Privacy Policy

Last Updated: January 2026

This Privacy Policy describes how Club Card ("we", "our", or "us") collects, uses, and shares your information when you use our mobile application (the "App").

1. Information We Collect

1.1 Information You Provide

• Loyalty Card Data: Card names, numbers, barcodes, store names, and custom colors you add to the App
• Account Information (Optional): If you choose to use Google Sign-In, we collect your Google account email and profile information
• Support Communications: Information you provide when contacting our support team

1.2 Automatically Collected Information

• Device Information: Device model, operating system version, unique device identifiers
• Usage Data: App interactions, features used, crash reports, and performance data
• Camera Access: Access to your device camera for barcode scanning (no images are stored or transmitted)
• Photo Gallery Access: Access to your device photos for scanning barcodes from existing images (images are processed locally and not stored or transmitted)

2. How We Use Your Information

We use the collected information for:

• Service Provision: To store and display your loyalty cards within the App
• Cloud Synchronization: To sync your cards across devices (only if you enable this feature)
• App Improvement: To analyze usage patterns, fix bugs, and enhance features
• Customer Support: To respond to your inquiries and provide assistance
• Legal Compliance: To comply with applicable laws and regulations

3. Data Storage and Security

3.1 Local Storage

By default, all your card data is stored locally on your device using encrypted local storage. This data never leaves your device unless you enable cloud synchronization.

• Widget Data: If you add home screen widgets, card information and barcode images are stored locally on your device for widget display
• Theme Preferences: Your theme selection (light, dark, or system) is stored locally on your device

3.2 Cloud Storage (Optional)

If you sign in with Google, your card data is encrypted and securely stored in Firebase Cloud Firestore. We implement industry-standard security measures including:

• Data encryption in transit (TLS/SSL)
• Data encryption at rest
• Secure authentication via Google Sign-In
• Regular security audits

3.3 Data Retention

We retain your data for as long as your account is active or as needed to provide you services. You can delete your account and all associated data at any time through the App settings.

4. Third-Party Services

4.1 Firebase (Google Cloud)

We use Firebase services for:

• Authentication: Google Sign-In for optional cloud sync
• Cloud Firestore: Secure cloud storage for synced cards
• Analytics: Anonymous usage statistics to improve the App
• Crashlytics: Crash reporting for stability improvements

Firebase's Privacy Policy: https://firebase.google.com/support/privacy

4.2 Google AdMob

We display advertisements through Google AdMob to support the free version of the App. AdMob may collect:

• Device identifiers (for ad serving)
• IP address
• App usage data
• Ad interaction data

AdMob's Privacy Policy: https://support.google.com/admob/answer/6128543

Personalized Ads: You can opt out of personalized ads in your device settings (Google > Ads > Opt out of Ads Personalization).

5. Data Sharing

We do not sell, trade, or rent your personal information. We only share data in the following limited circumstances:

• With Your Consent: When you choose to share a card with others using the share feature
• Service Providers: With Firebase/Google Cloud for hosting and analytics (as described above)
• Legal Requirements: If required by law, court order, or government regulation
• Protection of Rights: To protect our legal rights, prevent fraud, or ensure user safety

6. Your Privacy Rights

You have the following rights regarding your personal data:

• Access: Request a copy of your data
• Correction: Update or correct inaccurate data
• Deletion: Delete your account and all associated data
• Portability: Export your data in a machine-readable format
• Opt-Out: Disable cloud sync or personalized ads

To exercise these rights, go to Settings → Account → Manage Data in the App, or contact us at flxcodelab@gmail.com.

7. Children's Privacy

Club Card is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If we discover that we have collected information from a child under 13, we will delete it immediately. If you believe we have collected information from a child under 13, please contact us.

8. International Data Transfers

Your data may be transferred to and stored on servers located outside your country of residence, including in the United States where Google/Firebase servers are located. We ensure appropriate safeguards are in place to protect your data in accordance with this Privacy Policy and applicable laws.

9. Cookies and Tracking

The App itself does not use cookies. However, third-party services (AdMob, Firebase Analytics) may use cookies and similar tracking technologies. You can manage these preferences in your device settings.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by:

• Posting the new Privacy Policy in the App
• Updating the "Last Updated" date
• Sending an in-app notification (for material changes)

Your continued use of the App after changes indicates acceptance of the updated Privacy Policy.

11. Do Not Track

Some browsers have "Do Not Track" features. At this time, the App does not respond to Do Not Track signals due to lack of industry standards.

12. California Privacy Rights

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

• Right to know what personal information is collected
• Right to know if personal information is sold or shared
• Right to opt-out of sale of personal information (we don't sell data)
• Right to deletion
• Right to non-discrimination for exercising your rights

To exercise these rights, contact flxcodelab@gmail.com.

13. European Users (GDPR)

If you are in the European Economic Area (EEA), you have additional rights under the General Data Protection Regulation (GDPR). Please see our GDPR Compliance page for detailed information.

14. Contact Us