Privacy Policy

1. Information We Collect

1.1 Personal Information You Provide

When you register for an account or use our Service, we may collect:

• Account Information: Name, email address, phone number, and password
• Profile Information: Job title, company name, bio, profile picture, and cover image
• Business Card Information: Contact details, social media links, website URLs, and address information you choose to include on your digital business card
• Payment Information: When you subscribe to a paid plan, payment processing is handled by Stripe. We do not store your full credit card details.

1.2 Information Collected Automatically

When you use our Service, we automatically collect:

• Device Information: Device type, operating system, unique device identifiers
• Usage Data: Features used, interactions with the app, timestamps
• Log Data: IP address, browser type, pages visited, crash reports

1.3 Information from Third-Party Services

If you choose to sign in using third-party services, we may receive:

• Google Sign-In: Name, email address, profile picture
• Apple Sign-In: Name, email address (may be anonymized based on your Apple ID settings)

1.4 Information You Share

• Scanned Business Cards: When you use our OCR feature to scan physical business cards, the image is processed to extract contact information
• Contacts: With your permission, we may access your device contacts to help you save scanned contacts or share your digital card

2. How We Use Your Information

We use the information we collect to:

• Create and manage your account
• Provide, maintain, and improve our Service
• Process transactions and send related information
• Send you technical notices, updates, and support messages
• Respond to your comments, questions, and requests
• Monitor and analyze trends, usage, and activities
• Detect, investigate, and prevent fraudulent transactions and abuse
• Personalize and improve your experience
• Generate and share your digital business card as directed by you

3. How We Share Your Information

3.1 With Your Consent

Your digital business card information is shared when you:

• Share your card via QR code, NFC, or direct link
• Add your card to someone's contacts
• Enable lead capture forms

3.2 Service Providers

We share information with third-party vendors who perform services on our behalf:

• Supabase: Database and authentication services
• Stripe: Payment processing
• Google Cloud: AI/ML services for business card scanning (OCR)
• Apple/Google: Push notification services
• Analytics providers: To understand app usage

3.3 Legal Requirements

We may disclose your information if required by law or in response to valid requests by public authorities.

3.4 Business Transfers

In connection with any merger, sale of company assets, or acquisition, your information may be transferred.

4. Data Storage and Security

4.1 Data Storage

Your data is stored securely using Supabase infrastructure with servers located in Australia. We implement appropriate technical and organizational measures to protect your personal information.

4.2 Security Measures

We use industry-standard security measures including:

• Encryption in transit (TLS/SSL)
• Encryption at rest
• Secure authentication mechanisms
• Biometric authentication options (Face ID, Touch ID)
• PIN protection for app access
• Regular security assessments

4.3 Data Retention

We retain your personal information for as long as your account is active or as needed to provide you services. You may request deletion of your account and associated data at any time.

5. Your Rights and Choices

5.1 Access and Update

You can access and update your personal information through the app settings.

5.2 Delete Your Account

You can delete your account at any time through the app settings. This will permanently remove your profile and associated data.

5.3 Marketing Communications

You can opt out of promotional communications by following the unsubscribe instructions in those messages.

5.4 Push Notifications

You can disable push notifications through your device settings.

5.5 Device Permissions

You can revoke permissions (camera, contacts, location) through your device settings at any time.

6. Device Permissions

Our app may request the following permissions:

7. Children's Privacy

Our Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If we learn we have collected such information, we will delete it promptly.

8. International Data Transfers

If you are accessing our Service from outside Australia, please be aware that your information may be transferred to, stored, and processed in Australia where our servers are located.

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date.

10. Contact Us

If you have questions about this Privacy Policy, please contact us:

• Email: privacy@dropincard.com.au
• Website: https://dropincard.com.au
• Address: Solution22, Victoria, Australia

11. Australian Privacy Act Compliance

We comply with the Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth). You have the right to:

• Request access to your personal information
• Request correction of inaccurate information
• Lodge a complaint with the Office of the Australian Information Commissioner (OAIC)