Privacy Policy

Introduction

By using the tiptap.dev website and making use of a Tiptap Account (the “Account”) and all its related features, you understand that your data in relation with your use of our Services is processed according to the following privacy policy. This policy states what data we collect through your access and use of our Services, and the use we make of such data. This privacy policy is to be read and understood as being a complement to our terms of service.

The Services are operated by Tiptap GmbH (“We”), located at Kurfürstenstraße 56, 10785 Berlin, Germany and is therefore governed by the laws and regulations of Germany.

We value your privacy and question everything that stores or processes your personal information. With that in mind, we still need a few external services to publish Tiptap.

Contact us

If you have questions about this privacy policy or our use of your data, please contact us by email to humans@tiptap.dev.

Legal framework

We process personal data on the following legal bases of the GDPR:

Data collection and usage

Types of data processed

Categories of data subjects

Processing purposes

Cookie declaration

Delete your account

If you signed up and want to delete your account, you can do that on your profile page. Just scroll down to the bottom, click “delete account” and follow the instructions.

For security reasons we can’t delete your account manually. You wouldn’t want us to delete your account when someone asks to do so, right? Unfortunately it’s not easy to make 100 % sure who sent an email, so we can’t trust email inquiries to delete accounts.

Your data will be completely deleted from our database. If you created a subscription with our payment provider Paddle, they’ll need to keep your information for legal reasons though.

List of external services (data subprocessors)

Sponsorship (GitHub)

If you're a Tiptap sponsor on GitHub, we connect your GitHub account with your Tiptap Pro account. GitHub provides us your email address and profile information. Check their privacy statement to learn more about what data they process.

Community (Discord)

If you're a Tiptap Pro subscriber, you can access an insider channel on our Discord server. We connect your Discord account with your Tiptap Pro account. Discord provides us your profile information. Check their privacy statement to learn more about what data they process.

Node.js Registry (DigitalOcean)

We use DigitalOcean to host our private Node.js registry for Tiptap Pro extensions in their data center in Frankfurt (Germany, EU). If you want to know more, read DigitalOcean’s privacy policy.

Hosting (Hetzner)

We use Hetzner to host our Tiptap cloud. We’re using their data center in Nuremberg (Germany, EU). If you want to know more, read Hetzner’s privacy policy.

DNS and Emails (Servivum)

We use Servivum to host our website, our domains and email accounts. If you want to know more, read Servivums’s privacy policy.

Tracking (Plausible)

We use Plausible to gain insight about our visitors in general. It doesn’t track individual users per se and does not store any personal identifiable information. Go to their documentation to find out what Plausible collects.

Subscriptions (Paddle)

We use Paddle to sell subscriptions. They are the merchant of record, so it’s them who you officially buy from. They provide us with an API to handle your subscription. Also, they store your personal and payment data to process the subscription payment. If you want to know more, read Paddle’s privacy policy.

Contact and helpdesk (Front)

We use Front as a helpdesk and ticketing system to handle all the e-mail requests to humans@tiptap.dev. Find Front’s Legal Information here.

Suggesting alternatives

If you know a good self-hosted version of any of the mentioned services, send us an email to humans@tiptap.dev.

Security measurements

We take appropriate technical and organizational measures, taking into account legal requirements, the state of technology, and the purposes of the processing, to ensure a level of protection appropriate to the risk. Measures include, among others, controlling access to data and procedures for exercising your rights, deleting data, and responding to data threats. We take data protection into account as early as the development and selection of hardware, software, and processes.

Your Rights

As a data subject, you are entitled to various rights under the GDPR, which arise in particular from Art. 15 to 21 GDPR:

Right to object: You can object at any time to the processing of your personal data for specific reasons, including direct marketing, as per GDPR Article 6(1)(e) or (f) and profiling related to it.

Right to withdraw consent: You have the right to withdraw your consent at any time.

Right of access: You have the right to confirm and obtain information and a copy of your personal data being processed as per the law.

Right of rectification: You have the right to request the completion or rectification of your data as per the law.

Right to erasure and restriction of processing: You have the right to request for the deletion or restriction of processing of your data in accordance with the law.

Right to data portability: You have the right to receive your data in a structured, commonly used, and machine-readable format or to request its transfer to another controller.

Complaints to supervisory authorities: You have the right to file a complaint with a data protection supervisory authority if you believe that the processing of your personal data violates the GDPR.

Modifications to the privacy policy

We reserve the right to review and change this policy from time to time periodically. Please inform yourself regularly about the content of our privacy policy. We adapt the data protection declaration as soon as the changes in the data processing carried out by us make this necessary. We will inform you as soon as the changes require your consent or other individual notification.