Privacy Policy
Last updated: February 6, 2026
CardFlow ("we," "our," or "us") operates the CardFlow platform and website at cardflow.cloud (the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.
By accessing or using our Service, you agree to this Privacy Policy. If you do not agree, please discontinue use of the Service immediately.
1. Information We Collect
1.1 Personal Information You Provide
When you register for an account or use our Service, we may collect:
- Account Information: Name, email address, phone number, company name, job title
- Card Content: Business card details including name, designation, company, phone, email, address, website, social media links, profile photos, company logos, and product/service information
- Payment Information: Billing address and payment method details (processed securely through our third-party payment processor; we do not store full card numbers)
- Communications: Any messages, feedback, or support requests you send us
1.2 Information Collected from Card Recipients
When someone views or interacts with a digital business card created through our Service, we may collect:
- Lead Information: Name, phone number, email, and company (voluntarily submitted by the visitor)
- Scanned Card Data: Text extracted via OCR from business cards that visitors choose to scan
- Card Photos: Images of business cards that visitors voluntarily upload
- Interaction Data: Which buttons were clicked (call, email, WhatsApp, save contact, share), timestamps, and referral sources
1.3 Automatically Collected Information
When you or card recipients access our Service, we automatically collect:
- Device Information: Device type (iPhone, Android, iPad, Desktop), browser type and version
- Usage Data: Pages viewed, features used, tap/scan source (NFC, QR, link), session identifiers
- Technical Data: Screen resolution, language preference, approximate location (country/region level only, derived from IP address)
1.4 Cookies and Tracking
We use minimal cookies and local storage for essential functionality such as maintaining login sessions. We do not use third-party advertising trackers. See our Cookie Policy for details.
2. How We Use Your Information
We use the collected information to:
- Provide, operate, and maintain our Service
- Create and display digital business cards
- Process lead captures and deliver them to card owners
- Provide analytics and insights on card performance
- Process payments and manage subscriptions
- Communicate with you about your account, updates, and support
- Detect, prevent, and address fraud, abuse, or technical issues
- Comply with legal obligations
- Improve and develop new features for our Service
3. How We Share Your Information
We do not sell your personal information. We may share information in the following circumstances:
- Card Owner ↔ Visitor: When a visitor submits their details on a digital card, that information is shared with the card owner (the purpose of the Service)
- Service Providers: We share data with trusted third-party providers who assist in operating our Service (hosting, payment processing, email delivery), subject to confidentiality obligations
- Legal Requirements: We may disclose information if required by law, regulation, court order, or governmental request
- Business Transfers: In connection with a merger, acquisition, or sale of assets, your information may be transferred as a business asset
4. Data Storage and Security
Your data is stored on secure servers. We implement industry-standard security measures including:
- Encryption in transit (TLS/SSL)
- Encrypted database storage
- Access controls and authentication
- Regular security assessments
While we strive to protect your information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.
5. Data Retention
We retain your personal information for as long as your account is active or as needed to provide the Service. Specifically:
- Account Data: Retained until account deletion is requested
- Lead Data: Retained until deleted by the card owner or account closure
- Analytics Data: Aggregated and retained for up to 24 months
- Payment Records: Retained as required by applicable tax and financial regulations
Upon account deletion, we will delete or anonymize your personal data within 30 days, except where retention is required by law.
6. Your Rights
Depending on your jurisdiction, you may have the right to:
- Access: Request a copy of your personal data
- Correction: Request correction of inaccurate data
- Deletion: Request deletion of your personal data
- Portability: Request your data in a machine-readable format
- Objection: Object to certain processing of your data
- Withdraw Consent: Where processing is based on consent, you may withdraw it at any time
To exercise any of these rights, contact us at privacy@cardflow.cloud.
7. Children's Privacy
Our Service is not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected personal data from a child without parental consent, we will take steps to delete that information.
8. International Data Transfers
Your information may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place to protect your data in accordance with this Privacy Policy.
9. Third-Party Links
Our Service may contain links to third-party websites or services. We are not responsible for the privacy practices of these external sites. We encourage you to review their privacy policies.
10. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by posting the new policy on this page and updating the "Last updated" date. Continued use of the Service after changes constitutes acceptance of the revised policy.
11. Contact Us
For questions or concerns about this Privacy Policy or our data practices, contact us at:
CardFlow
Email: privacy@cardflow.cloud
Website: cardflow.cloud