Start your 7-day free trial now. No credit card needed. [Try it now]
Homepage
Card.tel digital business card maker

Privacy Policy & Data Protection Notice

Card.tel is a digital business card SaaS platform for global brands, exporters, and cross-border teams. This privacy policy explains how we collect, use, store, share, and protect personal data, and how you can exercise your data rights. We follow the principles of lawfulness, fairness, necessity, and transparency, and continue aligning with GDPR and related data protection requirements.

Scope and data processing roles

This policy applies when you access, register for, subscribe to, use, or purchase Card.tel services. For platform account operations, billing, and security risk control, Card.tel usually acts as the data controller. When enterprise customers use the platform to collect visitor information, that enterprise usually acts as the controller, while Card.tel provides technical services as the processor under the agreed terms.

Personal data we may collect

To provide digital business card creation, link aggregation, lead management, appointment coordination, and subscription billing services, we may collect the following information:

  • Account and identity information: Such as name, company name, email address, phone number, account role, and login credentials stored in encrypted form.
  • Card and business data: Such as profile photos, job titles, company descriptions, external links, social accounts, booking settings, form fields, and content you upload voluntarily.
  • Device and log data: Such as IP address, device model, system version, browser type, access time, activity logs, error logs, and security audit records.
  • Order and payment data: Such as order number, subscription plan, invoice details, and payment status. Sensitive payment data such as full bank card details is usually handled by licensed payment providers.
  • Cookies and identifiers: Used to maintain login state, preferences, security checks, and analytics. You can manage related options in your browser or cookie settings.

When you start or renew a service, we collect only the information necessary to complete the transaction and provide the service. We follow the principle of data minimization, and do not request personal data unrelated to the current business scenario. For high-risk processing activities, we perform assessments and apply additional safeguards.

Digital business card data protection illustration for the Card.tel privacy policy

How we use your personal data

We use the information we collect for the following purposes:

  • Create and manage accounts and deliver core functions such as card pages, booking, and lead management
  • Process orders, subscriptions, invoices, and payment status to perform contractual obligations
  • Send service notices, billing reminders, security alerts, and support replies
  • Identify abnormal logins, fraud, and security risks to protect accounts and platform security
  • Send product updates or marketing information related to your preferences where you have consented or where permitted by applicable law

The usual legal bases include:

  • Performance of a contract, such as service delivery, billing, and after-sales support
  • Compliance with legal obligations, such as tax retention and compliance audits
  • Legitimate interests, such as security protection and service quality improvement
  • Your consent, such as for optional cookies and certain marketing outreach

How we share personal data

We share information only where necessary with trusted service providers to support operations, and we bind them by contract to security and confidentiality obligations:

  • Infrastructure and cloud providers: for hosting, storage, backups, CDN, and availability support
  • Payment providers: for payment processing, settlement reconciliation, and anti-fraud controls
  • Communication and support tools: for ticket handling, email notices, and service communication
  • Analytics services: for measuring product performance and improving the experience, subject to consent where required
  • Legal requirements: for disclosures required by law, judicial process, or regulators

Cookies and tracking technologies

We use essential cookies to support login and security, and may also use analytics cookies to improve the service. You can manage them in your browser settings to manage or clear cookies. Some browsers' Do Not Track signals still lack a unified industry standard, and we continue improving our response based on applicable law and platform capabilities.

Your data rights

Under applicable laws such as GDPR, you generally have the following rights:

  • Rights to access, correct, delete, restrict processing, object to processing, data portability, and withdraw consent
  • You can use the support page to submit a rights request, and we will verify and respond within the legally required timeframe
  • If you disagree with the outcome, you have the right to lodge a complaint with the competent data protection authority

Data retention and deletion

We retain personal data only for the period necessary to achieve business purposes and fulfill contractual and legal obligations. After the retention period ends, we delete, anonymize, or de-identify the data according to its type.

Children's data

Our services are mainly intended for businesses and adult users. If applicable law sets additional conditions for processing children's data, such as parental consent, we will follow those legal requirements and apply enhanced safeguards.

Cross-border transfers and security measures

When business needs require data transfers outside the EU or EEA, we use appropriate legal mechanisms, such as adequacy decisions, SCCs, together with technical and organizational measures such as encryption, access control, least privilege, and audit logs to reduce transfer risk.

Policy updates and contact

We may update this policy because of product upgrades, business adjustments, or legal and regulatory changes. Material updates will be announced through in-product notices or other reasonable methods. If you need to ask about privacy, submit a data rights request, or share compliance feedback, please contact us through the support page for assistance.