We protect your data.
We respect your choices.

Overview

At KemyCard, we take data privacy very seriously. We want to be transparent about what information we store, how we use it, and how we protect it.

All services are provided as SaaS by Kemygroup LLC, a US legal entity registered in Delaware. For any access requests, questions or inquiries about how we use your personal information, please contact us at [email protected].

KemyCard (Kemygroup LLC and its subsidiaries/affiliates) values the trust you place in us. This policy explains what personal information we collect, why we collect it, and what we do with it.

Definitions

• Account — a KemyCard account.
• Cookies — small data files used to remember login, IP, traffic, visits, browser/device info, timestamps.
• KemyCard — Kemygroup LLC and its subsidiaries/affiliates.
• Personal Information — any data identifying a person (e.g., email, company, payment details, government-issued ID), plus pseudonymous data linked to you (IP, device, location, transaction data).
• Sites — our platforms (apps, websites, social accounts).
• User — anyone using our services or accessing the Sites.
• Special categories — sensitive data per GDPR (e.g., health, biometrics, political opinions).
• Affiliate (corpo) — an entity under common control (≥ 50% voting power).
• Company (CCPA/CPRA) — Kemygroup LLC as the business collecting consumer data in California.
• Consumer (CCPA/CPRA) — California resident per law.
• Country — Delaware, United States.
• Data Controller (GDPR) — Kemygroup LLC deciding purposes/means of processing.
• Device — any device accessing the Service.
• Do Not Track (DNT) — a browser setting for limiting online tracking.
• GDPR — EU General Data Protection Regulation.
• Service — the Website and related services.
• Service Provider — a processor acting on our behalf.
• Usage Data — data collected automatically (e.g., page duration).
• Website — KemyCard, available at www.kemycard.com.
• You — the individual/legal entity using the Service (also “Data Subject”).

Purpose

This statement explains the types of personal information we collect, the purposes for which we collect it, who we may share it with, and the steps we take to protect it.

Information we may collect

• Information you provide via forms, email, chat, phone (e.g., signup details, support messages). We may keep relevant records.
• Website visits — we collect IP addresses for fraud and abuse detection.
• Retargeting data — see “Retargeting” below.
• Payment information — processed by our payment partners. We do not store card PANs on our servers.

How we use personal information

• Provide and support requested services.
• Send newsletters and service updates (you can opt out of marketing).
• Perform contractual obligations.
• Operate and secure our Sites; monitor fraud.
• Improve our products through analytics and research.
• Determine regional settings (e.g., currency suggestions).
• Run retargeting (see below).

Retargeting

We may use retargeted advertising (e.g., Facebook/Google) so you may see our ads on other sites.

• Cookie/Pixel — a provider may read/place an anonymous cookie/pixel when you visit our site (subject to your browser settings).
• Email-based matching — we may hash/share your email with providers for feature updates or exclusion lists (so existing customers don’t see acquisition ads).

You can control browser settings to limit cookies or opt out via provider tools, where available.

Data security

• Secure servers, firewalls, encryption; access limited to authorized personnel.
• Keep your password secret; do not share it.
• Internet transmission is never 100% secure; we apply reasonable safeguards to protect your data.

Data retention

• We retain personal data as long as needed to provide services and meet legal obligations.
• After account closure, data may be kept as required for compliance, fraud prevention, or legal purposes (per applicable retention laws).

Marketing

We use your information to send product updates, offers and surveys. You can opt out of marketing at any time (you may still receive transactional messages).

Your data protection rights

• Right to know/access — how we use your data and to request copies.
• Right to deletion — request erasure (subject to legal obligations/legitimate interests).
• Right to rectification — correct inaccurate/incomplete data.
• Right to object/withdraw consent — to certain processing or marketing; withdrawal does not affect prior lawful processing.
• Account deactivation — request via [email protected].
• We may verify your identity to process requests.

Cookies

We use cookies to distinguish users and improve our services. You can control cookies in your browser. Disabling cookies may limit some features.

Minors

Our websites and applications are not intended for individuals under 18. If you believe we collected data from a minor, contact us to remove it.

International data transfers

Your information may be stored/processed in countries where we operate, which may have different data-protection laws. We take reasonable steps to secure transfers and use appropriate safeguards (e.g., standard contractual clauses) where required.

Updates to this policy

We may update this Privacy Policy to reflect new services or legal changes. Updates will be posted here. If changes materially affect you, we will notify you online and/or by email. Continued use of our services constitutes acceptance.