What we keep on file.

CardCard runs out of Helsinki. We hold as little personal data as a business-card service can: an email if you sign in, the four to fourteen fields you actually put on the card, and the records we need to take a payment if you upgrade. This page lays it out plainly.

What we hold

Card contents. Name, tagline, LinkedIn username, theme. On Pro: title, company, vanity path, up to ten detail fields, an unlisted toggle. These are what the card is — they are public on cardcard.me/c/<id> (or your vanity path) unless you mark a detail field wallet-only or set the card unlisted.
Sign-in email. Stored on our database when you sign in. Used for the magic link, billing receipts, and the Pro welcome and cancellation emails. Nothing else.
Sessions. A short opaque token in a HttpOnly, Secure cookie named cardcard_session. The matching record lives in our key-value store and expires automatically. No marketing or analytics cookies.
Payment data. If you subscribe to Pro, Stripe holds your card details — we never see them. We keep your Stripe customer id and subscription state so we can show "Pro is active" and let you cancel.
The Wallet pass. A signed .pkpass is generated and cached for download. It contains exactly what is on the front and detail of your card — no more.

Who else sees it

Cloudflare hosts the Worker, database, key-value, and Wallet-pass cache. Traffic transits Cloudflare's edge.
Stripe processes payments. They get your email, billing address, and card details directly from you when you upgrade.
Resend sends the email (sign-in link, Pro welcome, Pro cancellation). They get the recipient address and the message we send.
Glyphex records page-level traffic for us — privacy-friendly, no cookies, no user identifiers, no cross-site tracking.
We do not sell or share your data with anyone else. Ever.

How long we keep it

Card and account records stay until you delete them or close the account.
Magic-link tokens self-destruct after fifteen minutes or first use.
Sessions expire automatically; sign-out clears them immediately.
Stripe keeps payment records on its own retention schedule (typically seven years for tax purposes).

What you can ask us to do

Under European data-protection law you can ask us to: tell you what we hold, correct anything wrong, delete your account and its data, send you a copy of your records, or stop processing your data. Email hello@cardcard.me with the request and the email on file. We answer within thirty days.

If you think we have mishandled your data, you can also complain to the Finnish Data Protection Ombudsman (tietosuoja.fi).

The smaller print

CardCard Atelier is operated by Skadi Oy, Helsinki, Finland · Business ID 2808573-9 · VAT FI28085739.
Last revised 7 May 2026. We will note material changes here.