CardifyAI

1. Overview

CardifyAI (“we”, “us”, or “our”) is a web application and browser extension that helps you turn your notes, lectures, and PDFs into flashcards. This Privacy Policy explains what information we collect, how we use it, and the choices you have.

We are committed to:

Collecting only what we need to provide and improve CardifyAI.
Not selling your personal information to third parties.
Using industry-standard safeguards to protect your data.

2. Information we collect

2.1 Account & authentication information

When you sign in with Google, we receive:

Your Google account email address
Your Google account ID (a unique identifier)

We use this information to create and identify your CardifyAI account, track your plan and usage, and secure access to your data. We do not receive your Google password.

2.2 Subscription & billing information

If you upgrade to a paid plan, your payment is processed by our payment provider (e.g. Stripe). We may store:

A Stripe customer ID
Subscription IDs and related plan / price IDs
Subscription status (active, canceled, etc.)

We do not store your full credit card number on our servers. Payment details are handled and stored securely by Stripe or any other PCI-compliant payment processor we use.

2.3 Content you provide (notes, PDFs, flashcards)

When you use CardifyAI, you may provide:

Text you paste or type into the dashboard
PDF files you upload to extract text
Flashcards generated for your account
Reviews or feedback you submit about the app

This content may be temporarily processed by AI models to generate flashcards. We store your resulting flashcards and may keep limited logs or usage statistics to operate and improve the service. We do not sell your raw study materials.

2.4 Browser extension information

When you use the CardifyAI browser extension, it may:

Read highlighted text on the page that you explicitly choose to send to CardifyAI.
Communicate with cardifylabs.com to create flashcards and open your dashboard.
Store a small preference (like your last used number of cards) in browser storage.

The extension does not collect your browsing history, keystrokes, or other website content beyond the specific text you highlight and choose to send.

2.5 Usage, analytics & log data

To understand how CardifyAI is used and to improve performance, we may collect:

IP address and basic device information
Browser type and version
Pages visited on CardifyAI (e.g. dashboard, admin, extensions)
Timestamps and simple usage metrics (e.g. cards generated per day)

We may use first-party analytics or privacy-focused third-party analytics tools to understand aggregate usage patterns. We do not use analytics to uniquely fingerprint you for advertising.

3. How we use your information

We use the information we collect for the following purposes:

To provide and maintain the CardifyAI service and your account.
To generate flashcards from the content you submit.
To enforce plan limits (e.g., daily card limits per plan).
To process payments and manage subscriptions.
To monitor usage, prevent abuse, and secure the platform.
To respond to support requests, bug reports, and feedback.
To improve the product based on aggregate usage patterns.

We do not:

Sell your personal data to third parties.
Use your data for interest-based advertising or ad targeting.
Use or transfer your data for creditworthiness or lending decisions.

4. Legal bases for processing (if applicable)

If you are in the European Economic Area (EEA), United Kingdom, or other regions that require a legal basis for processing, we typically rely on:

Contract: To provide the CardifyAI service you request.
Legitimate interests: To improve and secure our service.
Consent: For optional features where required by law.

5. When we share information

We share your information only when necessary to operate CardifyAI or when required by law:

Service providers: Such as cloud hosting, payment processors (e.g. Stripe), and AI infrastructure providers that help us deliver the core functionality.
Legal requirements: If we are required by law, subpoena, or court order, or if we believe in good faith that disclosure is reasonably necessary to protect our rights, users, or the public.
Business transfers: In the event of a merger, acquisition, or asset sale, your data may be part of the transferred assets, subject to the same or similarly protective privacy commitments.

We do not sell your personal information to advertisers or data brokers.

6. Cookies & similar technologies

CardifyAI uses cookies or similar technologies to:

Keep you signed in to your account.
Remember basic preferences (e.g., plan, usage state).
Maintain secure sessions as you navigate the app.

You can control cookies through your browser settings, but disabling essential cookies may prevent the app from functioning properly.

7. Data retention

We keep your information only as long as necessary to provide the CardifyAI service or as required by law. In general:

Your account and flashcards remain stored while your account is active.
Usage logs (such as visits and basic analytics) may be retained for a limited period for security and performance monitoring.
Billing and subscription records may be retained longer to comply with tax and accounting obligations.

8. Security

We use reasonable technical and organizational measures to protect your information, including:

Encrypted connections (HTTPS) between your browser and our servers.
Restricted access to production systems.
Secure third-party providers for payments and infrastructure.

However, no online service can guarantee perfect security. You are responsible for maintaining the security of your own devices and accounts.

9. Children’s privacy

CardifyAI is not directed to children under the age of 13 (or the minimum age in your jurisdiction). We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us so we can take appropriate action.

10. Your rights & choices

Depending on your location, you may have certain rights over your personal information, including:

Accessing a copy of your personal data.
Requesting correction of inaccurate or incomplete data.
Requesting deletion of your data, subject to legal obligations.
Objecting to or restricting certain types of processing.
Exporting your flashcards using our download options (e.g., Anki, CSV, JSON).

To exercise these rights, please contact us using the information in the Contact section below. We may need to verify your identity before processing your request.

11. Browser extension-specific disclosures

For users of the CardifyAI browser extension:

The extension reads only the text you explicitly select and choose to send for flashcard generation. It does not collect full-page content or your browsing history.
The extension communicates only with cardifylabs.com and your browser’s internal APIs (such as context menus and active tab access) to enable the card generation workflow.
The extension may store a small preference (such as your last used number of cards) in browser storage to make your workflow faster.

All extension data usage adheres to this Privacy Policy and the Chrome Web Store / browser extension policies where applicable.

12. Changes to this policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. When we do, we will update the “Last updated” date at the top of this page. If changes are significant, we may also provide additional notice (such as a banner in the app).

Your continued use of CardifyAI after any changes means you accept the updated policy.

13. Contact

If you have questions, concerns, or requests related to this Privacy Policy, you can contact us at:

Email: support@cardifylabs.com

Please include enough detail for us to understand your question or request, and we’ll do our best to respond within a reasonable time.