Privacy Policy

Cardaroo ("we", "us", or "our") operates the gcards platform that allows users to create and send personalized greeting cards. This Privacy Policy describes how we collect, use, and protect your personal information when you use our service.

Information We Collect

Information You Provide

• Images you upload to create greeting cards
• Card personalization details (occasion, art style, custom messages)
• Shipping information for physical cards (name, address)
• Email addresses for e-card delivery and order receipts
• Payment information (processed securely by Stripe)

Information Automatically Collected

• Usage analytics through Google Analytics (with your consent)
• Error logs and performance data through Sentry
• Browser information and IP address
• Device and connection information

How We Use Your Information

• Process and fulfill your greeting card orders
• Generate personalized card designs using AI
• Send e-cards to specified recipients
• Process payments securely through Stripe
• Send order confirmations and receipts
• Improve our service through analytics (with consent)
• Monitor and fix technical issues

Third-Party Services

We work with trusted partners to provide our services:

Data Retention

• Images: All uploaded and generated images are automatically deleted after 30 days
• Order Data: Kept for accounting and customer service purposes for up to 7 years
• Analytics Data: Aggregated analytics data may be retained longer for service improvement
• E-cards: Stored temporarily to enable delivery and viewing

Cookies and Tracking

We use cookies and similar technologies for:

• Essential website functionality
• Analytics and performance monitoring (with consent)
• Error tracking to improve service quality

You can manage cookie preferences in your browser settings. We implement Google's Consent Mode v2 and will only use analytics cookies with your explicit consent.

Your Rights

You have the right to:

• Access your personal information
• Correct inaccurate data
• Request deletion of your data
• Withdraw consent for analytics tracking
• Object to data processing
• Data portability where applicable

To exercise these rights or opt out of analytics, visit our opt-out page or contact us using the information below.

Data Security

We implement industry-standard security measures to protect your data, including encrypted connections (HTTPS), secure cloud storage, and secure payment processing through Stripe. However, no method of transmission over the internet is 100% secure.

International Data Transfers

Your data may be processed in various countries where our service providers operate, including the United States and European Union. We ensure appropriate safeguards are in place for international transfers.

Children's Privacy

Our service is not intended for children under 13. We do not knowingly collect personal information from children under 13. If you believe we have collected such information, please contact us immediately.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting the new policy on this page with an updated "Last updated" date.

Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us:

Legal Compliance

This Privacy Policy is designed to comply with applicable data protection laws, including the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and other relevant privacy regulations.