Privacy Policy

This policy explains what data CardLink collects, why we collect it, and how we use and protect it.

Data Encryption

Private data you store in CardLink, such as contact notes, is encrypted at rest using modern cryptography. We use AES-256-GCM with envelope encryption, and maintain a minimal index (HMAC) to enable exact-match searches without exposing plaintext.

  • Notes are encrypted on the server before being stored.
  • Legacy plaintext notes are being migrated to encrypted form.
  • Exact-match search is supported via a secure HMAC index.

Information We Collect

  • Account data such as name and email.
  • Business card details you provide.
  • Usage and event data to improve the product.

How We Use Information

  • Provide and improve CardLink features.
  • Enable sharing and networking functions.
  • Communicate updates and critical notices.

Data Retention

We retain data for as long as your account is active or as needed to provide services and comply with legal obligations.

Your Choices

  • Update or delete your data via your account.
  • Contact support to request account deletion.
  • Opt-out of non-essential communications.

Contact

For privacy questions, contact us at support@example.com.