Terms of Service

Terms of Service — Tap Scanner

Terms of Service — Tap Scanner

Last updated: September 14, 2025

1. Contract & Parties

These Terms govern your use of tap‑scanner.com, related subdomains, and the TapScanner mobile apps (the “Services”). “You” means the individual or entity using the Services. If you buy a web subscription, your checkout contract is with Paddle (Merchant of Record); these Terms govern your use of our Services, while Paddle’s Buyer Terms govern your purchase, taxes, renewals, and certain consumer rights.

If you are accepting on behalf of a company, you represent you have authority to bind it.

2. Eligibility

You must be 13+ to use the Services. Where local law requires a higher age for consent to data processing, you must meet that age or have parental consent.

3. Your Account

Keep your credentials confidential and accurate. You’re responsible for activity under your account.

4. Your Content & Files

You retain all rights to the files you upload/scan. You grant Tap a limited, worldwide, non‑exclusive license to process your content solely to operate the requested tools (e.g., compress, merge, OCR, AI features you choose), provide storage/sharing you enable, and improve safety/security.

We may process content to: (i) provide support you request; (ii) detect, prevent, or address abuse/security issues; and (iii) enforce these Terms.

5. Acceptable Use

You agree not to:

  • violate law or rights (IP, privacy, publicity);
  • upload malware or harmful code;
  • attempt to reverse engineer, scrape, or circumvent restrictions;
  • upload highly sensitive regulated data unless a feature explicitly supports it and you’re authorized;
  • use AI outputs to deceive or for unlawful activities (see AI Supplement).

We may suspend or terminate accounts for breaches, abuse, or risk to others.

6. Subscriptions, Trials, Billing (Web)

Merchant of Record. Paddle sells and bills web subscriptions and manages taxes, renewals, and certain refunds under Paddle’s Buyer Terms; Paddle may ask you to contact them for cancellation/refunds per their process.

Auto‑renewal. Plans renew until you cancel. Cancel any time effective at period end.

Price changes. We or Paddle may update prices; you’ll be notified as required.

Taxes. Determined and collected at checkout by Paddle.

Free trials. If applicable, trials convert to paid unless canceled before the trial ends (per Paddle’s process).

Mobile in‑app purchases follow the App Store/Google Play terms and their refund processes.

7. File Retention & Deletion

Operational retention windows are described in the Privacy Policy. Deleting a file from your account removes it from active storage; logs/backups may persist briefly as described.

8. Third‑Party Services

We use reputable providers (e.g., cloud/CDN, analytics, AI infrastructure, support tools, and Paddle for billing). Your use of third‑party features (e.g., cloud drives) may be subject to their terms.

9. Service Changes

We may modify, discontinue, or limit features. If we discontinue a paid Service in full, we will provide pro‑rata refunds for unused, prepaid periods.

10. Disclaimers

The Services are provided “AS IS” and “AS AVAILABLE” without warranties. To the maximum extent permitted by law, we disclaim implied warranties (merchantability, fitness, non‑infringement) and do not warrant uninterrupted, error‑free, or secure operation.

11. Limitation of Liability

To the fullest extent permitted by law, Tap’s total liability for any claim is limited to the greater of USD $100 or amounts paid by you to Tap for the Service during the 12 months before the event giving rise to liability. We’re not liable for indirect, incidental, special, consequential, or punitive damages.

12. Indemnity

You will indemnify and hold Tap harmless from third‑party claims arising from your content or misuse of the Services.

13. Intellectual Property

We (and our licensors) own the Services, software, and marks. No rights are granted except as stated.

14. AI Features

AI features are governed by the AI Features Supplement below (e.g., accuracy disclaimers, use restrictions, no training on your content without opt‑in). (Vendors like Smallpdf publish similar AI terms.)

15. Governing Law; Disputes

jurisdiction—Israel laws govern, excluding conflicts rules. Consumers will retain any non‑waivable rights under local law.

16. DMCA/Notice

Report alleged infringement to [email protected] with details and a good‑faith statement.

17. Changes to Terms

We may update these Terms; continued use after notice means acceptance.

3) AI Features — Supplementary Terms

Scope. Applies when you use any AI‑powered feature (e.g., “Ask your PDF,” summaries, translations, layout clean‑up).

No training on your content (by default). We do not use your Inputs (documents, prompts) or Outputs to train our or third‑party foundation models unless you opt‑in. Some vendors publicly state similar positions for AI features.

Providers. We may route AI requests through vetted providers under strict DP and security terms; providers act as processors or sub‑processors.

Use & Ownership. You remain responsible for Inputs and may use Outputs as permitted by law and these Terms. Outputs may not be unique and may be similar to outputs to others.

Accuracy & Safety. AI can be wrong or outdated. You must review outputs before relying on them, especially for legal, medical, financial, or compliance use. No warranties for AI accuracy; service level commitments do not apply to AI features.

Restrictions. Don’t use AI features to: build competing models; mislead others that AI output is purely human; generate spam, exploit minors, or violate law or third‑party terms (we honor applicable AI provider policies).

Retention. Operational logs/metrics for AI features may be retained for ≤ 90 days for abuse prevention/debugging, then purged unless legally required.

4) Data Processing Addendum (DPA) — for Team/Business Plans

This DPA forms part of the agreement between Customer (“Controller”) and Smart media internet marketing ltd. (“Processor”) when we process personal data on your behalf (e.g., your employees’/end‑users’ data in uploaded documents).

1. Subject Matter, Duration, Nature, Purpose

Processing of personal data as necessary to provide PDF tools (edit/compress/convert/OCR/AI features you enable), storage, and collaboration, for the term of your subscription.

2. Categories of Data & Data Subjects

Data: content of uploaded files, file metadata, user identifiers, signatures (if e‑sign), timestamps, limited usage telemetry.

Subjects: your users, customers, employees, suppliers, or other individuals whose data appears in files.

(Comparable public DPAs for PDF tools list similar scopes.)

3. Processor Obligations

  • Process only on documented instructions (this DPA + in‑product settings).
  • Ensure confidentiality and train staff.
  • Implement appropriate technical and organizational measures (TOMs) (Annex 1).
  • Assist with data subject requests, DPIAs, and breach notifications (reasonable cost‑recovery for extraordinary efforts).
  • Keep records of processing, make information available, and allow audits under reasonable conditions.

4. Sub‑processors

We may engage sub‑processors (e.g., cloud/CDN, AI infrastructure, support, Paddle acts separately as Merchant of Record for billing). We will maintain an up‑to‑date list and notify you of material changes with an opportunity to object; if you reasonably object, we may propose alternatives or allow termination of the affected service part. (Public DPAs commonly use this approach.)

5. International Transfers

For EEA/UK data, we implement EU SCCs (Module 2/3 as applicable) and, for UK data, the UK IDTA/UK Addendum. Annex 2 includes transfer details.

6. Security Incidents

We will notify you without undue delay after becoming aware of a personal‑data breach affecting your data and provide details and mitigation steps.

7. Return/Deletion

Upon termination or on request, we will delete or return personal data, unless retention is required by law or justified for legal claims, in which case we will securely restrict access.

8. Order of Precedence

If there is any conflict, this DPA prevails over the main agreement to the extent of the conflict (standard across vendor DPAs).

Annex 1 – Technical & Organizational Measures (TOMs)

Encryption in transit (TLS) and at rest; role‑based access; MFA for privileged access; isolated environments; logging/monitoring; vulnerability and patch management; secure SDLC; employee security training; incident response; data minimization and retention controls; deletion automation; supplier due diligence and DPAs.

Annex 2 – International Transfers

Exporter: Controller. Importer: Processor and authorized sub‑processors. Mechanisms: EU SCCs (Commission Decision 2021/914), UK IDTA/UK Addendum.