Privacy Policy

1. Introduction

Welcome to My Digital Card ("Application", "App", "Service", "we", "us", or "our"). We are committed to protecting your privacy and ensuring you have a positive experience on our Application. This Privacy Policy explains our policies and practices concerning the collection, use, and disclosure of your information through the Application.

The Application is designed to be offline-first, meaning it prioritizes your privacy by storing all your data locally on your device without requiring cloud synchronization or internet connectivity.

This Privacy Policy applies to the My Digital Card application available on Android and iOS platforms. This Privacy Policy is intended to comply with applicable privacy laws and both Apple App Store and Google Play Store requirements. Please read this Privacy Policy carefully. If you do not agree with our policies and practices, please do not use our Application.

2. Information You Store on Your Device

The Application does not require account registration, login, or user authentication with our services.

2.1 Information You Store Locally (NOT Collected by Us)

The Application is designed so that the following information is stored exclusively on your device using local storage and is not transmitted to our servers. You voluntarily provide this information to the Application:

• Personal Information: Name, job title, company name, email address, phone number, website URL, physical address, and company logo
• Contact Information: Information from cards you scan (business contacts' details)
• Tags and Metadata: Custom tags, meeting locations, and timestamps associated with contacts
• Preferences: Application settings including language preference (English/Arabic) and theme settings

2.2 Technical Data Stored Locally (NOT Sent to Us)

The Application stores the following information only on your device for functionality. None of this data is transmitted to our servers or collected by us:

• Device Information: Device model, OS version (stored locally for app optimization)
• Usage Data: Feature usage history, timestamps, local activity logs (stored locally)
• Performance Data: Application crash logs and error reports (stored only on your device)
• Camera Data: When you initiate QR/OCR scanning, images are processed in-memory only using Google ML Kit on your device. Images are NOT stored or transmitted anywhere

2.3 Information Not Transmitted to Our Servers

Due to our offline-first, device-only architecture, the following information is not transmitted to or accessible by our servers:

• ❌ Your business card information (stored only on your device)
• ❌ Your contact/scan information (stored only on your device)
• ❌ Location data or GPS information
• ❌ User browsing history or internet activity
• ❌ Analytics or behavioral tracking data
• ❌ Biometric data (fingerprints, facial recognition, etc.)
• ❌ Payment information (Application is free)
• ❌ Information about other applications on your device
• ❌ Unique device identifiers (UDID, MAC addresses, etc.)
• ❌ User profiles or personal identifiers that could track you

3. How Your Information Is Used (On Your Device Only)

Since your information is stored only on your device, we never access or use it. The Application uses your information for these purposes locally on your device only:

• Card Management: Your device creates and manages your digital business card locally
• QR Code Generation: Your device generates QR codes from your card data (processed locally)
• Contact Storage: Your device stores scanned contact information using Hive database
• Search & Organization: Your device performs local search, tagging, and organization
• Export Functionality: Your device exports contacts as vCard (.vcf) format
• OCR Processing: Your device uses Google ML Kit to process scanned images (on-device only)
• Localization: Your device displays content in your preferred language (English/Arabic)

4. Data Storage and Security

4.1 Local Storage - Offline-First Architecture

All data is stored locally on your device. My Digital Card uses the Hive database engine to securely store:

• Your business card information
• Scanned contact information
• Custom tags and metadata
• Application settings and preferences

This data is:

• Never sent to our servers: We do not operate cloud servers for this data
• Never synchronized across devices: Your data remains on the specific device where you input it
• Protected by your device's security: Subject to your device's lock screen and security settings
• Securely Stored: Stored within the device's secure application sandbox, protected by operating system-level security mechanisms

4.2 Security Measures

We implement industry-standard security measures:

• Application Sandbox: Data is stored in your device's secure application sandbox, protected by OS-level security
• No Personal Data Transmission: The Application does not transmit your personal data to our servers. Network permissions are used only for system-level functionality such as deep link handling
• No Third-Party Backends: No cloud services store your personal data
• Device-Level Security: We rely on your operating system's security features

4.3 Data at Rest

While the Application provides a secure local storage mechanism, the security of data at rest depends on:

• Your device's operating system protections
• Your device's lock screen password or biometric authentication
• Physical security of your device

Recommendation: We strongly recommend securing your device with a strong password or biometric authentication (fingerprint, face recognition) to protect your stored data.

5. Permissions

The Application requests the following permissions to function properly. These permissions are required only for specific features:

Android Permissions

iOS Permissions

Important: You can grant or deny these permissions at any time through your device's settings. However, denying certain permissions may limit the functionality of the Application.

6. Third-Party Services

6.1 Google ML Kit for OCR

The Application uses Google ML Kit for Optical Character Recognition (OCR) to scan paper business cards. Important points:

• On-Device Processing: OCR processing happens entirely on your device
• No Server Transmission: Scanned images are NOT sent to Google's servers
• No Image Storage: Images are processed and discarded immediately
• Temporary Processing: Images exist only in memory during the scanning process
• Your Control: You decide when to scan (no automatic processing)

Privacy Note: While Google ML Kit's privacy documentation states that images are not sent to servers, you should review Google ML Kit's official documentation for complete details about their privacy practices.

6.2 Other Third-Party Libraries

The Application uses the following open-source libraries that operate entirely on your device:

• Flutter Framework: Application framework (no data transmission)
• Hive Database: Local data storage (no server connectivity)
• QR Flutter: QR code generation (on-device processing)
• Mobile Scanner: QR code scanning (on-device processing)
• Image Picker: Image selection from device (local operation)
• Share Plus: System-level sharing via platform APIs (no data transmission to us)

6.3 Third-Party Analytics

We do NOT use any third-party analytics services. We do not track your usage, do not use Firebase Analytics, Mixpanel, Amplitude, or any other analytics platform.

6.4 Third-Party Advertising

The Application contains NO advertising. We do not use AdMob, AdSense, or any other advertising network.

6.5 Platform Data Safety Declarations

In accordance with platform requirements, we declare the following:

• Google Play Data Safety: The Application declares that no user data is collected or shared. No data is transmitted to our servers or third parties.
• Apple App Privacy: The Application declares "Data Not Collected" in its App Store privacy label. No data is linked to your identity or used for tracking.

These declarations are consistent with the Application's offline-first, device-only architecture described throughout this Privacy Policy.

7. Data Sharing

7.1 Your Data Is Not Transmitted to Us

Since your personal business card information is stored exclusively on your device and is not transmitted to our servers, we do not have access to:

• Your business card information
• Your scanned contacts
• Your tags or preferences
• Any personal data you enter into the Application

Bottom line: We do not operate servers that store user data. Your information is managed by your device only.

7.2 Voluntary Sharing

The only way your card information is shared is when you choose to share it:

• QR Code Sharing: When you share your card's QR code with another person, they receive only what is encoded in that QR code (your business card data)
• Deep Link Sharing: When you share a deep link (mydigitalcard://...), the recipient receives only the data in that link
• vCard Export: When you export a contact as vCard (.vcf), only the selected contact's data is shared
• Image Sharing: When you share your card as an image, only that image is shared

7.3 Legal Requirements

To the extent we possess any information (such as support communications), we may disclose such information if required by law, such as:

• Valid legal requests from government authorities
• Court orders or subpoenas
• Protection of legal rights, privacy, or safety

Due to our architecture (data stored locally on your device), we typically would have no user data to disclose beyond any direct communications you may have sent us.

8. Your Rights and Controls

8.1 Data Access and Portability

All your data is already in your control. You can:

• View all your business card information within the Application
• Export your contacts as vCard (.vcf) files compatible with any contact management system
• Access your data anytime without needing to contact us

8.2 Data Deletion

You have complete control to delete your data:

• Delete Individual Contacts: Remove scanned contacts from your "My Scans" list
• Delete Your Card: Delete your business card from the Application
• Delete All Data: Uninstall the Application, which removes all associated data from your device
• Clear Application Data: Use your device's application settings to clear the Application's cache and stored data

Note: Once deleted, this data cannot be recovered unless you have a backup.

8.3 Data Correction

You can modify any information in the Application at any time:

• Edit your business card details
• Correct scanned contact information
• Update tags and meeting locations

8.4 Withdraw Consent

Since we do not collect or process data (it's stored on your device), there is no "consent to withdraw." However, you can stop using the Application at any time and uninstall it from your device.

9. Children's Privacy

My Digital Card is not intended for use by children under the age of 13 (or the applicable age of digital consent in your jurisdiction, such as 16 in the EU).

Since the Application does not collect or transmit personal data to our servers, we do not typically receive personal information from children. However, if you contact us and disclose information related to a child, we will handle it appropriately and delete any such information promptly.

Parental Guidance: If you are a parent or guardian and have concerns about your child's use of the Application, please contact us using the contact information below.

Note: On the Apple App Store, the Application is rated "12+" based on business content only, not due to any data collection practices. On Google Play, the Application is rated "Everyone" and declares no data collection in its Data Safety section.

10. Data Retention

10.1 Local Data Retention

Data you input into the Application is retained on your device indefinitely until you:

• Manually delete individual contacts or your card
• Clear the Application's cache and data through device settings
• Uninstall the Application

10.2 Temporary Processing Data

Data processed during specific operations is temporary:

• Scanned Images (OCR): Deleted immediately after processing (not stored)
• QR Code Data: Processed in memory and not permanently stored by the system
• Temporary Files: Removed after export or sharing operations complete

10.3 Backup and Restoration

If you use your device's native backup features (iCloud backup on iOS, Google Account backup on Android), your Application data may be included in those backups. This is your choice through your device's settings.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.

We will notify you of significant changes by:

• Updating the "Last Updated" date at the top of this policy
• If required, posting a prominent notice in the Application
• For material changes, requesting your consent if required by law

Your continued use of the Application after changes constitutes your acceptance of the updated Privacy Policy.

Recommendation: We suggest reviewing this Privacy Policy periodically to stay informed about how we protect your privacy.

12. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:

12.1 Data Protection Authority

Depending on your location, you may have the right to lodge a complaint with your local data protection authority. Please check your local regulations for details.

12.2 CCPA / GDPR Rights

If you are a California resident (CCPA) or European resident (GDPR), you may have specific privacy rights including the right to know, delete, correct, and opt-out of data sales.

Since we do not collect or store personal data from the Application on our servers, these rights are typically exercised directly by the user through the Application (e.g., viewing, correcting, deleting, or exporting your data). If you have questions about exercising these rights, please contact us at the email address above.