Privacy Policy

Account information

When you sign up, we collect your name, email address, and (if you set one) a password hash. If you sign in with Google or another identity provider, we receive basic profile information from that provider.

Card content

We store the content you add to your cards: name, job title, company, phone, email, website, photos, links, sections, and theme preferences.

Lead capture data

If a visitor submits the lead-capture form on a card, we store the information they provide (typically name, email, phone, and an optional message) and make it available to the card owner.

Analytics & usage

When someone views a card, we record the view and may capture coarse information such as device type, browser, referrer, and country (derived from IP address). We do not use third-party advertising trackers.

Payment information

Subscription billing is handled by Stripe. We do not store your full payment card details. We retain limited information such as plan type, last four digits, billing email, and transaction history.

Communications

We retain support emails, in-app messages, and product feedback you send us.

• To provide, maintain, and improve the service;
• To authenticate your account and protect against fraud;
• To process payments and manage subscriptions;
• To deliver transactional emails (password reset, billing receipts, lead notifications, team invites, order updates);
• To produce analytics for card owners (e.g., view counts) and for ourselves to understand product usage in aggregate;
• To respond to support requests;
• To comply with legal obligations.

We do not sell your personal information, and we do not use Your Content to train third-party AI models.

We share information only as needed to operate the service:

• Stripe — payment processing
• Email provider (e.g., Resend or SendGrid) — transactional email delivery
• Hosting & database providers — application hosting and data storage
• Authentication providers (e.g., Google) — only when you choose to use them

Each provider is contractually required to handle data only as instructed by us and consistent with this policy. We may also disclose information to comply with valid legal process or to protect the rights and safety of our users and the public.

Cards you publish are intentionally public. Anyone with the link (or who scans your QR / taps your NFC) can view them. Organization team pages may also list published cards of members. You can unpublish a card at any time.

We use cookies and similar technologies to keep you signed in, remember preferences, and measure aggregate usage. We do not use third-party advertising or cross-site tracking cookies. You can manage cookies in your browser settings; disabling them may limit functionality.

Depending on where you live, you may have rights to access, correct, export, or delete your personal information, and to object to certain processing.

EEA / UK (GDPR): you have the rights of access, rectification, erasure, restriction, objection, and portability, plus the right to lodge a complaint with your supervisory authority.

California (CCPA/CPRA): you have the right to know what we collect, request deletion, and opt out of the “sale” or “sharing” of personal information. We do not sell or share personal information for cross-context behavioral advertising.

To exercise any rights, email moxietech@gmail.com. You can also delete your account at any time from your settings.

When a visitor submits a lead form on your card, you (the card owner) are the controller of that data, and MoxieTech is your processor. You are responsible for providing visitors with required notices and a lawful basis for collection.

We retain account and card data while your account is active. After account deletion, we delete or anonymize personal information within a reasonable period, except where we must retain it to comply with legal obligations, resolve disputes, or enforce agreements.

We use industry-standard administrative, technical, and physical safeguards (encryption in transit, hashed passwords, restricted access). No system is perfectly secure, and we cannot guarantee absolute security.

We may process and store information in countries other than yours. Where required by law, we use appropriate safeguards (such as Standard Contractual Clauses) for cross-border transfers of personal data.

MoxieTech is not directed to children under 16, and we do not knowingly collect personal information from children. If you believe a child has provided us information, contact us and we will delete it.

We may update this policy from time to time. If changes are material, we will notify you by email or in-app notice. The “Last updated” date at the top reflects the most recent version.

Questions, requests, or complaints? moxietech@gmail.com