgment of this Privacy PolicyParent authorization for data collection and use
Parents provide consent by:
Creating the family account with payment informationRegistering teen users within their accountAgreeing to the Terms and Conditions and Privacy Policy
5.3 Information Collected from Teens
With parental consent, we collect from teen users:
First name and last initial (or full name at parent's discretion)Age or date of birthDevice identifiersTapout session data (times, completion status)App usage data during tapout sessions (for blocking purposes only)
We do NOT collect from teens:
Precise geolocation dataPhotos or videosSocial media account informationBiometric dataAny information not necessary for core functionality
5.4 How Teen Information Is Used
Teen information is used only to:
Enable tapout sessions and app blockingCalculate and distribute allowancesProvide service notificationsEnable parent monitoring featuresImprove the Services
5.5 Parental Rights
Parents have the right to:
Review: Request to review any personal information collected from their teen
Delete: Request deletion of their teen's personal information at any time
Refuse: Refuse to allow further collection or use of their teen's information
Modify: Update or correct their teen's information
To exercise these rights, contact us at: [privacy email]
We will respond to requests within a reasonable timeframe, typically within 30 days.
5.6 Teen Data Retention
Teen data is retained only as long as the account is activeWhen a teen "ages out" (turns 18), parents can convert the account or delete itUpon account deletion, teen data is permanently deleted within 90 days (except as required by law)
5.7 Third-Party Sharing of Teen Data
We do not share teen personal information with third parties except:
As necessary to provide the Services (e.g., payment processing)As required by lawWith explicit parental consent
We NEVER sell teen personal information to third parties.
5.8 Notification of Privacy Policy
We inform parents about our privacy practices through:
This Privacy Policy prominently displayed during signupEmail notification upon account creationIn-app notices about data practicesDirect communication regarding any material changes
6. DATA RETENTION
6.1 How Long We Keep Your Information
Account Data:
Retained while your account is activeRetained for 90 days after account deletion (for recovery purposes)Permanently deleted after 90 days unless legal retention is required
Transaction Data:
Payment and allowance records retained for 7 years (tax and legal requirements)Can be provided to you upon request
Usage Data:
Tapout session history retained while account is activeAggregated analytics retained indefinitely (de-identified)Individual session data deleted 2 years after account closure
Support Communications:
Retained for 3 years for quality assurance and legal purposes
Legal and Safety Data:
Information related to legal matters retained as required by lawFraud prevention data retained according to industry standards
6.2 Deletion of Your Information
You can request deletion of your information at any time by:
Using the account deletion feature in the appContacting us at [privacy email]Sending a written request to our mailing address
Upon deletion request, we will:
Immediately revoke access to the ServicesDelete personal information within 90 daysRetain only information required by law or legitimate business purposes
7. DATA SECURITY
7.1 How We Protect Your Information
We implement appropriate technical and organizational security measures to protect your information, including:
Technical Measures:
Encryption in transit (TLS/SSL)Encryption at rest for sensitive dataSecure password hashing (bcrypt or similar)Regular security audits and vulnerability assessmentsIntrusion detection systemsSecure API communications
Organizational Measures:
Limited employee access to personal informationBackground checks for employees with data accessConfidentiality agreements with all personnelRegular security training for staffIncident response procedures
Infrastructure Security:
Secure cloud hosting with industry-leading providersRegular backups and disaster recovery plansNetwork segmentation and firewallsDDoS protection
7.2 Payment Security
We use PCI-DSS compliant payment processorsWe do not store full credit card numbers on our serversPayment information is tokenized and encryptedAll transactions use secure HTTPS connections
7.3 NFC Security
NFC communications are encryptedTapout tags are uniquely paired to accountsDeactivated tags cannot be usedTags cannot be cloned or duplicated
7.4 Your Responsibility
You are responsible for:
Keeping your password secure and confidentialLogging out of shared devicesMonitoring your account for unauthorized accessNotifying us immediately of any security breach
Security Best Practices:
Use a strong, unique passwordEnable two-factor authentication if availableDon't share your account credentialsKeep your device's operating system updated
7.5 Data Breach Notification
In the event of a data breach that affects your personal information, we will:
Notify you via email within 72 hours of discoveryProvide details about the breach and affected dataDescribe steps we're taking to address the breachAdvise you on protective measures you can takeNotify relevant authorities as required by law
No security system is perfect. While we strive to protect your information, we cannot guarantee absolute security. You use the Services at your own risk.
8. YOUR PRIVACY RIGHTS
8.1 Access and Control
You have the following rights regarding your personal information:
Right to Access:
Request a copy of all personal information we hold about youReceive information in a structured, commonly used format
Right to Rectification:
Correct inaccurate or incomplete informationUpdate your account details at any time
Right to Deletion:
Request deletion of your personal information"Right to be forgotten" in applicable jurisdictions
Right to Restriction:
Request we limit how we use your informationObject to certain types of processing
Right to Data Portability:
Receive your data in a machine-readable formatTransfer your data to another service (where technically feasible)
Right to Object:
Object to processing based on legitimate interestsOpt out of marketing communications
Right to Withdraw Consent:
Withdraw consent for data processing at any timeDoes not affect the lawfulness of prior processing
8.2 How to Exercise Your Rights
To exercise any of these rights:
Email: [privacy email]
Mail: [business address]
In-App: Use the "Privacy Settings" or "Account Settings" section
We will respond within:
30 days for most requests45 days for complex requestsWe may request additional information to verify your identity
8.3 Account Settings
You can control certain information through your account settings:
Update profile informationModify notification preferencesConfigure tapout schedulesManage linked payment methodsExport your dataDelete your account
8.4 Marketing Communications
You can opt out of marketing communications by:
Clicking "unsubscribe" in any marketing emailAdjusting preferences in account settingsContacting us directly
Note: You cannot opt out of transactional emails necessary for the Services (e.g., receipts, security alerts, account notifications).
9. CALIFORNIA PRIVACY RIGHTS (CCPA)
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):
9.1 Categories of Information Collected
In the past 12 months, we have collected the following categories of personal information:
Identifiers (name, email, phone number)Payment informationInternet or network activity (usage data, device information)Geolocation data (general city/state only)Inferences drawn from usage patterns
9.2 California Consumer Rights
Right to Know:
Request disclosure of personal information collectedRequest disclosure of categories of sourcesRequest disclosure of business purposes for collectionRequest disclosure of third parties we share with
Right to Delete:
Request deletion of personal information collected from youSubject to certain exceptions
Right to Opt-Out:
Opt out of the "sale" of personal informationNote: We do not sell personal information
Right to Non-Discrimination:
We will not discriminate against you for exercising your rightsSame quality of service regardless of rights exercise
9.3 How to Exercise California Rights
Designated Methods:
Email: [privacy email]Phone: [toll-free number]Online Form: [URL to privacy request form]
We will verify your identity before processing requests.
Authorized Agents:
You may designate an authorized agent to make requests on your behalfAgent must provide written authorization or power of attorneyWe may still require you to verify your identity
9.4 California "Shine the Light" Law
California residents may request information about disclosures of personal information to third parties for direct marketing purposes. We do not share personal information with third parties for their direct marketing purposes.
9.5 California Minors
California residents under 18 have the right to request removal of content they posted publicly. Contact us at [privacy email] to request removal.
10. INTERNATIONAL DATA TRANSFERS
10.1 Data Storage and Processing
Our Services are based in the United StatesYour information may be transferred to and processed in the United StatesThe United States may have different data protection laws than your jurisdictionBy using the Services, you consent to this transfer
10.2 European Economic Area (EEA) Users
If you are located in the EEA, we rely on the following legal bases for processing:
Consent: When you provide explicit consentContract: To fulfill our contract with you (provide Services)Legal Obligation: To comply with legal requirementsLegitimate Interest: For business operations and improvements
Your EEA Rights:
All rights listed in Section 8 (Your Privacy Rights)Right to lodge a complaint with your local supervisory authorityRight to object to processing based on legitimate interests
Data Transfer Mechanisms:
We use Standard Contractual Clauses approved by the European CommissionOur service providers comply with applicable data protection laws
10.3 Other International Users
If you are located outside the United States:
Your information will be transferred to the United StatesYou may have rights under your local privacy lawsContact us to exercise any applicable rights
11. THIRD-PARTY SERVICES AND LINKS
11.1 Third-Party Services We Use
Our Services integrate with third-party services, including:
Payment Processors:
Stripe (privacy policy: stripe.com/privacy)PayPal (privacy policy: paypal.com/privacy)
Analytics:
Google Analytics (privacy policy: google.com/analytics/terms)Firebase (privacy policy: firebase.google.com/support/privacy)
Cloud Infrastructure:
Amazon Web Services (privacy policy: aws.amazon.com/privacy)
Customer Support:
[Your support platform] (privacy policy: [URL])
Each third-party service has its own privacy policy. We encourage you to review their policies.
11.2 Third-Party Links
Our Services may contain links to third-party websites, apps, or resources. We are not responsible for:
The privacy practices of third-party sitesThe content of third-party sitesAny data collected by third parties
We encourage you to review the privacy policies of any third-party sites you visit.
11.3 Social Media
We may have social media pages (Facebook, Instagram, Twitter, etc.). Information you provide on social media platforms is governed by their privacy policies, not ours.
12. CHANGES TO THIS PRIVACY POLICY
12.1 How We Update This Policy
We may update this Privacy Policy from time to time to reflect:
Changes in our practicesChanges in applicable lawsNew features or servicesFeedback from users
12.2 Notice of Changes
For Material Changes:
We will notify you at least 30 days before changes take effectNotification via email to your registered addressProminent notice in the app or websiteUpdate the "Effective Date" at the top of this policy
For Non-Material Changes:
We will update the "Last Updated" dateChanges take effect immediately upon postingWe encourage you to review this policy periodically
12.3 Your Acceptance
Continued use of the Services after changes constitutes acceptance of the updated Privacy Policy.
If you do not agree with changes:
Stop using the ServicesDelete your accountContact us with concerns
12.4 Version History
Previous versions of this Privacy Policy are available upon request at [privacy email].
13. CONTACT US
13.1 Privacy Questions and Concerns
If you have questions, concerns, or complaints about this Privacy Policy or our data practices, please contact us:
Email: [privacy email]
Phone: [phone number]
Mail:
[Company Name]
Attn: Privacy Officer
[Street Address]
[City, State ZIP]
Response Time: We aim to respond to all inquiries within 5-10 business days.
ADDITIONAL INFORMATION
Cookie Policy
Our website uses cookies and similar tracking technologies. By using our website, you consent to our use of cookies as described below:
Types of Cookies We Use:
Strictly Necessary Cookies:
Enable core website functionalityRemember your login statusCannot be disabled
Performance Cookies:
Google Analytics (tracks website usage)Help us understand how visitors use our siteAggregated and anonymous data
Functional Cookies:
Remember your preferencesProvide enhanced featuresImprove user experience
How to Control Cookies:
Browser settings to block or delete cookiesOpt out of Google Analytics: tools.google.com/dlpage/gaoptoutNote: Blocking cookies may limit functionality
DO NOT TRACK SIGNALS
Some browsers have "Do Not Track" features. Our Services do not currently respond to Do Not Track signals because there is no industry standard for how to respond.
ACCESSIBILITY
We are committed to making our Privacy Policy accessible to everyone. If you have difficulty accessing this policy or need it in an alternative format, please contact us at [privacy email].
EFFECTIVE DATE
This Privacy Policy is effective as of October 23, 2205 and will remain in effect except with respect to any changes in its provisions in the future, which will be in effect immediately after being posted on this page.
SUMMARY
We know privacy policies can be long and complex. Here's a quick summary:
We collect: Account info, tapout data, usage stats, payment info
We use it for: Running the app, processing payments, improving features
We share with: Payment processors, cloud hosts, support tools (never advertisers)
We protect: Encryption, secure hosting, limited access
Teens: Full COPPA compliance, parental consent required
Your rights: Access, delete, correct, export your data anytime
We DON'T: Sell your data, track location, or share info for marketing
For complete details, please read the full policy above.
BY USING TAPOUT REWARDS, YOU ACKNOWLEDGE THAT YOU HAVE READ AND UNDERSTOOD THIS PRIVACY POLICY AND AGREE TO ITS TERMS.
Last Updated: October 23, 2025
© 2025 Tapout Rewards, LLC. All rights reserved.