Privacy Policy

CARDPIE ("we") respects your privacy. This Policy explains how we collect, use, store, share, and protect personal information when you visit or use our website, applications, and related virtual credit card comparison and purchase services. By using our services, you acknowledge and agree to this Policy; if you do not agree, please discontinue use.

This Policy may not describe processing performed solely by card issuers, partner vendors, third-party payment providers, or blockchain networks. Please review their terms for those activities.

We may collect: account and identity-related information (such as email, username, and materials you submit during registration or KYC); transaction and service usage information (such as orders, card applications, and support conversations); technical and device information (such as browser type, device identifiers, coarse location, logs, and cookies for security and product improvement); and Web3 wallet addresses or similar on-chain identifiers you choose to connect (addresses are often not personal data by themselves but may be linked to public on-chain activity).

Unless required by law or separately agreed, we will not ask for sensitive information unrelated to providing the service.

We use personal information lawfully, fairly, and as needed to: provide, maintain, and improve platform features (including checkout, payment guidance, account management, and notifications); verify identities, detect fraud and abuse, and protect security; comply with legal obligations; send important service-related notices; and, with your consent, send product updates or marketing (you may opt out at any time).

We will not use your personal information for purposes inconsistent with this Policy without authorization.

We may share necessary information with: processors who support hosting, payments, email delivery, analytics, and compliance reviews, bound by contracts and limited to assisting our services; card issuers or business partners to fulfill applications and performance you request; regulators or courts when required by law; or in emergencies to protect life, health, or property.

We do not sell your personal information. Where cross-border transfers occur, we apply appropriate safeguards in line with applicable law.

Our servers and vendors may be located outside your country or region. When that happens, we comply with applicable data protection laws and use reasonable contractual and technical measures to reduce risk.

We retain personal information only as long as needed for the purposes described here, unless a longer period is required or permitted by law. Afterwards, we delete or anonymize the data.

We implement reasonable and appropriate technical and organizational measures (such as access controls, encrypted transport, security reviews, and staff training) to protect personal information against unauthorized access, disclosure, alteration, or loss.

No method of transmission or storage is completely secure. Please keep your credentials and private keys safe and do not share them with others.

Depending on applicable law, you may have rights to access, correct, delete, restrict, object, withdraw consent, or port your personal information. To exercise these rights, contact us through the support channels published on this site. We may need to verify your identity for security.

In some cases we must retain certain information to meet legal duties or establish legal claims.

We may update this Policy from time to time. The updated version will be posted here with an effective date; for material changes we will notify you where appropriate.

If you have questions about this Policy or our processing, please reach out through the in-site support entry or the published support email.