Yeap

Your single sign-on for all Yeap products

Privacy Policy

Last updated: June 23, 2025

1. Introduction

Yeap Inc. ("Yeap", "we", "our", or "us") operates the Yeap Account Center at login.yeapinc.com and provides identity and single sign-on (SSO) services for Yeap-powered products. This Privacy Policy explains how we collect, use, and protect your personal information when you use our services.

2. Information We Collect

We collect information you provide directly to us, including:

  • Account information: First name, last name, email address, and password (stored as a secure hash).
  • Optional profile data: Phone number and company name, if provided during registration.
  • Authentication events: Login timestamps, IP addresses, and device/browser identifiers for security and fraud prevention.
  • Session data: Encrypted session tokens stored in secure httpOnly cookies on your device.

3. How We Use Your Information

  • Authenticate you and maintain your session across Yeap products.
  • Deliver account-related emails (email verification, password reset, security alerts).
  • Detect and prevent fraudulent or unauthorized access.
  • Comply with applicable legal obligations.
  • Improve the reliability and security of our authentication services.

4. Information Sharing

We do not sell, rent, or trade your personal information to third parties. We share limited information only in these circumstances:

  • Connected Yeap applications: When you authenticate via SSO, we share your name, email address, and verified email status with the application you are signing in to.
  • Service providers: We use AWS (identity backend), Neon (database), and Vercel (hosting). These providers process data on our behalf under contractual data protection agreements.
  • Legal requirements: We may disclose information where required by law, court order, or to protect the rights and safety of Yeap and our users.

5. Data Security

We implement industry-standard security measures including encrypted HTTPS connections, bcrypt-hashed passwords managed by AWS Cognito, RS256-signed identity tokens, httpOnly session cookies, and rate limiting. No method of transmission over the internet is 100% secure; we encourage you to use a strong, unique password and enable multi-factor authentication where available.

6. Data Retention

We retain your account data for as long as your account is active. Authentication logs and security events are retained for up to 90 days. You may request deletion of your account and associated data by contacting us at privacy@yeapinc.com.

7. Your Rights

Depending on your location, you may have the right to:

  • Access the personal information we hold about you.
  • Correct inaccurate or incomplete information.
  • Request deletion of your personal data.
  • Object to or restrict certain processing activities.
  • Receive a copy of your data in a portable format.

To exercise any of these rights, contact us at privacy@yeapinc.com.

8. Cookies

We use a single first-party, httpOnly session cookie (yeap_session) to maintain your authenticated state. This cookie is essential for the service to function and cannot be disabled. We do not use advertising or tracking cookies.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by email or by displaying a notice in the Yeap Account Center. Continued use of our services after changes take effect constitutes acceptance of the updated policy.

10. Contact Us

If you have questions about this Privacy Policy or how we handle your data, please contact us at: privacy@yeapinc.com
Yeap Inc., United States

← Back to sign in