A
Atapata

Privacy Policy

Last updated: May 2026

1. Information We Collect

We collect the following information when you use Atapata:

  • ·Account information: your name and email address when you register.
  • ·Business card data: the fields you add to your digital card — name, job title, company, phone number, email, website, and social links.
  • ·Scanned contacts: when you scan a physical business card using our AI scanner, we extract and store the contact information shown on that card.
  • ·Location data: only when you scan a contact card, and only with your explicit permission, to record where you met someone. We do not track your location at any other time.
  • ·Camera access: used only for scanning business cards and capturing your profile photo. We do not access your camera in the background.
  • ·Microphone access: used only when you explicitly choose to record a voice memo for a contact.
  • ·Push notification tokens: to deliver notifications about card views and incoming contact saves.
  • ·Order information: your delivery name, phone, address, and card engraving details when you place an order for a physical NFC card.

2. How We Use Your Information

  • ·To provide the Atapata digital business card service.
  • ·To generate your shareable card page at atapata.app/c/[slug].
  • ·To power the AI business card scanner (OCR) when you scan a physical card.
  • ·To process and fulfil NFC card orders through our payment partner.
  • ·To send push notifications you have opted into.
  • ·To send transactional emails such as verification codes and order confirmations.
  • ·To improve the service using anonymised crash reports.
  • ·We do not sell your personal data to any third party.
  • ·We do not use your data for advertising or behavioural profiling.

3. Data Storage and Security

  • ·Your account data is stored on servers in Southeast Asia (Railway cloud infrastructure).
  • ·Uploaded files — photos and voice memos — are stored on Cloudflare R2 object storage with private access controls.
  • ·All data is transmitted over HTTPS/TLS. We do not transmit personal data over unencrypted connections.
  • ·Passwords are hashed using bcrypt. We never store passwords in plain text and never log them.
  • ·We retain your data for as long as your account remains active. When you delete your account, all associated data is permanently removed.

4. Third-Party Services

Atapata uses the following third-party services to deliver its features. Each service processes only the data necessary for its specific function:

  • ·Google Cloud Vision — processes business card images for OCR text extraction. Images are sent to Google's API and are not stored by Google beyond the API request.
  • ·Anthropic Claude — extracts structured contact fields from scanned card text. Text is sent to Anthropic's API and is not used to train their models under their API usage policy.
  • ·Expo (Expo Inc.) — delivers push notifications via the Expo push notification service.
  • ·Sentry — receives anonymised crash reports to help us identify and fix bugs. Personal data is not included in crash reports.
  • ·Safepay — processes payments for NFC card orders. Your payment card details are handled entirely by Safepay and are never seen or stored by Atapata. Safepay's own privacy policy applies to payment data.
  • ·Resend — delivers transactional emails such as verification codes and order confirmations.
  • ·Cloudflare R2 — stores uploaded images and voice memos with access restricted to your account.

5. Your Rights

  • ·Access: you can view all your data directly within the Atapata app at any time.
  • ·Correction: you can edit your card and contact information at any time from the app.
  • ·Deletion: you can permanently delete your account from Settings → Delete Account. This removes all your cards, contacts, uploaded files, and account data immediately and irreversibly.
  • ·Data export: contact us at noreply@atapata.app to request a copy of your personal data.

6. Children's Privacy

Atapata is a professional networking service not directed at children under 13 years of age. We do not knowingly collect personal data from children. If you believe a child has provided us with personal information, contact us at noreply@atapata.app and we will delete it promptly.

7. Changes to This Policy

We may update this privacy policy as the service evolves. We will notify you of significant changes via the email address on your account. The “Last updated” date at the top of this page reflects the most recent revision. Continued use of Atapata after changes are posted constitutes acceptance of the updated policy.

8. Contact

For privacy questions, data deletion requests, or any other privacy-related concerns:

← Back to atapata.appTerms of ServiceRefund PolicyOwnership