CardToDeal Privacy Policy

1. Who we are

CardToDeal is a free business card scanner operated by Quiamo Digital Market Services LLP ("Quiamo", "we", "our"), a limited liability partnership registered in India at Padmavati Hills, Pune, Maharashtra 411009. You can reach our data protection contact at hello@cardtodeal.com or on +91 90216 02686.

This CardToDeal privacy policy explains what data we collect when you use cardtodeal.com, how we use it, and the rights you have over it. Quiamo also operates VynDeal CRM, which carries its own separate privacy policy.

2. What we collect

2.1 Scanned card images

When you upload a card image, that image is transmitted to our servers, processed by a smart extraction pipeline, and the extracted contact fields are returned to your browser. We do not persist the card image or extracted fields on our servers unless you explicitly export to VynDeal CRM.

2.2 Usage data

We log standard request data (IP address, timestamp, user agent, referrer, page path) to operate the service, detect abuse and meet our daily-limit fairness obligations. This data is retained for 30 days.

2.3 Cookies

CardToDeal sets a minimal first-party cookie to track your daily scan count. We do not set third-party tracking cookies on the scan page. Optional analytics cookies fire only with your consent. See our cookie policy for full details.

3. Legal basis (GDPR)

Under GDPR Article 6(1)(a), we process your card scan data on the basis of your consent — by uploading a card to CardToDeal, you provide that consent. You may withdraw it at any time by closing the browser tab; data already processed and returned to your browser is outside our control.

For service-operation logs we rely on GDPR Article 6(1)(f) (legitimate interests) to ensure security and prevent abuse.

4. Card scanner data privacy — what we never do

• We do not sell scanned contact data to third parties.
• We do not train external AI models on scanned cards, outside CardToDeal's own service operation.
• We do not retain card images after the scan returns. They are deleted from working memory at request end.
• We do not contact the people on the cards you scan unless you explicitly route them through VynDeal CRM, which has its own privacy policy.

5. Your rights

Under GDPR and India's Digital Personal Data Protection Act 2023, you have rights of access, correction, deletion, portability and objection regarding any personal data we hold about you. Write to hello@cardtodeal.com to exercise any of these rights. We respond within 30 days.

6. International transfers

CardToDeal's primary servers are in India. If usage is routed via a CDN edge node outside India, that transfer is covered by standard contractual clauses and our processor agreements.

7. Updates to this policy

We will update this GDPR card scanning policy from time to time. The effective date at the top of this page reflects the latest version. Material changes will be flagged on the homepage for at least 14 days. For related terms, see our Terms of Service and Cookie Policy.