Data protection

Privacy Policy

This page explains how TapTick handles personal data in connection with the service and how GDPR-related requests should be directed.

Last updated: 10 March 2026

1. Who we are

This Privacy Policy explains how Fit2Trade Ltd processes personal data in connection with TapTick. Depending on the context, we may act as a controller for our own business administration data and as a processor when handling customer data on behalf of customer organisations.

Under GDPR, the customer organisation usually decides why and how operational personal data is processed and is therefore the controller, while TapTick typically acts as a processor for that customer data.

2. What data we collect

Account and profile data

  • name, email address, organisation name, role, and login identifiers;
  • billing and account status information;
  • support communications.

Operational platform data

  • check records, logs, comments, actions, timestamps, staff initials, and uploaded files or images;
  • site names, asset names, schedules, and configuration data.

Technical and usage data

  • IP address, device/browser information, authentication events, and service usage logs.

3. How we use personal data

We use personal data to:

  • provide and secure the TapTick service;
  • create and manage accounts;
  • send transactional service emails and alerts;
  • respond to support requests;
  • monitor performance, reliability, and abuse;
  • comply with legal obligations.

5. Sharing and subprocessors

We use service providers to operate TapTick. These may include hosting, database, email, and payment providers. Current subprocessors are listed on our Subprocessors page.

We do not sell personal data.

6. International transfers

Where personal data is transferred outside the EEA or UK, we aim to use appropriate safeguards, which may include Standard Contractual Clauses or reliance on an approved data transfer mechanism.

7. Retention

We retain personal data only for as long as needed for the purpose for which it was collected, to meet contractual obligations, resolve disputes, enforce agreements, and comply with legal obligations. Operational logs in TapTick are generally intended to be retained for at least 2 years unless a customer chooses a different policy or law requires otherwise.

8. Security

We use measures intended to protect data, including HTTPS, authentication controls, role-based access permissions, and secure hosting and database providers. No internet-based service can promise absolute security, but we work to maintain appropriate protections for the nature of the data involved.

9. Your rights

If GDPR applies, individuals may have rights including the right to access, correct, erase, restrict, object, and in some cases port personal data. If we process your data on behalf of a TapTick customer, you should usually direct your request to that customer first, because they are typically the controller for that data.

11. Contact

Email privacy requests to simon@fit2trade.com or replace this with your preferred privacy contact address before publishing.

If you are in Ireland, you may also have the right to complain to the Data Protection Commission.