My Backup Card

Privacy Policy

Last updated: March 20, 2026

1. Introduction

My Backup Card ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service. Please read this Privacy Policy carefully. If you do not agree with the terms of this Privacy Policy, please do not access the Service.

2. Information We Collect

2.1 Account Information

When you create an account, we collect:

  • Email address (required for account creation and authentication)
  • Password (stored in encrypted form by our authentication provider)
  • Account creation timestamp

2.2 Vault Data

You may choose to store various types of information in your vaults, including:

  • Profile information (name, date of birth)
  • Medical information (blood type, allergies, conditions, medications)
  • Emergency contacts
  • Public data (information accessible via QR code without password)
  • Private data (encrypted information requiring a passphrase)

Important: All vault data is encrypted using AES-GCM encryption before it leaves your browser. We use a zero-knowledge architecture, meaning we cannot access your unencrypted vault data. All encryption and decryption occurs client-side.

2.3 Usage Information

We automatically collect certain information when you use the Service:

  • IP address
  • Browser type and version
  • Device information
  • Pages visited and time spent on pages
  • Referring website addresses

2.4 Cookies and Local Storage

We use local storage to maintain your login session. We also use cookies and similar tracking technologies through third-party services (Google Analytics, and potentially Facebook Pixel) to analyze usage patterns and improve the Service. You can control cookie preferences through your browser settings.

3. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve the Service
  • Authenticate your identity and manage your account
  • Store your encrypted vault data
  • Respond to your inquiries and provide customer support
  • Analyze usage patterns to improve the Service
  • Detect, prevent, and address technical issues and security threats
  • Comply with legal obligations

4. Data Storage and Security

Your data is stored on Cloudflare's global edge network. We implement appropriate technical and organizational measures to protect your data, including:

  • Client-side encryption using AES-GCM before data transmission
  • Secure HTTPS connections for all data transmission
  • Encrypted storage of account credentials
  • Regular security assessments and updates

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee absolute security.

5. Third-Party Services

We use the following third-party services that may collect information:

  • Google Analytics: Analyzes website usage. Their privacy policy: https://policies.google.com/privacy
  • Facebook Pixel: May be used for advertising purposes. Their privacy policy: https://www.facebook.com/privacy/explanation

These third-party services have their own privacy policies. We encourage you to review them.

6. Data Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information only in the following circumstances:

  • Service Providers: With third-party service providers who perform services on our behalf
  • Legal Requirements: When required by law, court order, or governmental authority
  • Protection of Rights: To protect our rights, property, or safety, or that of our users or others
  • Business Transfers: In connection with any merger, sale, or transfer of assets

7. Your Rights and Choices

You have the right to:

  • Access: Request access to your personal information stored in our systems
  • Correction: Update or correct your account information through the Settings page
  • Deletion: Delete your account and all associated data through the User Settings page. Data will be permanently deleted within 24 hours
  • Data Portability: Export your vault data before account deletion
  • Opt-Out: Disable cookies through your browser settings (may affect Service functionality)

8. Data Retention

We retain your personal information for as long as your account is active or as needed to provide the Service. When you delete your account, all associated data will be permanently deleted within 24 hours. We may retain certain information as required by law or for legitimate business purposes (e.g., to resolve disputes, enforce agreements).

9. Children's Privacy

The Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.

10. International Users

The Service is operated from the United States. If you are accessing the Service from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States. By using the Service, you consent to the transfer of your information to the United States.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by updating the "Last updated" date at the top of this page. Your continued use of the Service after such modifications constitutes acceptance of the updated Privacy Policy.

12. Contact Us

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us at: privacy@MyBackupCard.com