← Back to TapServe

Privacy Policy

Last updated: March 2026 · Effective immediately

1. Who We Are

TapServe is operated by RiCore Technologies, a technology company based in Ghana. We build digital tools for restaurants. This policy explains what data we collect, how we use it, and your rights over it.

For questions, contact: info@tapserve.app

2. Data We Collect

From Restaurant Owners:

  • Name, email address, phone number
  • Restaurant name, address, and business details
  • Menu content, prices, and images you upload
  • Payment and bank account details (processed securely via Paystack)
  • TIN (Tax Identification Number) if provided
  • Order history and transaction records

From Customers:

  • Name and phone number (when provided at checkout)
  • Order details and payment status
  • MoMo number (for mobile money payments, processed by Paystack)

Automatically:

  • IP addresses (used for security rate limiting only, not stored permanently)
  • Browser type and device information (for error monitoring via Sentry)
  • Usage patterns within the dashboard

3. How We Use Your Data

  • To provide and improve the TapServe platform
  • To process orders and payments
  • To send transactional emails (order confirmations, account verification, subscription notices)
  • To generate reports and receipts for your restaurant
  • To detect fraud and enforce our security policies
  • To comply with Ghanaian law and GRA requirements

We do not sell your personal data to third parties. We do not use your data for advertising.

4. Data Sharing

We share data only with trusted service providers necessary to operate TapServe:

  • Supabase — Database and authentication hosting (EU-based servers)
  • Paystack — Payment processing (PCI-DSS compliant)
  • Vercel — Platform hosting (US-based)
  • Sentry — Error monitoring (anonymised data only)

Each provider has their own privacy policy and data processing agreements with us.

5. Data Retention

  • Order data is retained for a minimum of 7 years to comply with GRA requirements.
  • Account data is retained for 30 days after account closure, then permanently deleted.
  • Error logs are retained for 90 days.
  • You may request earlier deletion of your account data by contacting support.

6. Security

We take security seriously:

  • All data is transmitted over HTTPS (TLS encryption)
  • Staff PINs are verified server-side and never exposed to the browser
  • Row-level security policies restrict data access at the database level
  • PIN entry is rate-limited to prevent brute-force attacks
  • Payments are processed entirely by Paystack — we never store card numbers

If you discover a security vulnerability, please report it to security@tapserve.app.

7. Your Rights

You have the right to:

  • Access the personal data we hold about you
  • Correct inaccurate data via your dashboard settings
  • Delete your account and associated data (subject to legal retention requirements)
  • Export your order data from the accountant reports section

To exercise these rights, email info@tapserve.app.

8. Cookies

TapServe uses only essential cookies required for authentication (session cookies). We do not use tracking cookies or advertising cookies. No consent banner is required for essential cookies under Ghanaian law.

9. Children

TapServe is not directed at children under 18. We do not knowingly collect data from minors. If you believe a child has provided us with personal data, contact us immediately.

10. Changes to This Policy

We may update this policy from time to time. We will notify restaurant account holders by email before material changes take effect. Continued use of TapServe after that date constitutes acceptance of the updated policy.

11. Contact

RiCore Technologies
Email: info@tapserve.app
Ghana

Terms of ServiceBack to TapServe