Privacy Policy

1. Controller

The controller responsible for data processing on this website is masernet GmbH, as listed in our Imprint. For any privacy-related enquiries, please contact us at privacy@tap2.cloud.

2. Data We Collect

2.1 Website visit data

When you visit tap2.cloud, our web servers automatically record standard access log data: IP address (anonymised), browser type and version, operating system, referrer URL, page visited, and timestamp. This data is processed on the basis of our legitimate interest (Art. 6(1)(f) GDPR) in operating a secure and functional website. Log data is retained for 7 days and then deleted.

2.2 Contact form

When you submit the contact form, we collect your first name, last name, work email address, company name, selected topic, selected industry, and message content. This data is processed on the basis of your consent (Art. 6(1)(a) GDPR) and, where applicable, for the performance of a pre-contractual relationship (Art. 6(1)(b) GDPR). We use this data solely to respond to your enquiry. We retain contact form submissions for 24 months or until you request deletion.

2.3 Demo environment

If you access the self-serve sandbox at demo.tap2.cloud, technical session data is processed to provide the service. No personal data is required to access the sandbox. Any data you enter into the demo environment is reset daily and not retained.

3. Cookies and Tracking

tap2.cloud uses only technically necessary cookies required for the website to function. We do not use advertising cookies, analytics cookies, or third-party tracking scripts. No cookie consent banner is required because no non-essential cookies are set.

If we introduce analytics in future, we will update this policy and implement a compliant consent mechanism before doing so.

4. Third-Party Services

The tap2.cloud website is hosted on Vercel (Vercel Inc., 340 Pine Street, Suite 801, San Francisco, CA 94104, USA). Vercel processes connection data as a processor on our behalf under a Data Processing Agreement. Vercel's infrastructure is GDPR-compliant. Data may be transferred to the USA under Standard Contractual Clauses.

We do not use Google Analytics, Meta Pixel, LinkedIn Insight Tag, or any other third-party tracking service on this website.

5. Your Rights

Under GDPR, you have the following rights regarding your personal data:

• Right of access (Art. 15 GDPR) — obtain a copy of your personal data we hold
• Right to rectification (Art. 16 GDPR) — correct inaccurate data
• Right to erasure (Art. 17 GDPR) — request deletion of your data
• Right to restriction (Art. 18 GDPR) — restrict processing of your data
• Right to data portability (Art. 20 GDPR) — receive your data in a machine-readable format
• Right to object (Art. 21 GDPR) — object to processing based on legitimate interests
• Right to withdraw consent — withdraw consent at any time without affecting prior processing

To exercise any of these rights, contact us at privacy@tap2.cloud. We will respond within 30 days. You also have the right to lodge a complaint with a supervisory authority — in Germany, the relevant authority is the Bundesbeauftragte für den Datenschutz und die Informationsfreiheit (BfDI).

6. Data Security

All data transmission to and from tap2.cloud is encrypted using TLS 1.3. Access to any stored personal data is restricted to authorised personnel only. We apply the principle of data minimisation — we collect only what is strictly necessary for the stated purpose.

7. Changes to This Policy

We may update this Privacy Policy when our data practices change or when required by law. The current version is always available at this URL. For material changes, we will notify users who have provided contact details.