Last updated June 15, 2026.
We keep this simple by collecting as little as we can. A few principles we hold to:
This policy covers our marketing website at cardvera.io (the "Site"). It doesn't cover how the Cardvera service handles payment traffic — that's described on our Security page (short version: the product classifies on behavior and network signals and never reads card numbers).
The only personal information we actively collect is what you type into the request-access form:
Like every website, our host also automatically receives basic technical data your browser sends — your IP address, browser type, and the pages you request — recorded in standard server logs for security and reliability. We don't tie that to your identity.
We don't collect payment card data, government IDs, or special-category personal data through the Site.
We rely on a small set of service providers to deliver your form submission to us and to host and secure the Site. They act only on our instructions. We don't sell your personal information, share it with data brokers, or use it for advertising. A current list of these providers is available on request.
We don't set any advertising or behavioral-tracking cookies, and we don't use third-party analytics. Our hosting and security provider may set strictly necessary cookies for security and bot protection (for example, to tell humans from automated traffic). If we ever add analytics, we'll update this policy and ask for consent where the law requires it before setting any non-essential cookies.
We use what you submit to evaluate your request for private beta access, to get back to you about it, and — if you join the beta — to help you get set up. That's it.
We keep beta-application data only as long as we reasonably need it. If you ask us to delete it (or you're not moving forward into the beta), we'll remove it from our active records within 30 days and ask Web3Forms to delete its copy where that's possible.
Depending on your state — for example, under California's CCPA/CPRA — you may be able to ask us to:
We don't sell or "share" personal information for cross-context advertising, so there's nothing to opt out of there. To make any request, email privacy@cardvera.io — we'll respond within the time the law allows (generally 30–45 days) and may need to confirm your identity first.
Cardvera, Inc. is based in the United States, and we and our service providers process data here. The Site is intended for a U.S. business audience; if you access it from elsewhere, your information will still be processed in the United States.
This is a website for business professionals. It isn't meant for anyone under 16, and we don't knowingly collect their information. If you think we have, email us and we'll delete it.
If we change this policy, we'll update the "Last updated" date above, and we'll flag anything significant more prominently.
Anything about this policy or how we handle data — email privacy@cardvera.io.