Legal
Security
How we protect customer data, secure the platform, and respond to incidents.
Last updated:
Platform ownership
OneTap Digital Card is owned and powered by Van Tech Systems LLC. For legal inquiries, contact legal@onetap.app.
Our approach
OneTap Digital Card is built and operated by Van Tech Systems LLC with security designed in from day one. We follow the principle of least privilege across our infrastructure, application, and internal systems.
Data protection
- All data in transit is encrypted with TLS 1.2 or higher.
- Data at rest is encrypted using industry-standard algorithms.
- Customer data is logically isolated by row-level security.
- Backups are encrypted and retained according to our retention policy.
Access controls
Access to production systems is limited to authorized Van Tech Systems LLC personnel, gated by single sign-on with multi-factor authentication. Administrative actions are logged and reviewed.
Application security
We follow secure development practices, including code review, static analysis, and dependency scanning. Authentication, payments, and webhook processing are reviewed regularly.
Incident response
Van Tech Systems LLC maintains an incident response process to detect, contain, and notify affected users in the event of a confirmed security incident, in line with applicable law.
Reporting a vulnerability
Found something that looks like a security issue? Email security@onetap.app or follow our Responsible Disclosure policy.
Other legal documents
- Privacy Policy
- Terms & Conditions
- Terms of Use
- Cookie Policy
- Security (you are here)
- Responsible Disclosure