The Services are operated by Tiptap GmbH (“We”), located at Kurfürstenstr. 56, 10785 Berlin, Germany and is therefore governed by the laws and regulations of Germany.
We value your privacy and question everything that stores or processes your personal information. With that in mind, we still need a few external services to publish Tiptap.
We process personal data on the following legal bases of the GDPR:
Types of data processed
Categories of data subjects
Missing the cookie banner? Sorry, we use technically necessary cookies only. 🍪
XCSRF-TOKENcookie is a security measure to prevent attackers from sending data to our servers in your behalf.
laravel_sessioncookie stores who you are, after you logged in.
If you signed up and want to delete your account, you can do that on your profile page. Just scroll down to the bottom, click “delete account” and follow the instructions.
For security reasons we can’t delete your account manually. You wouldn’t want us to delete your account when someone asks to do so, right? Unfortunately it’s not easy to make 100 % sure who sent an email, so we can’t trust email inquiries to delete accounts.
Your data will be completely deleted from our database. If you created a subscription with our payment provider Paddle, they’ll need to keep your information for legal reasons though.
If you're a Tiptap sponsor on GitHub, we connect your GitHub account with your Tiptap Pro account. GitHub provides us your email address and profile information. Check their privacy statement to learn more about what data they process.
If you're a Tiptap Pro subscriber, you can access an insider channel on our Discord server. We connect your Discord account with your Tiptap Pro account. Discord provides us your profile information. Check their privacy statement to learn more about what data they process.
We use Plausible to gain insight about our visitors in general. It doesn’t track individual users per se and does not store any personal identifiable information. Go to their documentation to find out what Plausible collects.
If you know a good self-hosted version of any of the mentioned services, send us an email to email@example.com.
We take appropriate technical and organizational measures, taking into account legal requirements, the state of technology, and the purposes of the processing, to ensure a level of protection appropriate to the risk. Measures include, among others, controlling access to data and procedures for exercising your rights, deleting data, and responding to data threats. We take data protection into account as early as the development and selection of hardware, software, and processes.
As a data subject, you are entitled to various rights under the GDPR, which arise in particular from Art. 15 to 21 GDPR:
Right to object: You can object at any time to the processing of your personal data for specific reasons, including direct marketing, as per GDPR Article 6(1)(e) or (f) and profiling related to it.
Right to withdraw consent: You have the right to withdraw your consent at any time.
Right of access: You have the right to confirm and obtain information and a copy of your personal data being processed as per the law.
Right of rectification: You have the right to request the completion or rectification of your data as per the law.
Right to erasure and restriction of processing: You have the right to request for the deletion or restriction of processing of your data in accordance with the law.
Right to data portability: You have the right to receive your data in a structured, commonly used, and machine-readable format or to request its transfer to another controller.
Complaints to supervisory authorities: You have the right to file a complaint with a data protection supervisory authority if you believe that the processing of your personal data violates the GDPR.