CardLocker Privacy Policy

1. Introduction

This Privacy Policy explains how CardLocker (“the App”) handles your data. CardLocker is committed to user privacy and data protection. The App has been designed to operate without collecting, transmitting, or storing any personally identifiable information or sensitive financial data on external servers.

By using CardLocker, you acknowledge and agree to the practices described in this Privacy Policy.

2. Data Collection

• CardLocker does not collect, track, or transmit any personal or financial data.
• No user accounts are required or supported.
• The App does not include analytics, advertising, or third-party tracking tools.
• No data is transmitted to the developer or any external service provider.

3. Local Data Storage

CardLocker stores all sensitive card data locally on your device using Apple’s Keychain Services. This includes card numbers, expiration dates, and CVV codes.

• Apple’s Keychain is encrypted and secured by the device’s security features.
• Sensitive data is never uploaded to iCloud or external servers.
• Optional syncing of non-sensitive metadata (like nicknames and timestamps) may occur via iCloud if the user opts in.

4. Use of Apple Services

• iCloud (Optional): Syncs non-sensitive metadata if enabled by the user.
• Keychain: Securely stores card data on-device. Not accessible by the developer.

5. Data Retention and Deletion

Users may delete card data at any time. Deletion removes the data from local storage and iCloud (if applicable).

6. Third-Party Access

CardLocker does not use third-party analytics, crash reporting, or advertising SDKs. No backend server is used. However, if you purchase a license, limited information (e.g., email) is processed securely to deliver your license key and confirm payment via PayPal.

7. Payments and Licensing

When you make a purchase, your email address is used solely to send you a license key and receipt. PayPal or other providers may process the payment, but CardLocker itself does not store or transmit payment details. License verification is handled securely via Firebase, and webhook verification ensures transactions are authentic.

8. Children’s Privacy

CardLocker does not knowingly collect data from children under 13. The App complies with COPPA and other privacy laws by not collecting any personal data.

9. Security

• Uses secure Apple-provided technologies like biometric authentication and Keychain.
• Emails are sent through a secure provider with minimal logging.
• Webhooks and licenses are cryptographically verified to prevent tampering or unauthorized access.

10. Changes to This Privacy Policy

This policy may be updated. Significant changes will be communicated via the App or website.

11. Contact

If you have any questions, please contact: jf.tech.team@gmail.com