Legal

Privacy Policy

Last updated: 10 July 2026

This Privacy Policy explains how Shazark S.r.l. ("tapphost", "we", "us") collects, uses and protects your personal data when you visit tapphost.com or use our hosting, AI automation and marketing services, in accordance with Regulation (EU) 2016/679 (GDPR) and applicable Italian law.

1. Data Controller

Shazark S.r.l. — VAT/P.IVA IT12620720966 — REA 2673165
Registered office: Corso Buenos Aires 77, 20124 Milano (MI), Italy
Website: tapphost.com · Email: [email protected] · PEC: [email protected]

2. What data we collect

3. Purposes and legal bases

PurposeLegal basis (GDPR Art. 6)
Provide hosting, AI and marketing services; manage account and billingPerformance of a contract (Art. 6(1)(b))
Security, fraud prevention, service improvement, aggregate statisticsLegitimate interest (Art. 6(1)(f))
Statistics & marketing cookies, promotional emailsConsent (Art. 6(1)(a))
Accounting, tax and legal obligations (incl. e-invoicing)Legal obligation (Art. 6(1)(c))

4. AI-powered features

When you enable AI agents or automations, relevant content may be processed by AI/LLM providers acting as our processors to generate responses and perform actions. We do not use your customers' conversation data to train third-party foundation models without a legal basis, and we contractually bind providers to appropriate safeguards.

5. Recipients and processors

We share data only with providers who process it on our behalf under a data-processing agreement, including our infrastructure/hosting provider, payment processors, email/SMTP providers, analytics providers (with consent), and AI/LLM providers for the features you activate. We never sell your personal data.

6. International transfers

Where a provider processes data outside the EU/EEA, we rely on adequacy decisions or Standard Contractual Clauses and additional safeguards as required by the GDPR.

7. Data retention

We keep personal data only as long as necessary for the purposes above: for the duration of your contract and, thereafter, for the periods required by accounting and tax law (generally 10 years for invoicing data) or to defend legal claims. Service and log data are retained for shorter, security-appropriate periods.

8. Your rights

Under the GDPR you have the right to access, rectify, erase, restrict and port your data, to object to processing, and to withdraw consent at any time. To exercise your rights, contact [email protected]. You may also lodge a complaint with the Italian Data Protection Authority (Garante, garanteprivacy.it).

9. Security

We apply appropriate technical and organisational measures — encryption in transit (HTTPS/SSL), access controls, backups and monitoring — to protect personal data against unauthorised access, loss or alteration.

10. Cookies

We use cookies as described in our Cookie Policy. You can manage your choices anytime via the "Cookie preferences" link in the site footer.

11. Changes

We may update this Policy; the "Last updated" date reflects the latest version. Material changes will be communicated through the site.

© 2026 Shazark S.r.l. · P.IVA IT12620720966 · REA 2673165 —Privacy · Cookies · Terms