This Privacy Policy explains how Cardyard ("Cardyard," "we," "us" or "our") collects, uses, and shares information when you visit https://www.cardyard.ai or use any related products or services (collectively, the "Service").

1. Information We Collect

• Account Information – email address, display name, and password (stored using strong hashing).
• Subscription & Payment Details – payment method tokens, billing address, and related metadata processed securely by Stripe®; Cardyard never stores credit‑card numbers.
• Usage Data – game sessions, prompts, cards you generate, feature interactions, logs, and feedback.
• Cookies & Device Data – IP address, browser/OS type, device identifiers, language, referrer URLs, and analytics cookies.
• Age Confirmation – a yes/no response confirming you are 18 + before accessing premium or NSFW content. We do not collect your birthdate.

2. How We Use Information

• Provide, operate, and personalize the Service;
• Verify age eligibility for NSFW features and premium features;
• Process payments, manage subscriptions, and prevent fraud;
• Store prompts, cards, and usage logs indefinitely to moderate content, improve models, and develop new features;
• Perform analytics, monitor performance, and troubleshoot issues;
• Send transactional emails (receipts, critical updates) and marketing emails (you can opt out at any time);
• Comply with legal obligations and enforce our Terms of Service.

3. Legal Bases (EEA/UK)

We process personal data when necessary to (a) perform our contract with you, (b) pursue our legitimate interests (e.g., improve and secure the Service), (c) meet legal obligations, or (d) with your consent (e.g., marketing emails).

4. Sharing of Information

We share information only with:

• Stripe for payment processing;
• Analytics providers (e.g., Google Analytics) for usage insights;
• Service providers who process data on our behalf under strict confidentiality;
• Authorities or third parties when legally required or to protect rights, safety, or property.

We do not sell or rent personal information.

5. Cookies & Tracking Technologies

We use cookies and similar technologies to recognize you, remember preferences, perform analytics, and improve the Service. You can disable cookies via your browser, but some features may not function properly.

6. Data Retention

Account data is retained while your account is active. Prompts, cards, and usage logs are retained indefinitely for moderation and product improvement. Upon a verified deletion request, we will delete or anonymize personal data within 30 days.

7. Your Rights

Depending on your location, you may request to access, correct, delete, export, object to, or restrict processing of your personal data. California residents may also request information about categories of personal information collected and opt out of any "sale" or "sharing" (we do not sell personal information). To exercise rights, email support@cardyard.com.

8. Children’s Privacy

The Service is not directed to children under 13. We do not knowingly collect personal data from children under 13. If we learn that such data has been collected, we will delete it.

9. Security

We use industry‑standard measures, including encryption in transit, role‑based access controls, and regular backups, to protect personal information.

10. Changes to This Policy

We may update this Privacy Policy from time to time. For material changes, we will notify you by email (if you have an account) or by posting a prominent notice on the Service. The "Last updated" date indicates when updates become effective.

11. Contact Us

Questions or requests? Email support@cardyard.com.