1. What NobleTap Is
NobleTap ("we," "our," or "us") provides a tap-to-give kiosk platform for schools, faith groups, nonprofits, and community organizations. Our platform includes physical kiosk hardware, a web-based client dashboard, and a companion mobile application ("NobleTap Mobile") that allows authorized organization staff to view donation activity, hardware status, and fund performance.
This Privacy Policy applies to your use of NobleTap's client-facing services, including the web client portal at app.getnobletap.com, the NobleTap Mobile iOS application, and this marketing website at getnobletap.com.
NobleTap does not act as a payment processor. Donations collected through NobleTap kiosks are processed by Stripe and flow directly into your organization's connected payment account.
2. Information We Collect
Account Login Information
When you sign in to the NobleTap client dashboard or mobile application, we collect your email address and verify your password through our authentication system. Authentication session tokens are stored securely — on mobile, tokens are stored in the device's iOS Keychain using Expo SecureStore. We do not store passwords in plaintext.
Organization and Membership Data
After login, we retrieve your organization membership and role to display the appropriate client dashboard. This includes your organization's name, your assigned role (e.g., client, admin), and which data you are authorized to view.
Donation Reporting Data
The client dashboard and mobile app display donation amounts, fund labels, dates, device or source labels, and preset information associated with your organization's transactions. This data is retrieved from NobleTap's servers over an encrypted connection. On mobile, it is not stored permanently on your device beyond your active session.
Device and Reader Status Data
We display the connection status of hardware devices and readers registered to your organization. This includes device names, online/offline/stale status indicators, and assigned fund information. Raw hardware serial numbers and internal identifiers are not surfaced in the client-facing interface.
Website Usage Information
When you visit getnobletap.com, standard web server logs may be collected by our hosting provider (Cloudflare Pages), including IP address, browser type, pages visited, and referral source. We use this information solely for security and operational purposes and do not use it to build individual profiles.
Contact and Inquiry Information
If you contact us via email or submit an inquiry form, we collect the information you provide (such as your name, email address, and message) in order to respond to you. This information is not shared with third parties for marketing.
Diagnostic Information
We may collect limited technical diagnostic information — such as app crash reports — through standard error reporting tools to improve application stability. This diagnostic data does not include donation amounts, donor information, or authentication credentials.
3. Information We Do Not Collect
NobleTap's client-facing services do not collect or transmit:
- Donor names, email addresses, phone numbers, or personal identifying information
- Donor payment card data or bank account information
- Receipt delivery email addresses or phone numbers
- Stripe payment intent IDs, charge IDs, or other internal payment identifiers
- Raw hardware device serial numbers or setup codes
- Device GPS location data or background location information
4. How We Use Information
We use the information we collect to:
- Authenticate users and provide access to the appropriate organization dashboard
- Display donation reporting data — amounts, fund breakdowns, device status, and activity summaries — for your organization
- Maintain session security — issuing and refreshing access tokens that expire and are tied to your account
- Respond to support inquiries you initiate
- Improve our services — using aggregated, non-identifying usage and diagnostic data to fix bugs and improve reliability
- Meet legal obligations — retaining records as required by applicable law
We do not use your information to serve advertising, build behavioral profiles, or sell data to third parties.
5. Payment Processing
NobleTap kiosk hardware collects contactless payments from donors at the point of giving. All payment processing is handled by Stripe, a third-party payment processor. NobleTap does not store, process, or transmit cardholder data — this is handled entirely by Stripe in accordance with PCI DSS standards.
Donation amounts shown in the NobleTap dashboard and mobile app are retrieved from NobleTap's reporting backend after transactions have been completed and settled by Stripe. The mobile app and web dashboard do not initiate, modify, or refund payments.
Stripe's data practices are governed by Stripe's own Privacy Policy, available at stripe.com/privacy.
7. Security
We use industry-standard security practices to protect your information, including:
- All communication between client applications and NobleTap servers uses HTTPS / TLS encryption in transit
- Authentication tokens on mobile are stored in the device's secure encrypted storage (iOS Keychain) and are never written to application logs
- Access to dashboard data is restricted to authenticated users with verified organization membership and appropriate role assignment
- Our infrastructure uses access controls, monitoring, and regular review processes to limit unauthorized access
While we take reasonable and appropriate steps to protect the information in our systems, no method of electronic transmission or storage is completely secure. You are responsible for maintaining the confidentiality of your account credentials and notifying us promptly if you suspect unauthorized access.
8. Data Retention
Session tokens stored on your mobile device are retained until you sign out or uninstall the application. Donation and operational data displayed in the app is not retained locally beyond your active session.
Account and organization data held on NobleTap's servers is retained for as long as your organization maintains an active NobleTap service agreement, and for a reasonable period thereafter as required for legal, accounting, or dispute resolution purposes.
If you wish to request deletion of your personal data, please contact us at the address below.
9. Your Choices
- Sign out: You can end your session at any time via the Settings tab in NobleTap Mobile or by logging out of the web client portal. This removes locally stored session tokens.
- Account closure: To close your NobleTap account or request removal of your data, contact your account representative or email support@getnobletap.com.
- Contact opt-out: If you no longer wish to receive operational emails from NobleTap, contact us directly. Note that transactional emails related to your active service agreement may still be required.
10. Children's Privacy
NobleTap's client dashboard and mobile application are intended for use by authorized organization staff and are not directed to children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe we have inadvertently collected such information, please contact us so we can promptly delete it.
11. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. When we make material changes, we will update the "Last updated" date at the top of this page. For significant changes, we may provide additional notice — such as an email notification to the address associated with your account.
Continued use of NobleTap's services after any changes take effect constitutes your acceptance of the updated policy. We encourage you to review this page periodically.
12. Contact
If you have questions, concerns, or requests regarding this Privacy Policy or the handling of your personal information, please contact us: