GDPR and DPA
For EU personal data, processing is based on applicable legal grounds including contractual necessity, legitimate interests, legal obligations, and consent where required. Customers subject to GDPR may request TaggNet's DPA.
For workforce and business management services, customers are generally Data Controllers of employee and business information they submit. TaggNet Technologies acts as a Data Processor when processing that information to provide the services.
For EU personal data, processing is based on applicable legal grounds including contractual necessity, legitimate interests, legal obligations, and consent where required. Customers subject to GDPR may request TaggNet's DPA.
TaggNet uses TLS, role-based access controls, authentication and authorization controls, audit logging, monitoring, backups, and vulnerability management. Confirmed personal data breaches will be notified as required by law.
Sub-processors may include Supabase, Vercel, Resend, payment providers, and cloud infrastructure providers. Privacy requests may be directed to privacy@taggnet.app.