ZARD

Privacy Policy

Last updated: July 1, 2026

What we collect

  • Account: email address, vault name, hashed password (or OAuth identifier if you sign in with Google).
  • Content: photographs of cards you upload and any text you attach.
  • Messages: the direct messages you send other users.
  • Usage: basic device, browser, and interaction data needed to run the Service.

How we use it

To operate the vault, run AI classification on uploaded images, deliver messages between users, prevent abuse, and improve the Service. We do not sell your personal data.

Sharing

Content in your public vault or on public shared links is visible to anyone with the link. Private vaults and direct messages are visible only to you and the users you share with. We use trusted sub-processors (hosting, database, AI inference, email) under contract and only for the purposes above.

Your rights

You can access, export, or delete your account and content at any time from Profile settings. For requests under GDPR, UK GDPR, or CCPA, email privacy@zard.app.

Security

We use industry-standard encryption in transit and at rest. No system is perfectly secure — please use a strong, unique password.

Children

ZARD is not directed to children under 13. If we learn we have collected data from a child under 13, we will delete it.

Contact

privacy@zard.app