Privacy Policy - CardSOFT

1. Introduction

At CardSOFT, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our gift card trading platform.

Key Points:

We collect only necessary information to provide our services
Your data is encrypted and securely stored
We never sell your personal information to third parties
You have control over your data

2. Information We Collect

2.1 Information You Provide

When you use CardSOFT, you may provide us with:

Account Information: Full name, email address, phone number, password
Payment Information: Bank account details (account number, bank name)
Identity Verification: Government-issued ID, selfie photos (for KYC)
Transaction Data: Gift card images, card codes, transaction amounts
Communication: Support tickets, emails, chat messages

2.2 Automatically Collected Information

We automatically collect certain information when you use our platform:

Device Information: IP address, browser type, device type, operating system
Usage Data: Pages visited, features used, time spent on platform
Cookies: Session cookies, preference cookies, analytics cookies
Location Data: General location based on IP address

3. How We Use Your Information

Purpose	Data Used
Account Management	Name, email, password, phone number
Transaction Processing	Gift card data, bank details, transaction history
Payment Processing	Bank account information, transaction amounts
Identity Verification	ID documents, selfies, phone verification
Fraud Prevention	All collected data, device fingerprints
Customer Support	Contact information, transaction history
Platform Improvement	Usage data, analytics, feedback
Legal Compliance	All data as required by law

4. Information Sharing

4.1 Third-Party Service Providers

We share your information with trusted third parties who help us operate our platform:

Paystack: Payment processing (bank details, transaction amounts)
Email Services: SendGrid for notifications (email addresses)
Cloud Storage: Secure storage of transaction data and images
Analytics: Anonymous usage data for platform improvement

4.2 Legal Requirements

We may disclose your information if required by law, court order, or government request, or to:

Comply with legal obligations
Protect our rights and property
Prevent fraud or illegal activities
Protect user safety

4.3 Business Transfers

If CardSOFT is involved in a merger, acquisition, or sale of assets, your information may be transferred to the new entity.

5. Data Security

We implement industry-standard security measures to protect your data:

Encryption: All data transmitted using SSL/TLS encryption
Secure Storage: Encrypted database storage
Access Controls: Limited employee access to personal data
Regular Audits: Security assessments and penetration testing
Password Protection: Hashed and salted password storage
Two-Factor Authentication: Optional 2FA for enhanced security

Note: While we strive to protect your data, no method of transmission over the internet is 100% secure.

6. Data Retention

We retain your information for as long as necessary to:

Provide our services to you
Comply with legal obligations (minimum 7 years for financial records)
Resolve disputes and enforce agreements
Prevent fraud and abuse

You may request deletion of your account and data, subject to legal retention requirements.

7. Your Privacy Rights

You have the following rights regarding your personal data:

Access: Request a copy of your personal data
Correction: Update or correct inaccurate information
Deletion: Request deletion of your account and data
Portability: Receive your data in a portable format
Objection: Object to certain data processing activities
Withdraw Consent: Withdraw consent for data processing

To exercise these rights, contact us at privacy@cardsoft.com

8. Cookies and Tracking

We use cookies and similar technologies to:

Maintain your login session
Remember your preferences
Analyze platform usage
Improve user experience

You can control cookies through your browser settings, but disabling cookies may affect platform functionality.

9. Children's Privacy

CardSOFT is not intended for users under 18 years of age. We do not knowingly collect information from children. If we discover that we have collected data from a child, we will delete it immediately.

10. International Data Transfers

Your information may be transferred to and processed in countries outside Nigeria. We ensure appropriate safeguards are in place to protect your data in accordance with this Privacy Policy.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via email or platform notification. Continued use of CardSOFT after changes constitutes acceptance of the updated policy.

12. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, contact us at:

Email: privacy@cardsoft.com
Support: support@cardsoft.com
Data Protection Officer: dpo@cardsoft.com