Dyve Cards

Privacy Policy

Last updated May 26, 2026.

This policy explains what Dyve Cards (the “Service”) collects, how we use it, and the choices you have. The Service is operated by Dyve Technology LLC (“we,” “us,” or “Dyve”), a limited liability company organized under the laws of Illinois, with a registered office at c/o Registered Agents Inc., 2501 Chatham Rd, Suite R, Springfield, IL 62704. By using Dyve Cards you agree to this policy.

1. What we collect

We keep the collection list short on purpose. We collect only what we need to operate the Service.

  • Account information. Your email address when you sign up or sign in. We never ask for a password (we use magic-link sign-in).
  • Profile content. Whatever you choose to put on your card: display name, title, company, photo, cover image, bio, and any contact fields you add (phone, email, address, social handles, embeds, and so on). This information is published at your public profile URL by design.
  • Tap analytics. Each time someone taps your NFC card or visits your card URL, we record the timestamp, IP address, user-agent string, originating country (resolved from the IP), and the referring URL if any. We use this to power the per-card and per-profile analytics in your dashboard.
  • Workspace data. If your account is part of a team workspace, we store the workspace name, members, roles, invites, and any administrative audit events generated by the workspace (member additions, removals, profile edits made by admins on members' behalf).
  • Billing information. If you subscribe to a paid plan, we use Stripe to process payments. Stripe receives the data you submit at checkout (name, billing address, card number). We do not store card numbers ourselves. We store a Stripe customer ID and subscription ID for billing operations.
  • Operational logs. Standard server and edge logs (HTTP method, path, status, timing) are emitted by our hosting provider for diagnostics and abuse prevention. These are short-lived.

2. How we use it

  • To operate the Service (render your public profile, serve your vCard, run analytics).
  • To send transactional email (magic-link sign-in, invite emails, billing receipts, weekly tap digests if you have any). We use Resend as our email vendor.
  • To enforce abuse prevention (rate limits, fraud screening, suspicious-activity review).
  • To bill paid subscriptions and to send billing-related notices.
  • To respond when you contact us.

We do not sell your personal information. We do not run third-party advertising and we do not embed advertising trackers.

3. Who we share with

We share data only with vendors that help us run the Service:

  • Cloudflare for hosting, edge delivery, and image storage.
  • Stripe for payment processing on paid plans.
  • Resend for sending transactional email.

We may also disclose information if required by law, by a valid legal request, or to protect the Service against fraud or abuse. We do not voluntarily share data with law enforcement absent a subpoena, warrant, or court order.

4. Cookies and similar technologies

We use exactly one cookie: a signed session cookie nameddyve_sessionset after you sign in. It is HTTP-only, set with Secure and SameSite=Lax, and scoped to cards.dyvetech.com. We do not use third-party tracking cookies and we do not embed advertising pixels.

5. Data retention

  • Account and profile data: kept while your account is active. Deleted when you delete your account (see “Your rights” below).
  • Tap event rows: retained for 90 days at the per-event level, after which we keep aggregated daily counts only.
  • Audit and workspace events: retained for the life of the workspace; anonymized when the actor leaves the workspace.
  • Billing records: retained as long as Stripe retains them (typically seven years for tax purposes).
  • Operational logs: retained per Cloudflare's defaults, typically under 30 days.

6. Your rights

You have the right to:

  • Access the personal information we hold about you. Most of it is visible in your dashboard.
  • Correct inaccurate information by editing your profile in the dashboard.
  • Delete your account. You can do this from the Profile page in the dashboard. Deletion is immediate and cascades through your profile, cards, contact fields, and tap history. Aggregated analytics that no longer identify you may be retained.
  • Export your data on request. Email support@dyvetech.com and we will return a JSON or CSV bundle of your account contents.
  • Object or restrict certain processing (where granted by applicable law).

If you are in the European Economic Area, the United Kingdom, Switzerland, or a United States jurisdiction with comparable rights (California, Colorado, Connecticut, Utah, Virginia, and others), the above are formal legal rights and we will honor them within the timelines required by the applicable law.

7. Children

Dyve Cards is not directed at children under 13 and we do not knowingly collect personal information from anyone under 13. If you believe a child has provided us with personal information, contact us at support@dyvetech.com and we will delete it.

8. International transfers

We are based in the United States. Our vendors process data in the United States and (for Cloudflare edge delivery) globally. By using the Service from outside the United States, you consent to your information being transferred to and processed in the United States.

9. Security

We use industry-standard practices: TLS everywhere, HMAC-signed session cookies, hashed magic-link tokens, scoped vendor credentials, and least-privilege access. No system is perfectly secure. If you discover a vulnerability, please email support@dyvetech.com.

10. Changes to this policy

We may update this policy. Material changes will be announced by email to active account holders and reflected in the “Last updated” date above. Continued use of the Service after a change means you accept the updated policy.

11. Contact

Questions or requests: support@dyvetech.com. Postal mail: Dyve Technology LLC, c/o Registered Agents Inc., 2501 Chatham Rd, Suite R, Springfield, IL 62704.