Privacy Policy

1. Introduction

We respect your privacy and are committed to protecting your personal data. This privacy policy explains how we collect, use, and safeguard your information when you use our digital business card platform.

This policy complies with the General Data Protection Regulation (GDPR) and other applicable privacy laws. By using our service, you agree to the collection and use of information in accordance with this policy.

2. Data Controller

The data controller responsible for your personal data is:
cardwow.io
Vienna
Email: support@cardwow.io

3. Information We Collect

3.1 Personal Information

• Account Information: Email address, password (encrypted), user type
• Profile Information: Name, bio, job title, department, contact details
• Business Information: Company name, address, social media links
• Payment Information: Billing details processed securely through Stripe
• Communication Data: Messages you send to our support team

3.2 Technical Information

• Usage Data: Profile views, interactions, feature usage
• Device Information: IP address, browser type, device type
• Cookies: Session cookies for authentication and preferences
• Analytics: Aggregated usage statistics (anonymized)

4. How We Use Your Information

• Service Provision: Creating and managing your digital business cards
• Account Management: User authentication, profile updates, subscription management
• Communication: Sending important service updates and support responses
• Analytics: Understanding usage patterns to improve our service
• Security: Preventing fraud, abuse, and unauthorized access
• Legal Compliance: Meeting legal obligations and enforcing our terms

5. Legal Basis for Processing (GDPR)

• Contract Performance: Processing necessary to provide our services
• Legitimate Interest: Analytics, security, and service improvement
• Consent: Marketing communications (where applicable)
• Legal Obligation: Compliance with laws and regulations

6. Data Sharing and Disclosure

We do not sell your personal data. We may share your information with:

• Service Providers: Stripe (payments), Vercel (hosting), email services
• Public Profiles: Information you choose to make public in your business cards
• Legal Requirements: When required by law or to protect our rights
• Business Transfers: In case of merger, acquisition, or asset sale

7. Your Rights (GDPR)

Under GDPR, you have the following rights:

• Access: Request a copy of your personal data
• Rectification: Correct inaccurate or incomplete data
• Erasure: Request deletion of your personal data
• Portability: Receive your data in a machine-readable format
• Restriction: Limit how we process your data
• Objection: Object to processing based on legitimate interest
• Withdraw Consent: Remove consent for data processing

To exercise these rights, contact us at privacy@cardwow.io We will respond within 30 days.

8. Data Security

We implement appropriate security measures to protect your data:

• Encryption: Data encrypted in transit and at rest
• Access Controls: Limited access to personal data
• Regular Updates: Security patches and system updates
• Monitoring: Continuous security monitoring and threat detection
• Staff Training: Regular privacy and security training

9. Data Retention

We retain your data for the following periods:

• Account Data: Until account deletion + 30 days for legal purposes
• Usage Analytics: Aggregated data retained for 2 years
• Security Logs: 1 year for security monitoring
• Payment Records: 7 years for tax and legal compliance

10. International Transfers

Your data may be processed in countries outside the EU/EEA. We ensure adequate protection through appropriate safeguards such as standard contractual clauses and adequacy decisions.

11. Cookies

We use cookies for:

• Essential Cookies: Authentication and security
• Analytics Cookies: Understanding usage patterns
• Preference Cookies: Remembering your settings

You can manage cookie preferences in your browser settings.

12. Children's Privacy

Our service is not intended for children under 16. We do not knowingly collect personal information from children under 16. If we become aware of such collection, we will delete the information immediately.

13. Changes to This Policy

We may update this privacy policy periodically. We will notify you of significant changes via email or through our service. Continued use of our service after changes constitutes acceptance of the updated policy.

14. Contact Information

For privacy-related questions or to exercise your rights, contact us:

If you're not satisfied with our response, you have the right to lodge a complaint with your local data protection authority.