Cardonaut Privacy Policy

Last Updated: February 21, 2026

Introduction

Cardonaut ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application (the "App"), in accordance with the General Data Protection Regulation (GDPR) and applicable French legislation.

Please read this Privacy Policy carefully. By using the App, you agree to the collection and use of information in accordance with this policy.

Data Controller

The data controller responsible for your personal data is:

Information We Collect

Camera Access

Cardonaut requests permission to access your device's camera. This access is essential for the core functionality of scanning and recognizing trading card game (TCG) cards. The camera is used solely for the purpose of card recognition and to enhance your collection experience.

Storage Access

We request access to your device's storage to save images of cards and your collection data locally on your device. This allows you to maintain your collection even when offline.

Account Data

When creating your account, we collect your username. You may also optionally provide your email address to link your account and facilitate account recovery.

Discord Data

If you choose to link your Discord account, we collect your Discord user ID and Discord username via the OAuth protocol. This linking is entirely optional.

Authentication Data

We use a passwordless authentication system based on OTP (One-Time Password) codes. These codes are temporary and expire after 10 minutes. They are not retained after use.

Collection Data

Your card collection, binders, decks, and associated data are synced to our servers to allow you to access them from multiple devices and to ensure your data is backed up.

Scan Data

When you scan cards, images may be temporarily sent to our servers for AI-powered recognition. These images are deleted immediately after processing and are not stored permanently.

Subscription Data

We collect your subscription status and plan type. Payments are processed entirely by Apple (App Store) or Google (Google Play). We do not store any payment details (card numbers, bank information).

Usage Data

We collect usage data to improve the app, including: feature usage, scan counts, quest progress, and performance metrics. This data is anonymized and does not personally identify you.

Device Data

We collect technical information about your device, including device model, operating system version, and app version, for crash reporting and compatibility improvement purposes.

IP Address

Your IP address is collected by our server infrastructure as part of network connections. It is used for security and technical diagnostics purposes.

Legal Basis for Processing

In accordance with Article 6 of the GDPR, we process your personal data on the following legal bases:

• Contract performance (Art. 6.1.b): account management, collection synchronization, provision of subscription features, card recognition.
• Legitimate interest (Art. 6.1.f): app improvement, crash and bug reporting, performance and usage analytics.
• Consent (Art. 6.1.a): optional email or Discord account linking, marketing communications (if any).

How We Use Your Information

We use the information we collect to:

• Manage your account and authenticate you
• Sync your collection, binders, and decks across your devices
• Process subscription entitlements
• Enable AI-powered TCG card scanning and recognition (local TFLite and server-side OCR/AI)
• Provide card information such as pricing and characteristics
• Monitor and fix app crashes and errors
• Improve app performance and features
• Enhance the user experience

AI Card Recognition

Our app uses artificial intelligence for card recognition through two methods:

• Local processing: a TFLite YOLOv8 model detects card corners directly on your device. No data is sent to any server during this step.
• Server-side processing: images are temporarily sent to our servers for OCR processing (EasyOCR) and recognition by AI models, including Claude (Anthropic), GPT (OpenAI), and Mistral. Images are deleted immediately after processing and are not stored permanently.

In accordance with Article 22 of the GDPR, this automated processing does not produce legal effects on users and does not significantly affect them. It is used solely to identify scanned cards.

Third-Party Services

Our application uses the following third-party services, which may collect or process some of your data:

• Apple App Store / Google Play Store: subscription payment processing
• RevenueCat: subscription management — privacy policy
• Sentry (GlitchTip): crash reporting and error tracking
• Anthropic (Claude): AI card recognition — privacy policy
• OpenAI (GPT): AI card recognition — privacy policy
• Mistral AI: AI OCR — privacy policy
• Discord: optional account linking via OAuth
• Cardmarket: card pricing data (no user data shared)

Data Retention

We retain your personal data for the following durations:

• Account data (email, username, Discord ID): retained until account deletion
• Collection, binder, and deck data: retained until account deletion
• Scan images (server-side): deleted immediately after processing
• Crash reports: retained for 90 days
• Usage analytics: aggregated, anonymized, retained for 12 months
• OTP codes: expire after 10 minutes

Data Transfers Outside the EU

Server-side AI card recognition processing may involve data transfers to the United States (OpenAI and Anthropic servers). These transfers are governed by Standard Contractual Clauses (SCCs) or equivalent safeguards in accordance with the GDPR.

Local AI processing (TFLite) is performed entirely on your device and does not involve any data transfer.

Your Rights

Under the GDPR, you have the following rights regarding your personal data:

• Right of access (Art. 15): you may request a copy of your personal data
• Right to rectification (Art. 16): you may request the correction of inaccurate data
• Right to erasure / "right to be forgotten" (Art. 17): you may request the deletion of your data. This feature is also available directly in the app via Settings > Delete Account
• Right to restriction of processing (Art. 18): you may request the restriction of processing of your data in certain circumstances
• Right to data portability (Art. 20): you may request to receive your data in a structured, machine-readable format
• Right to object (Art. 21): you may object to the processing of your data based on legitimate interest
• Right to withdraw consent: where processing is based on your consent, you may withdraw it at any time
• Right to lodge a complaint: you have the right to lodge a complaint with the CNIL (Commission Nationale de l'Informatique et des Libertés, the French data protection authority) — www.cnil.fr

To exercise any of these rights, you may contact us at: [email protected]. We will respond to your request within one month.

Data Storage and Security

• Your collection data is synced to MongoDB servers hosted in Europe
• All communications are encrypted via TLS/HTTPS
• Authentication tokens are stored securely on your device (FlutterSecureStorage)
• We implement appropriate technical and organizational measures to protect your data against unauthorized access, alteration, disclosure, or destruction

Children's Privacy

Our App is not intended for children under the age of 16, in accordance with the minimum age requirement under the GDPR in France. We do not knowingly collect personal data from children under 16.

If we discover that data from a child under 16 has been collected, it will be promptly deleted. Parents or legal guardians may contact us at [email protected] to request the deletion of such data.

Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. We encourage you to review this page regularly.

Contact Us