Privacy Policy

Last updated on January 1, 2024

Cardinal Apps Inc. ("we", "our" or "Cardinal"), reserves the right to change the terms within this Privacy Policy agreement at any time without prior notice.

By continuing to use Cardinal's products, you agree to this Privacy Policy.

In Short

Cardinal always avoids collecting data, does not track users for marketing purposes, and does not even use cookies on its websites. When data is collected, it's only because it's necessary for the product to function correctly, e.g., requiring a valid email address for secure authentication.

The media that you're watching, listening to, or looking at with your Cardinal apps is none of our business, and we make no attempt to track it. This is our stance for all past, present, and future products.

For users that are willing to share anonymous information, Cardinal offers a feature called Anonymous Telemetry. You will be asked whether you want to enable it when you set up your Home Server.

Personally Identifiable Information

Personally identifiable information (PII) is data that can be used to determine the real life identify of a user. When you create a Cardinal account, your email and IP address are stored on Cardinal's cloud servers and associated with a unique user ID. We do this for security and authentication, and it is an example of PII.

Afterwards, you can optionally submit more data about yourself, like your name. This is another example of PII.

Your PII will never be shared with third parties, and we do not use it for any sort of marketing or targeting. It is stored in accordance with industry best practices.

Media Data

Media data is the plaintext metadata of your image, audio, and video files, and also the bits and bytes that make up the files themselves.

No media data is stored on Cardinal cloud servers, and no information about your media data is collected.

Billing Data

If you choose to purchase a Cardinal product, your transaction and billing data will be handled securly by Stripe. Stripe is PCI compliant, and Cardinal uses their services to handle all billing related matters.

We do not store any credit card, billing, or shipping information on our own infrastructure.

Anonymous Telemetry

Anonymous Telemetry is analytics data that is collected from (as opposed to, about) consenting users in regards to how Cardinal applications are used. Anonymous Telemetry is never sourced from PII or media data.

This data is stored on Cardinal's cloud servers in a way that makes it impossible to correlate to any individual user. It is only used for product insight, not for marketing.

GDPR

Cardinal's applications have been created in accordance with GDPR regulations. We have opted to apply these protections to all Cardinal users, not just those who originiate from Europe.

We have taken measures to ensure that:

  1. Just like this Privacy Policy, the applications use regular language to describe how data is used.
  2. We only collect the least amount of information needed.
  3. Cardinal users can see and manage the data that we store for them.
  4. Cardinal users can delete their accounts and have their data removed from our systems.
  5. We deny all cookies. See the section on Website Cookies.

Law 25

Cardinal Apps Inc. is a Canadian corporation, and as such we are compliant with Québec's Law 25 (French only). We have opted to apply these protections to all Cardinal users, not just those who originiate from Québec.

We have taken measures to ensure that:

  1. Users are notified of our data collection practices prior to any data collection.
  2. Consent is requested in regular language, and does not bundle multiple purposes together.
  3. Users can withdraw their consent at any time to prevent further processing.
  4. Users have the right to data access, rectification, erasure, de-indexation, cessation of dissemination, and portability.
  5. Data is only collected for the specific purposes that the user has explicitly consented to.
  6. Should there be a need for data to be shared with a 3rd party:
    1. A Privacy Impact Assessment (French only) will be conducted before any data is shared with that 3rd party.
    2. That the users affected will be notified.
  7. The consequences of accepting data collection are well explained.

In addition to data governance compliance, we have taken measures to ensure that the way we conduct business is also in compliance with Law 25 by:

  1. Keeping a registry of all confidentiality related incidents, that can be produced upon the request of the Québec government.
  2. Notifying the Commission d'accès à l'information du Québec of any confidentiality related incidents without delay.
  3. Documenting confidentiality related incidents, taking action to reduce the scope of their impact, and preventing similar incidents from reoccuring.

Our appointed Privacy Officer is Brian. Please send inquiries regarding Law 25 to the legal email on the Contact page.

Cookies

The website at cardinalapps.io and of all its subdomains do not use cookies for any reasons, tracking or otherwise.

Community Forums

The community forums at forums.cardinalapps.io are public, and so are all of the comments that you post. You should expect that everything about your forum account is public, except for your email address.

Your forum account has the same rights and privilages as your Cardinal account.

Deleting Your Account

If you choose to delete your account, all of the data associated with your unique Cardinal account ID will be permanently deleted. However, we will keep the ID itself, so that our servers can inform the client applications that the account has been deleted. With your data gone, the user ID cannot be used to identify you, and has been rendered useless.

We will also keep:

  1. Your billing data, for our own tax and financial purposes.

If you are involved in a legal dispute with Cardinal Apps Inc., your account may be in a frozen state, and you may not be able to delete it until a later time.

Your data will be retained in database backups for 7 days after account deletion. After the 7 days have passed, your data will have been removed from all Cardinal assets.

If you have a forum account, you will need to delete it separately.

GDPRLaw 25

This website does not use cookies.

Copyright © 2021-2024 Cardinal Apps Inc.