TYPA Logo

TYPA PRIVACY POLICY

Last Updated: November 15, 2025
Effective Date: July 11, 2025

TYPA (“us”, “we”, or “our”) operates the https://www.typa.app website and the mobile application (hereinafter referred to as the “Service” or “Services”).

By using TYPA's Services you agree to the terms of this Privacy Policy.

Your Privacy Matters to Us

TYPA, Inc. (“TYPA,” “we,” “us,” or “our”) takes the private nature of your information very seriously. We are committed to protecting and respecting your privacy. We strive to be transparent about how we collect and process your information, keep your information secure and provide you with meaningful choices. This policy regarding our privacy practices (the “Privacy Policy”) describes how we treat the information we collect or receive when you visit and use TYPA.APP (the “Site”) and/or TYPA's other domains, products, advertising products, services, and/or content, including our iOS and Android mobile applications (collectively with the Site, the “Services”).

This page informs you of our policies regarding the collection, use and disclosure of personal data when you use our Service and the choices you have associated with that data.

We use your data to provide and improve the Service. By using the Service, you agree to the collection and use of information in accordance with this policy. Unless otherwise defined in this Privacy Policy, the terms used in this Privacy Policy have the same meanings as in our Terms and Conditions.

DEFINITIONS

Service - Service means the https://www.typa.app website and the mobile application operated by TYPA

Personal Data - Personal Data means data about a living individual who can be identified from those data (or from those and other information either in our possession or likely to come into our possession).

Usage Data - Usage Data is data collected automatically either generated by the use of the Service or from the Service infrastructure itself (for example, the duration of a page visit).

Cookies - Cookies are small files stored on your device (computer or mobile device).

Data Controller - Data Controller means the natural or legal person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal information are, or are to be, processed.

For the purpose of this Privacy Policy, we are a Data Controller of your Personal Data.

Data Processors (or Service Providers) - Data Processor (or Service Provider) means any natural or legal person who processes the data on behalf of the Data Controller.

We may use the services of various Service Providers in order to process your data more effectively.

Data Subject (or User) - Data Subject is any living individual who is using our Service and is the subject of Personal Data.

INFORMATION WE COLLECT

We collect several different types of information for various purposes to provide and improve our Service to you. TYPA collects only the minimum personal data necessary to provide the service.

Types of Data We Collect

Personal Data - While using our Service, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you (“Personal Data”). Personally identifiable information may include, but is not limited to:

Information You Provide Directly

  • Account Data: When you create an account, we collect your email address, username, and password
  • Communication Data: Messages you send through our support channels
  • Tracked Items: Products, brands, or categories you ask us to monitor (e.g., “PlayStation 5,” “Labubu,” “Nike Air Force 1”)
  • Preferences: Your selected retailers, size filters, or notification settings
  • Location Preferences: Location data only when you manually select or input locations within the app

Information We Collect Automatically

  • Device Information: Device type, operating system, app version
  • Cookies and Usage Data: Features used, time spent in app, crash logs
  • Analytics: Aggregated usage patterns via Firebase Analytics
  • Network Information: IP address, connection type

Information from Third Parties

  • Social Login: If you sign in with Google or Apple, we receive basic profile information (email, name) as permitted by these services
  • Firebase Analytics: Usage statistics and app performance data from Google Firebase
  • App Stores: Basic information from Apple App Store or Google Play Store

We may also collect information that your browser sends whenever you visit our Service or when you access the Service by or through a mobile device (“Usage Data”).

This Usage Data may include information such as your computer's Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data.

When you access the Service with a mobile device, this Usage Data may include information such as the type of mobile device you use, your mobile device unique ID, the IP address of your mobile device, your mobile operating system, the type of mobile Internet browser you use, unique device identifiers and other diagnostic data.

Cookies & Tracking Data

We use cookies and similar tracking technologies to track the activity on our Service and we hold certain information.

Cookies are files with a small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Other tracking technologies are also used such as beacons, tags and scripts to collect and track information and to improve and analyze our Services.

You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent.

Examples of Cookies we use:

  • Essential Cookies: Required for basic app functionality and authentication
  • Analytics Cookies: Firebase Analytics to understand app usage
  • Authentication Cookies: Google/Apple sign-in session management

Your Cookie Choices

  • App Setting: Manage analytics preferences in app settings
  • Browser Settings: Use browner controls to limit cookies (web version)
  • Third-Party Controls: Manage Google/Apple privacy settings directly with those providers

Sensitive Personal Data

We do not intentionally collect, process, or request any sensitive categories of personal data as defined under GDPR, UK-GDPR, CCPA/CPRA, LGPD, PIPL, or other applicable privacy laws. Sensitive Personal Data includes, but is not limited to, government identifiers, financial account information, payment card details, health or medical data, biometric identifiers, precise geolocation, racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, sexual orientation, or any data classified as “sensitive” under applicable laws.

If you choose to provide sensitive information to us for any reason, you do so voluntarily and at your own risk. If we become aware that we have inadvertently collected sensitive data, we will delete it promptly and take steps to prevent future collection unless such processing is strictly required by law.

HOW WE USE YOUR INFORMATION

TYPA uses the collected data for various purposes:

Primary Uses

  • Service Delivery: Provide and maintain our core app functionality
  • User Experience: Personalize your experience and improve our services
  • Communication: Send you important updates, notifications, and support responses
  • Security: Protect against fraud, abuse, and security threats
  • Legal Compliance: Meet our legal obligations and enforce our terms

Legal Basis for Processing (GDPR)

  • Consent: For marketing communications and optional features
  • Contract Performance: To provide services you've requested
  • Legitimate Interest: For service improvement, security, and analytics
  • Legal Obligation: To comply with applicable laws and regulations

Information Sharing and Disclosure

Service Providers

We may employ third party companies and individuals to facilitate our Service (“Service Providers”), provide the Service on our behalf, perform Service-related services or assist us in analyzing how our Service is used.

These third parties have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.

We share information with these trusted third parties who help us provide our services:

  • Analytics Services: Google Firebase Analytics - Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Google uses the data collected to track and monitor the use of our Service. This data is shared with other Google services. Google may use the collected data to contextualize and personalize the ads of its own advertising network. For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page: https://policies.google.com/privacy?hl=en
  • Authentication Services: Google Sign-In, Apple Sign-In, Supabase
  • Cloud Storage: Google Firebase (Google Cloud Platform), Supabase
  • Stripe for secure payment processing
  • RevenueCat for subscription management
  • Google Pay for secure payment processing
  • Apple Pay for secure payment processing
  • Stripe for secure payment processing

We may update our list of subprocessors from time to time. You may request the current list at any time.

Legal Requirements

We may disclose information when required by law, court order, or to protect our rights and safety.

Business Transfers

If our company is acquired or merged, your information may be transferred as part of that transaction.

Never Sold

We do not sell, as defined under CCPA, your Personal Information to third parties for commercial purposes.

LEGAL BASIS FOR PROCESSING PERSONAL DATA UNDER THE GENERAL DATA PROTECTION REGULATION (GDPR)

If you are from the European Economic Area (EEA), TYPA's legal basis for collecting and using the personal information described in this Privacy Policy depends on the Personal Data we collect and the specific context in which we collect it.

TYPA may process your Personal Data because:

  • We need to perform a contract with you
  • You have given us permission to do so
  • The processing is in our legitimate interests and it is not overridden by your rights
  • For payment processing purposes
  • To comply with the law

DATA RETENTION AND STORAGE

TYPA will retain your Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use your Personal Data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes and enforce our legal agreements and policies.

TYPA will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of our Service, or we are legally obligated to retain this data for longer periods.

Retention Periods

  • Account Information: Retained while your account is active plus 2 years
  • Usage Data: Retained for 24 months for analytics and service improvement (Firebase default)
  • Communication Data: Retained for 3 years for support purposes
  • Authentication Data: Retained per Google/Apple requirements for social login

DATA DELETION

You can request deletion of your personal information at any time. We'll delete your data within 30 days unless we have a legal obligation to retain it.

TRANSFER OF DATA

Your information, including Personal Data, may be transferred to, and maintained on, computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ from those of your jurisdiction.

If you are located outside of the United States and choose to provide information to us, please note that we transfer the data, including Personal Data, in the United States and process it there.

Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer.

TYPA will take all the steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and no transfer of your Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of your data and other personal information.

DISCLOSURE OF DATA

Disclosure for Law Enforcement

Under certain circumstances, TYPA may be required to disclose your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency).

Legal Requirements

TYPA may disclose your Personal Data in the good faith belief that such action is necessary to:

  • To comply with a legal obligation
  • To protect and defend the rights or property of TYPA
  • To prevent or investigate possible wrongdoing in connection with the Service
  • To protect the personal safety of users of the Service or the public
  • To protect against legal liability

Your Legal Rights and Choices

In certain circumstances, you have the following data protection rights:

Universal Rights

  • Access: Request a copy of your personal information
  • Correction: Update or correct inaccurate information
  • Deletion: Request deletion of your personal information
  • Objection: Object to certain uses of your information
  • Portability: Receive your data in a machine-readable format

Regional Rights

For US Residents:

If you reside in a U.S. state with a privacy law, you have these rights:

  • Right to Know: Categories of information collected and shared
  • Right to Delete: Request deletion of personal information
  • Right to Opt-Out: Opt out of sale/sharing of personal information
  • Right to Correct: Correct inaccurate personal information
  • Right to Limit: Limit use of sensitive personal information
  • Right to Non-Discrimination: Equal service regardless of privacy choices

For EU/Germany Residents (GDPR/BDSG):

  • Right to Access: Access personal information and processing details
  • Right to Correction: Correct inaccurate information
  • Right to Restriction: Limit how your personal information is used
  • Right to Delete: Request deletion of personal information
  • Right to Object to Direct Marketing: Right not to receive unwanted direct marketing communications
  • Right to Withdraw: Withdraw consent for collection and processing
  • Right to Complain: File complaints with your local data protection authority (DPA)

For Australian Residents (APP 1988/APPs)

  • Right to Access: Access personal information and processing details
  • Right to Correction: Correct inaccurate information
  • Right to Object to Direct Marketing: Right not to receive unwanted direct marketing communications
  • Right to Know Collection Purpose: Know why personal information is being collected and how it will be used or disclosed
  • Right to Restriction: Limit how your personal information is used
  • Right to Data Breach Notification: Right to be notified if personal information is involved in a data breach likely to cause serious harm
  • Right to Complain: File complaints with the Office of the Australian Information Commissioner

For Chinese Residents (PIPL):

  • Right to Access: Access personal information and processing details
  • Right to Correction: Correct inaccurate information
  • Right to Delete: Request deletion of data in various circumstances, such as when consent is revoked or data is no longer needed
  • Right to Know Collection Purpose: Know why personal information is being collected and how it will be used or disclosed
  • Right to Limit: Limit use of sensitive personal information
  • Right to Withdraw: Withdraw consent for collection and processing
  • Right to Security: Right to be notified if personal information is involved in a data breach; strong data security measures
  • Right to Non-Discrimination: Equal service regardless of privacy choices
  • Right to Complain: File complaints with the Cyberspace Administration of China

For Canadian Residents (PIPEDA):

  • Right to Access: Access personal information and processing details
  • Right to Correction: Correct inaccurate information
  • Right to Withdraw: Withdraw consent for optional processing
  • Right to Know Collection Purpose: Know why personal information is being collected and how it will be used or disclosed
  • Right to Complain: File complaints with the Office of the Privacy Commissioner of Canada
  • Right to Minimal or No Cost: Access personal information at free or minimal cost, with advance notice if fee applies
  • Right to Know Third Parties: Know what third parties have received their personal information

How to Exercise Your Rights

  • Email: support@typa.app
  • Data Protection Officer: Contact our DPO at privacy@typa.app
  • In-App: Use privacy settings in your account
  • Response Time: We'll respond within 30 days (extended to 60 days for complex requests)

Please note that we may ask you to verify your identity before responding to such requests.

You have the right to complain to a Data Protection Authority about our collection and use of your Personal Data. For more information, please contact your local data protection authority.

DATA SECURITY AND PROTECTION

The security of your data is important to us but remember that no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.

OUR POLICY ON “DO NOT TRACK” SIGNALS UNDER THE CALIFORNIA ONLINE PROTECTION ACT (CALOPPA)

We do not support Do Not Track (“DNT”). Do Not Track is a preference you can set in your web browser to inform websites that you do not want to be tracked.

YOUR DATA PROTECTION RIGHTS UNDER THE GENERAL DATA PROTECTION REGULATION (GDPR)

If you are a resident of the European Economic Area (EEA), you have certain data protection rights. TYPA aims to take reasonable steps to allow you to correct, amend, delete or limit the use of your Personal Data.

If you wish to be informed about what Personal Data we hold about you and if you want it to be removed from our systems, please contact us.

TECHNICAL SAFEGUARDs

  • Encryption: Data encrypted in transit and at rest using industry-standard encryption
  • Access Controls: Strict employee access controls and regular security training
  • Monitoring: 24/7 security monitoring and incident response procedures
  • Regular Audits: Annual security assessments and penetration testing

DATA BREACH RESPONSE

If a security incident occurs, we'll notify affected users and regulators as required by law, typically within 72 hours of discovery.

INTERNATIONAL DATA TRANSFERS

Transfer Mechanisms

  • Adequacy Decisions: Transfers to countries with adequate protection (EU, UK, Canada)
  • Standard Contractual Clauses: EU-approved contracts for other countries
  • Data Transfer Assessments: Regular review of destination country protections
  • Your Rights: You can request information about specific transfers

Primary Data Locations

Based on our global user base, we process data in:

  • North America: Primary processing for US and Canadian users
  • Asia-Pacific: Regional processing for Asian users via Google Cloud
  • Europe: EU data processed within EU boundaries
  • Global Infrastructure: Google Cloud Platform with appropriate data residency controls

EU Representative

If you are located in the European Union, you may contact our designated European Union Representative for matters related to the processing of your Personal Data under the EU General Data Protection Regulation (GDPR). Our EU Representative acts as our point of contact for supervisory authorities and data subjects located in the EU.

You may contact our EU Representative at:

TYPA EU Representative

Attn: Data Protection Inquiry

Email: privacy@typa.app

Address: To be provided upon selection of final representative service

Please include “EU Privacy Request” in the subject line of any inquiry.

Our EU Representative will forward your inquiry to TYPA INC. and assist in ensuring your request is handled in accordance with GDPR requirements.

UK Representative

If you are located in the United Kingdom, you may contact our designated UK Representative for matters related to the processing of your Personal Data under the UK General Data Protection Regulation (UK-GDPR). Our UK Representative serves as our point of contact with the Information Commissioner's Office (ICO) and with UK-based data subjects.

You may contact our UK Representative at:

TYPA UK Representative

Attn: Data Protection Inquiry

Email: privacy@typa.app

Address: To be provided upon selection of final representative service

Please include “UK Privacy Request” in the subject line of your message.

Our UK Representative will coordinate with TYPA INC. to ensure your request is addressed in accordance with UK data protection laws.

CHILDREN'S PRIVACY

Our Service does not address anyone under the age of 18 (“Children”).

We do not knowingly collect personally identifiable information from anyone under the age of 18. If you are a parent or guardian and you are aware that your Child has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from children without verification of parental consent, we take steps to remove that information from our servers.

Age Requirements

The Service is intended for users who meet the minimum age requirements established by applicable law. In most regions, individuals must be at least thirteen years old to use the Service, while users located in the European Union must be at least sixteen years old unless a lower age is permitted by local law and verified parental consent is obtained. Where a user is below the applicable age threshold, the consent of a parent or legal guardian is required before accessing or using the Service. We implement enhanced protections for younger users, including restrictions on data collection and additional safeguards for privacy and security. We may employ reasonable age verification measures to ensure compliance with these requirements, and we reserve the right to restrict or terminate access if a user does not meet the minimum age criteria.

Special Protections for Younger Users

For users who are minors under the laws of their jurisdiction, we apply additional privacy safeguards designed to limit data collection and prevent misuse. We collect only the minimum amount of information necessary to operate the Service and do not engage in behavioral or interest-based advertising directed at children. Where applicable, we provide tools or mechanisms to help parents or legal guardians oversee, review, or manage their child's privacy settings and data-related choices. Our practices regarding younger users are designed to comply with global child privacy regulations, including COPPA, GDPR's child-specific provisions, and similar laws in other jurisdictions.

Cookies and Tracking Technologies

The Service uses cookies, device identifiers, and similar tracking technologies to support essential functionality, facilitate authentication, and help us understand how users interact with the App. Essential cookies and identifiers enable core features such as account login, security functions, and access to protected areas of the Service. Analytics technologies, including Firebase Analytics, allow us to measure performance, diagnose issues, and improve the overall user experience. Authentication cookies or tokens used through Google or Apple sign-in help maintain secure sessions and verify user identity.

You may manage certain analytics preferences from within the App's settings and, where applicable, through your device's operating system controls. If you access TYPA through a web browser, you may use browser settings to restrict or disable cookies, though doing so may impact the functionality of the Service. You may also manage certain privacy settings directly with Google, Apple, or other third-party providers in connection with their authentication or analytics tools. Your continued use of the Service indicates your consent to the use of cookies and tracking technologies as described in this Policy.

PARTNERS AND AFFILIATES

TYPA participates in the Amazon Associates Program, an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to Amazon.com.

DISCLOSURE STATEMENT:

“As an Amazon Associate, we earn from qualifying purchases.”

You may encounter affiliate links (“Buy on Amazon” buttons) on various pages. If you click these links and make a purchase within 24 hours, we may earn a small commission — at no additional cost to you.

These affiliate links are clearly marked in the content, and the disclosure is displayed on any page containing such links for transparency.

We respect your privacy. Clicking affiliate links does not give us access to any personal information from Amazon.

TYPA is also a participant in other affiliate programs and may earn commission from qualifying sales.

CHANGES TO THIS PRIVACY POLICY AND COMMUNICATION

We may update our Privacy Policy from time to time and you are advised to review this Privacy Policy periodically for any changes. We will update the “effective date” at the top of this Privacy Policy page when we update it.

UPDATES

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or the functionality of the Service. When we make material changes, we will notify you by email, through an in-app message, or by other appropriate means. Unless otherwise required by law, updated versions of this Policy will become effective the same day that we provide notice. You are encouraged to review the revised Policy during this period and may contact us if you have questions or wish to object to any changes as permitted by applicable law. Your continued use of the Service after the effective date of any update constitutes your acceptance of the revised Policy.

COMMUNICATION PREFERENCES

You may manage your communication preferences at any time. Marketing or promotional emails can be discontinued by using the unsubscribe link included in those messages, and you may adjust or disable push notifications directly through your device or in-app settings. Certain communications related to your account, security alerts, service updates, or other operational matters are considered essential to the functioning of the Service and cannot be opted out of. Where available, you may also customize the frequency and types of non-essential communications you receive. Your continued use of the Service constitutes your acknowledgment of these communication practices.

CONTACT INFORMATION

For questions, requests, or concerns about this Privacy Policy contact us at: privacy@typa.app