Data and privacy boundary

July 17, 2026

TapItDone is currently a controlled evaluation environment. Until production privacy, authentication, storage, access, retention, and deletion controls are approved, participants must use synthetic or sanitized information.

What the pilot may use

Project labels, receipt images, typed notes, voice evidence, extracted fields, and privacy-safe reliability events may be used during a guided test. Remove customer names, addresses, account numbers, card details, and other confidential information.

Photos, recordings, and extracted drafts

Original evidence stays associated with its review draft so a participant can correct errors. Raw photo, receipt, and voice contents must not be sent to analytics.

Storage, access, and deletion

The current sandbox can store data in the browser or an owner-controlled test server. It is not approved production cloud storage. Pilot participants should remove test records after the session and use the contact provided by the founder for a deletion request.

Human confirmation boundary

AI output remains a draft. It does not become a project cost, memory, or action until a person checks and confirms it.

Before wider access

A production notice must name the hosting region, retention periods, deletion process, subprocessors, safeguards, and privacy contact before real customer records are accepted at scale.