Privacy Policy

Last updated: March 14, 2026

Welcome to myTppy (mytppy.com). We provide NFC-enabled digital business cards that let you share your contact information, social links, and more through a personalized online profile. This Privacy Policy explains what information we collect, how we use it, and the choices you have.

By using our website, purchasing a product, or creating a profile, you agree to the practices described in this policy.

1. Information We Collect

Account Information

When you create an account on myTppy.com, we collect:

  • Username and password (password is stored in hashed form)
  • Email address
  • Any additional information you provide during registration

Profile Data

When you build your digital business card profile, you may choose to provide:

  • Name, phone number, email address, website URL
  • Company name, job title/position, and biography
  • Profile photo
  • Social media links (Facebook, Instagram, Twitter/X, LinkedIn, YouTube, TikTok, Bluesky, Discord, Telegram, Snapchat, Twitch, Tumblr, Fediverse, OnlyFans, Passes)
  • Payment links (Venmo, CashApp, PayPal, Zelle, Apple Pay, Google Pay, Stripe, Square)
  • Custom fields you define

Analytics Data

When someone views your profile or clicks a link on it, we collect limited analytics data:

  • Truncated IP address — the last octet of IPv4 addresses is removed before storage (e.g., 192.168.1.xxx), so we never store your full IP address
  • Country-level geolocation (derived via MaxMind GeoLite2, when enabled)
  • User agent string (browser/device type)
  • Timestamp of the visit or click

Payment Information

Purchases are processed through WooCommerce using third-party payment gateways (Stripe and/or PayPal). We collect order details such as your name, billing address, and email. We do not store credit card numbers or full payment credentials on our servers. All sensitive payment data is handled directly by the payment gateway.

2. How We Use Your Information

We use the information we collect to:

  • Create and maintain your account
  • Display your digital business card profile to people who tap your NFC card or scan your QR code
  • Process orders and deliver NFC cards
  • Provide profile view and link click analytics so you can see how your card is performing
  • Power AI-assisted features such as bio generation (see Section 5)
  • Send transactional emails related to your account or orders
  • Improve our services, troubleshoot issues, and ensure security

3. Information You Choose to Share Publicly

Your profile page is publicly accessible to anyone who taps your NFC card, scans your QR code, or visits your profile URL. The information you add to your profile — such as your name, company, bio, photo, social links, and payment links — will be visible to those visitors.

To protect your privacy, certain contact details (email address and phone number) use a "tap to reveal" system. These fields remain hidden on the page until a visitor explicitly clicks to reveal them. This gives you the ability to share contact information on your profile while adding a layer of protection against automated scraping.

You have full control over what information appears on your profile. You can add, edit, or remove any field at any time from your account dashboard.

4. Analytics & Tracking

We collect analytics on profile views and link clicks to help you understand how people interact with your digital business card. This data includes:

  • Profile views: recorded each time someone visits your profile page
  • Link clicks: recorded when a visitor clicks on a social link, payment link, or other link on your profile

IP address truncation: To protect visitor privacy, we truncate IPv4 addresses by removing the last octet before storing them (e.g., 192.168.1.42 becomes 192.168.1.0). This means we cannot identify individual visitors by IP address.

Geolocation: We may use the MaxMind GeoLite2 database to derive country-level location data from truncated IP addresses. This is used solely for aggregate geographic analytics (e.g., "30% of your profile views came from the United States"). We do not perform city-level or precise geolocation.

We do not use third-party tracking pixels, advertising cookies, or cross-site tracking technologies on profile pages.

5. AI Features

myTppy offers an optional AI-powered bio assistance feature. When you use this feature, relevant profile information (such as your name, job title, company, and existing bio) is sent to a third-party AI service to generate a suggested biography for your profile.

  • This feature is entirely optional — it only activates when you explicitly request it
  • The data sent to the AI service is limited to what is needed to generate the bio
  • We do not use your data to train AI models
  • The AI-generated bio is provided as a suggestion; you can edit or discard it before saving

The third-party AI provider may have its own privacy practices. We select providers that handle data responsibly, but we encourage you to review their policies if you have concerns.

6. Cookies & Local Storage

We use a limited number of cookies and browser storage mechanisms:

Cookies

  • Authentication cookies: Used to keep you logged in to your account. If you select "Remember me," a persistent login cookie is stored for a configurable period (between 7 and 90 days).
  • WooCommerce cookies: Standard WooCommerce session and cart cookies used during the shopping and checkout process.
  • WordPress cookies: Standard WordPress cookies for logged-in users and comment functionality.

Local Storage

  • Dark mode preference: Your light/dark theme preference is saved in your browser's localStorage so it persists between visits.
  • PWA (Progressive Web App) caching: Our service worker caches certain assets locally on your device for faster loading and limited offline functionality. This data stays on your device and is not transmitted to our servers.

We do not use advertising or third-party tracking cookies.

7. Payment Processing

All payments for NFC card purchases are processed through WooCommerce using trusted third-party payment gateways:

When you make a purchase, your payment information (credit card number, billing details) is transmitted directly to the payment gateway over an encrypted connection. We do not store, process, or have access to your full credit card number. We retain only the order information necessary to fulfill your purchase (e.g., name, email, billing address, order summary).

8. Data Security

We take reasonable technical and organizational measures to protect your information, including:

  • HTTPS encryption for all data transmitted between your browser and our servers
  • Hashed and salted password storage
  • IP address truncation for analytics data
  • "Tap to reveal" protection for sensitive contact information on public profiles
  • Regular security updates to our platform and dependencies

While we strive to protect your information, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security, but we are committed to following industry best practices.

9. Your Rights

You have the following rights regarding your personal data:

  • Access: You can view all the information stored in your profile and account at any time by logging in to your dashboard.
  • Update: You can edit or update any of your profile information, account details, or preferences from your dashboard.
  • Delete: You can remove individual fields from your profile, or request complete deletion of your account and all associated data by contacting us.
  • Export: You can request an export of your personal data in a portable format.
  • Withdraw consent: Where we rely on your consent to process data (e.g., AI bio generation), you may withdraw that consent at any time by simply not using the feature.

To exercise any of these rights, you may use the tools available in your account dashboard or contact us at support@mytppy.com.

10. Third-Party Services

We rely on the following third-party services, each of which has its own privacy policy:

  • Stripe — Payment processing (Privacy Policy)
  • PayPal — Payment processing (Privacy Policy)
  • MaxMind GeoLite2 — Country-level geolocation from truncated IP addresses (Privacy Policy)
  • AI Service Provider — Powers the optional bio generation feature; profile data is sent only when you explicitly use the feature

We do not sell, rent, or trade your personal information to any third party. Data is shared with the services listed above only as necessary to provide the functionality described in this policy.

11. Children's Privacy

myTppy is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at support@mytppy.com and we will promptly delete that information.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. When we make material changes, we will update the "Last updated" date at the top of this page. We encourage you to review this policy periodically.

Continued use of our services after changes are posted constitutes your acceptance of the revised policy.

13. Contact Us

If you have any questions, concerns, or requests related to this Privacy Policy or your personal data, please contact us:

myTppy

Email: support@mytppy.com

Website: mytppy.com