Privacy Policy

Summary

BizQard is a digital business card app. We collect the data needed to run it: the contact information you put on your card, the cards you save from other people, the events you tag them with, and a handful of operational signals (scan events, device tokens).

We never sell your data. We use it to provide the service, to notify you when someone saves your card, and to keep the product working.

Who we are

BizQard ("we", "us") is operated by the BizQard team. For any privacy question, contact [email protected].

What we collect

• Account data: the email address you use to sign in, the authentication provider you chose (email, Apple, Google), and your account creation timestamp.
• Card data: the contents of business cards you create (name, title, company, phone, email, website, social handles, photo if you upload one, theme color). Card content is publicly viewable to anyone who has the URL.
• Contact data: cards you've saved from others, with optional notes and an event tag, plus the source of capture (QR, NFC, link, manual).
• Event data: labels you assign to networking sessions (e.g. "CES 2026") and their start/end timestamps.
• Scan events: anonymous IP + user agent when your card profile is viewed; if a recipient submits their email through the web fallback form, we record their email address alongside the scan event.
• Device tokens: APNs / FCM push notification tokens for the device(s) you sign in on.
• Location: if you grant location permission, we use your coarse location to auto-tag the location of contacts you save. We do not store continuous location; only the reverse-geocoded string at save time.

What we don't collect

• We don't collect contacts from your phone's address book.
• We don't track you across other apps or the web for advertising.
• We don't sell or rent your data to data brokers or advertisers. Ever.
• We don't store the photos / contents of cards you scan as images — only the text data.

How we use it

• To provide the BizQard service — store your cards, sync contacts, deliver Wallet passes.
• To email you when someone saves your card and submits their email.
• To send transactional emails (sign-in links, welcome emails, scan notifications).
• To respond to your support requests.
• To enforce our Terms of Service and prevent abuse.

Who we share it with

We use the following third-party processors. Each processes data on our behalf under a data processing agreement.

• Supabase — database, authentication, file storage, edge functions.
• Resend — transactional email delivery.
• Apple — Apple Wallet pass delivery, sign-in with Apple, push notifications.
• Google — Google Wallet pass delivery, sign-in with Google, push notifications.

Your rights

If you're in the EU, UK, or California (or any other jurisdiction with comparable rights), you can:

• Request a copy of your data.
• Correct inaccurate data.
• Delete your account and all associated data.
• Object to or restrict processing.
• Port your data to another service.

Email [email protected] and we'll respond within 30 days.

Data retention

Account data is kept while your account is active. Delete your account and we erase your personal data within 30 days, except where retention is required by law (e.g. financial records). Anonymized aggregate analytics may be retained indefinitely.

Security

We use TLS in transit and at-rest encryption for the database and storage. Authentication tokens are stored in the device's secure storage. We follow least-privilege access for our team.

Children

BizQard is not directed to children under 13 (or 16 in the EU). We don't knowingly collect personal data from them. If you believe we have, email us and we'll delete it.

Changes to this policy

If we materially change this policy, we'll email you at least 30 days before the new version takes effect.

Contact

For any privacy question, complaint, or rights request: [email protected].