📄 Privacy Policy

Privacy Policy

Last updated: 1 March 2026

1. Information We Collect

We collect information you provide when creating an account (name, email, company), API usage data (request metadata, response times, error rates), and billing information processed by our payment provider. We do not store gift card numbers or PINs — these are processed in memory and never persisted.

2. How We Use Your Data

We use your data to provide and improve the API, send service notifications, produce usage analytics for your dashboard, and comply with legal obligations. We do not sell your data to third parties.

3. Data Retention

Account data is retained for the duration of your account plus 30 days after deletion. API request logs (without card data) are retained for 90 days for debugging purposes.

4. Third-Party Processors

We use Stripe for payment processing, AWS and Cloudflare for infrastructure, and Postmark for transactional email. All processors are subject to appropriate data processing agreements.

5. Your Rights (GDPR)

EU/EEA users have the right to access, correct, export, or delete their personal data. To exercise these rights, contact privacy@mycardliaison.com. We will respond within 30 days.

6. Security

All data is encrypted at rest (AES-256) and in transit (TLS 1.3). We are PCI DSS Level 1 and SOC 2 Type II certified. See our Security page for full details.

7. Contact

For privacy enquiries: privacy@mycardliaison.com. MyCardLiaison Ltd, 1 Canada Square, London E14 5AB, UK.