CardMatchCardMatch

Privacy Policy

Last Updated: February 6, 2026

1. Introduction

CardMatch ("we", "us", or "our") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

2. Information We Collect

2.1 Information You Provide

When you use CardMatch, we collect information you provide:

  • Account Information: Name, email address, username, profile picture (via Google OAuth)
  • Listing Information: Card details, images, descriptions, conditions, and preferences
  • Communications: Messages, support requests, and feedback

2.2 Automatically Collected Information

We automatically collect certain information when you use our Service:

  • Usage Data: Pages viewed, features used, time spent, interactions
  • Device Information: Browser type, operating system, IP address, device identifiers
  • Cookies and Similar Technologies: See section 4 below

3. How We Use Your Information

We use your information to:

  • Provide, maintain, and improve the Service
  • Create and manage your account
  • Match you with potential trading partners
  • Display your listings to other users
  • Communicate with you about your account and updates
  • Analyze usage patterns and improve user experience
  • Detect and prevent fraud, abuse, and security incidents
  • Comply with legal obligations

4. Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience:

  • Essential Cookies: Required for authentication and core functionality
  • Analytics Cookies: Help us understand how users interact with the Service (PostHog)
  • Performance Monitoring: Track errors and performance issues (Sentry)

You can control cookies through your browser settings, but disabling certain cookies may affect functionality.

5. Third-Party Services

We use the following third-party services:

5.1 Google OAuth

We use Google OAuth for authentication. When you sign in with Google, Google shares your basic profile information (name, email, profile picture) with us. Please review Google's Privacy Policy.

5.2 Cloudflare

We use Cloudflare for content delivery and DDoS protection. Cloudflare may collect certain information. See Cloudflare's Privacy Policy.

5.3 Resend

We use Resend for sending transactional emails (notifications, match alerts). See Resend's Privacy Policy.

5.4 PostHog

We use PostHog for product analytics to understand usage patterns and improve the Service. See PostHog's Privacy Policy.

5.5 Sentry

We use Sentry for error tracking and performance monitoring. See Sentry's Privacy Policy.

6. Information Sharing

We do NOT sell your personal information. We may share your information:

  • With Other Users: Your profile, listings, and match information are visible to other users
  • Service Providers: Third-party services that help us operate (hosting, analytics, email)
  • Legal Compliance: When required by law or to protect our rights
  • Business Transfers: In connection with a merger, sale, or acquisition

7. Data Retention

We retain your information for as long as your account is active or as needed to provide the Service. When you delete your account:

  • Your profile and listings are removed from public view
  • Some data may be retained for legal compliance or legitimate business purposes
  • Anonymized analytics data may be retained indefinitely

8. Your Rights

Depending on your location, you may have the following rights:

  • Access: Request a copy of your personal data
  • Correction: Update or correct your information
  • Deletion: Request deletion of your account and data
  • Portability: Receive your data in a portable format
  • Opt-Out: Unsubscribe from marketing communications

To exercise these rights, contact us at privacy@cardmatch.com.

9. Data Security

We implement reasonable security measures to protect your information, including:

  • Encryption in transit (HTTPS)
  • Secure authentication (OAuth 2.0)
  • Regular security assessments
  • Access controls and monitoring

However, no method of transmission over the internet is 100% secure. You are responsible for maintaining the confidentiality of your account credentials.

10. Children's Privacy

CardMatch is not intended for children under 13. We do not knowingly collect personal information from children under 13. If we discover we have collected such information, we will delete it promptly.

11. International Users

CardMatch is operated in the United States. If you are accessing the Service from outside the US, your information may be transferred to, stored, and processed in the US. By using the Service, you consent to this transfer.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or through the Service. Your continued use after changes take effect constitutes acceptance of the updated policy.

13. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us:

Email: privacy@cardmatch.com