Privacy Policy
MapMyCard ("we", "our", or "us") is committed to protecting your privacy. This policy explains what data we collect, how we use it, and what controls you have. We have designed MapMyCard to collect the minimum information required to provide the service.
1. Overview
MapMyCard is a location-based business card discovery app. The app allows users to find nearby business cards uploaded by others and to upload their own card to be discovered. Most features are available without creating an account.
Privacy-first design: You can browse and discover cards without signing in. We store no user profile, no email address (beyond Firebase Auth), and no personal data beyond what is on your uploaded card image.
2. Data We Collect
The table below summarizes all data collected by MapMyCard:
| Data Type | When Collected | Purpose |
|---|---|---|
| Device location (coordinates) | On first open, on location refresh | Show nearby cards; pin your card on map |
| Google Account ID | On sign-in only | Authenticate user for upload / report / delete |
| Card images (front + back) | On card upload | Display your card to nearby users |
| Business type selection | On card upload | Enable category filtering |
| Report submissions | When you report a card | Moderation and auto-hide threshold |
| Block list | When you block a card | Remove blocked cards from your feed |
| Last known location | Stored locally on device | Fast feed load on app restart |
We do not collect: name, email address (beyond Google's internal auth token), phone number, payment info, browsing history outside the app, or any biometric data.
3. Location Data
Location is the core functionality of MapMyCard. Without it, the app cannot operate.
- Location permission is requested on first launch
- Your current location coordinates are sent to our Firebase database to calculate card distances
- When you upload a card, your coordinates at that time are stored with the card so others can see its distance from them
- Other users see distance ("0.3 km away") but never your exact GPS coordinates
- Your last known location is cached locally on your device for fast app restarts â it is not transmitted until you open the app
- You can update your location at any time by tapping the city name shown at the top of the screen
Location is only used for proximity calculations. We do not track movement, build location history, or share precise coordinates with other users or third parties.
4. Google Authentication
MapMyCard uses Firebase Authentication with Google Sign-In. When you sign in:
- Google authenticates your identity and provides us a unique user ID (UID)
- We store only this UID in our database â not your Google email, name, or profile picture
- The UID is used to associate your uploaded card and your reports with your account
- Sign-in is required only for: uploading a card, reporting a card, or deleting your account
- Browsing and discovering cards requires no sign-in
Google's own privacy policy governs how Google handles the sign-in process. We encourage you to review it at policies.google.com/privacy.
5. Card Images
When you upload your business card:
- Front and back images are stored in Firebase Storage, accessible only via your card's entry in Firestore
- Images are visible to all users within the discovery radius â this is the intended function of the app
- Only you (the card owner) can replace or delete your card images â Firebase Storage rules enforce this
- The admin panel cannot upload or edit card images â Storage is write-protected to card owners only
- When you delete your card or account, images are permanently removed from Storage immediately
Do not upload card images containing sensitive personal information (SSN, bank details, passwords). Only upload professional business cards.
6. Reports & Blocks
When you report or block a card:
- A report record is created containing: your user ID, the reported card ID, the reason selected, and any additional text you wrote
- Report records are visible only to platform admins in the admin panel â never to other users
- Your block list is stored in your user record in Firestore â it is private to you
- You can report each card once per account to prevent spam reporting
- When a card is deleted or its owner deletes their account, all associated reports are permanently removed
- When a flagged card is restored by an admin, all its report records are wiped and the count resets to zero
7. Data Sharing
We do not sell your data. We do not share your data with advertisers. The only third parties involved are:
- Google Firebase â our backend infrastructure (Firestore, Storage, Auth, Remote Config). Data is stored on Firebase servers subject to Google's data processing terms.
- Google Sign-In â for authentication only. Google processes your login; we receive only a user ID.
We may disclose data if required by law or to protect the safety of users, but we will notify users when legally permitted to do so.
8. Data Retention
Data is retained as long as you have an active card or account:
- Card data & images â retained until you delete your card or account
- Report records â retained until the reported card or the reporting account is deleted
- Block list â retained until account deletion
- Location cache â stored locally on your device; cleared when you uninstall the app
Account deletion is permanent and irreversible. All your data is removed immediately with no recovery option.
9. Children's Privacy
MapMyCard is not directed at children under 13. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has submitted data, please contact us and we will delete it promptly.
10. Your Rights
You have the following rights regarding your data:
- Access â you can view your uploaded card at any time in the My Card tab
- Correction â you can change your business type at any time and delete/re-upload card images
- Deletion â use the Delete Account option to permanently remove all your data. This is immediate and irreversible.
- Portability â your card images are visible in-app and can be photographed or screenshotted
The Delete Account feature in the app removes everything: your sign-in, card, card images from Storage, all reports you made, your block list, and all reports others made about your card. No residual data is kept.
11. Contact Us
If you have questions or concerns about this privacy policy or your data, please contact us:
- Email: contact@mapmycard.com
- Website: contact.html
We aim to respond to all privacy-related inquiries within 5 business days.
12. Terms of Use
By using MapMyCard, you agree to the following terms:
12.1 Acceptable Use
- Upload only your own legitimate professional business card
- Do not upload cards belonging to other people or organizations without authorization
- Do not upload cards containing illegal, offensive, or misleading content
- Use the report feature only for genuine violations â false reports may result in account suspension
12.2 One Card Policy
Each Google account may have one active card. Creating multiple accounts to circumvent this policy is prohibited and may result in all accounts being removed.
12.3 Content Responsibility
You are solely responsible for the content of your uploaded card. MapMyCard is not liable for inaccurate, misleading, or inappropriate card content. We reserve the right to remove any card that violates these terms.
12.4 Service Changes
We reserve the right to modify, suspend, or discontinue any part of the service at any time. We will make reasonable efforts to notify users of significant changes.
12.5 Limitation of Liability
MapMyCard is provided "as is" without warranties of any kind. We are not liable for any damages arising from your use of the app, reliance on card information, or inability to access the service.
By downloading and using MapMyCard, you confirm that you have read, understood, and agree to both this Privacy Policy and the Terms of Use. If you do not agree, please uninstall the app and contact us to delete your data.