Last updated: April 20, 2026
Privacy Policy
Effective date: April 20, 2026
This Privacy Policy explains how Hapiga (“Tapely,” “we,” “us,” or “our”) handles information when you use the Tapely mobile application and related services (“Service”).
Tapely allows you to turn photos and audio into AI-generated videos. We aim to collect minimal personal data while ensuring the Service works properly.
For questions, contact: qn.khuat@gmail.com
1. Who we are
Tapely is operated by Hapiga, based in Hanoi, Vietnam.
Website: tapely.app
For GDPR purposes, we act as the data controller.
2. Information we collect
a. Information you provide
- Photos and audio you upload
- Prompts, templates, and settings
- Support emails and messages
- Purchase info (via Apple and RevenueCat; no card details stored)
b. Automatically collected
- Anonymous account ID (via Firebase)
- Device info (model, OS, language, timezone)
- App usage (events like opens, generations, purchases)
- Approximate location (from IP)
- Advertising ID (IDFA, only if you allow tracking)
c. Generated data
- AI-generated videos stored in your account
3. How we use your information
- Provide core app features (generate videos, store history)
- Handle billing and subscriptions
- Respond to support requests
- Improve performance and fix bugs
- Measure marketing (if tracking is allowed)
- Comply with legal requirements
4. Legal basis (EU/UK users)
We process data based on:
- Contract (to provide the Service)
- Legitimate interests (analytics, security)
- Consent (tracking, optional features)
- Legal obligations
You can withdraw consent anytime.
5. AI processing
Your uploads (photos, audio, prompts) are sent to AI providers (Replicate, fal.ai) to generate videos.
- Used only for generating your requested output
- Not used to train our models
- Stored up to 365 days unless deleted
- Outputs remain until you delete them
6. Third-party services
We share only necessary data with:
- Google Firebase (storage, backend)
- Replicate / fal.ai (AI processing)
- Bunny.net (video delivery)
- RevenueCat (subscriptions)
- Apple (payments)
- Adjust (attribution)
- Meta/Facebook (ads measurement)
Each provider has its own privacy policy.
We do not sell your data.
7. Tracking & advertising (ATT)
If you allow tracking:
- We may use IDFA for attribution
If you decline:
- No IDFA is collected
- Analytics still run in limited mode
You can change this in iOS settings.
8. Data retention
- Account & videos: stored while account exists
- Uploaded media: up to 365 days
- Logs/analytics: up to ~14 months
- Billing data: kept as required by law
Account deletion → data removed within ~30 days (except legal obligations)
9. Security
We use standard security measures (encryption, access control).
However, no system is 100% secure.
10. International transfers
Data may be processed outside your country (e.g., US, EU).
We use legal safeguards for transfers.
11. Your rights
Depending on your location, you may:
- Access your data
- Correct or delete data
- Restrict or object to processing
- Request data copy
- Withdraw consent
California users have additional rights under CCPA.
To request: qn.khuat@gmail.com
12. Children
Not intended for users under 13.
If a child provides data, contact us to delete it.
13. Updates
We may update this policy. Continued use = acceptance of changes.
14. Contact
Email: qn.khuat@gmail.com