logo-andres-saumet

buscar

Privacy Policy

cardiq

Effective Date: 2026-05-07

CardIQ Privacy Policy

This Privacy Policy explains how CARDIQ collects, uses, and protects your data when using the CardIQ mobile application.

1. Introduction

CARDIQ is committed to protecting your privacy. This policy outlines how we handle your information in compliance with global data protection laws, including GDPR, UK GDPR, CCPA, and PIPEDA.

2. Information We Collect

Minimal data collection:

  • Anonymous UUID: Generated on your device and not linked to your identity

  • Card Images: Processed only for analysis

  • Search Queries: Used to retrieve market prices

  • Device Identifier (IDFA): Collected by the Meta (Facebook) SDK only if you grant permission via the iOS App Tracking Transparency (ATT) prompt. If you decline, Meta receives only anonymous, non-identifiable data.

  • App Events: In-app actions (e.g., app opens, purchases) sent to Meta for advertising attribution.

  • Portfolio Snapshots: A daily record of your collection's total estimated value is stored locally on your device to power your Portfolio Value Tracker. This data never leaves your device.

We do NOT collect:

  • Personal data such as name, email, or phone number

  • IMEI or hardware identifiers

  • Browsing history outside of this app

  • Payment information

Legal Basis for Processing (GDPR):
We process your data based on: (a) Legitimate interests - to provide core app functionality such as card analysis and portfolio tracking; (b) Consent - for advertising attribution via Meta SDK, obtained through the iOS ATT prompt; (c) Contract performance - to manage your subscription via RevenueCat.

3. Third-Party Data Processing

CARDIQ Backend Server (image proxy): 

  • Card images are transmitted securely to our own server via HTTPS before being forwarded to 

OpenAI  

  • Images are not stored on our servers after analysis is complete

  • The server is located in the United States  

OpenAI (AI analysis):

eBay API (pricing data):

  • Receives card names only

  • No personal data shared

Meta (Facebook) SDK (advertising attribution):

  • Receives app events (app opens, purchases) for advertising measurement

  • If ATT permission is granted, your IDFA may be shared with Meta

  • If ATT is declined, only anonymous aggregated data is sent via Apple's SKAdNetwork

  • Policy: https://www.facebook.com/privacy/policy/

RevenueCat (subscription management):

  • Receives anonymous device identifier, subscription status, and purchase history

  • May share purchase events with Meta for attribution (server-to-server)

  • Policy: https://www.revenuecat.com/privacy

4. How We Use Your Data

  • Organize your card collections locally

  • Analyze card condition and value

  • Display real-time market pricing

  • Measure advertising performance via Meta SDK

We do NOT:

  • Sell or rent your data to third parties

  • Use your data for profiling beyond what is disclosed above

  • Store personal data on our own servers

5. Data Storage and Security

Local storage only:

  • Stored securely on your device

  • Encrypted by the operating system

  • Automatically deleted when the app is removed

Security measures:

  • Secure HTTPS connections

  • No accounts or passwords required

  • No centralized databases

6. Your Privacy Rights

Depending on your jurisdiction (GDPR, CCPA, PIPEDA), you have rights including:

  • Access your data

  • Request deletion

  • Correct inaccurate data

  • Export your data

  • Restrict or object to processing

  • Opt out of advertising tracking by declining the ATT prompt or going to iOS Settings → Privacy → Tracking

  • Lodge a complaint: You have the right to file a complaint with your local data protection authority (e.g., the ICO in the UK, or your EU Member State's supervisory authority) if you believe your data is being processed unlawfully.

Contact: andressaumet@gmail.com

Response time: Up to 30 days

7. International Data Transfers

When using AI services or Meta SDK, data may be processed on servers located in the United States under standard contractual safeguards.

8. Children's Privacy

CardIQ is not intended for users under 13 (USA) or under 16 (EU).

9. Subscription and Free Plan

Free plan limits:

  • 1 card scan

  • 1 collection

  • 1 card added

CardIQ Pro:

  • Up to 25 scans per day

  • Subscription managed via App Store and RevenueCat

10. Data Sharing and Disclosure

We share data with:

  • OpenAI (image analysis)

  • eBay (pricing queries)

  • Meta (Facebook) — app events and IDFA if ATT granted, for advertising attribution

  • RevenueCat — subscription status and purchase history

  • Authorities when legally required

We do NOT share data with:

  • Data brokers

  • Marketing companies unrelated to our advertising

11. Changes to This Policy

This policy may be updated due to legal or operational changes. Continued use of the app implies acceptance.

12. Disclaimer

This Privacy Policy is provided for informational purposes and does not constitute legal advice.

Contact Information

Email: andressaumet@gmail.com

Terms of Service: https://www.andressaumet.com/proyectos/cardiq/terms- of-service

Last Updated: May 7, 2026

Volver al ProyectoVer Todos los Proyectos

Paginas

Herramientas

Políticas

Sigueme en Redes

Todos los derechos reservados Andres Saumet 2026 ©