TapeTrailLog In

Privacy Policy

Version 1.0

Privacy Policy

Last updated: 2026-04-18 — Version 1.0

TapeTrail complies with India's Digital Personal Data Protection Act (DPDP Act). This policy explains what we collect, why, and your rights.

Data We Collect

  • Account information: email, phone, name, hashed password
  • Usage data: pages viewed, filings read, watchlists created
  • Technical data: device fingerprint (meter cookie), hashed IP, user agent
  • Billing data: invoice history (payment details are processed by CashFree and never stored by us)

Purpose

  • Account management and session authentication
  • Alert and notification delivery
  • Content personalization (recently viewed, search history)
  • Analytics and abuse prevention

Data Sharing

We do not sell or share personal data with third parties. PostHog (our analytics provider) is a processor, not a third party.

Cookies

  • access_token — httpOnly session auth
  • refresh_token — httpOnly session persistence
  • sa_meter_id — content metering for anonymous visitors (1-year expiry)
  • PostHog analytics cookies — disabled if you select "Essential Only" on the cookie banner

Retention

Active accounts — indefinite. Deleted accounts — 30-day soft-delete followed by hard-delete.

Your Rights

  • Export all personal data via Account → Export Data
  • Delete account via Account → Delete Account
  • Unsubscribe from marketing via any email footer link

Data Breach

We will notify you within 72 hours of confirming a data breach, per DPDP Act.

Contact

Data Protection Officer: dpo@tapetrail.com