Legal

Privacy Policy

Effective date: 14 May 2026  ·  Last updated: 14 May 2026

1. Who we are

SocialDeck is operated by Tom Nijbroek ("we", "us", "our"), based in Zurich, Switzerland. We are the data controller for the purposes of the Swiss Federal Act on Data Protection (nFADP) and, where applicable, the General Data Protection Regulation (GDPR).

You can reach us at support@socialdeck.id.

2. What data we collect

2.1 Data stored on your device only

The following data is created and stored exclusively on your iPhone. It never leaves your device and is never transmitted to our servers:

• Your social profile handles (e.g. LinkedIn URL, Instagram username)
• Display names you enter for your cards
• Card visibility settings and sort order
• Contact card details (name, phone number, email, company) if you create a Contact Card

2.2 Anonymous device identifier

On first launch, the app generates a random identifier (UUID v4) and stores it in the iOS Keychain. This identifier contains no personal information — it is 122 bits of random data. It is used solely to key your anonymous analytics events. If you delete the app, this identifier is lost and a new one is created on reinstall.

We do not use the Apple Advertising Identifier (IDFA) or any other advertising identifier.

2.3 App usage events (analytics)

We collect anonymous events to understand how the app is used. These events are linked to your random device identifier, not to you personally.

No handles, display names, or any content from your cards is included in these events.

2.4 Crash reports

If the app crashes, a crash report is sent to Firebase Crashlytics. This report contains technical diagnostic information (device model, iOS version, app version, stack trace) and is linked to your anonymous device identifier. It does not contain your name, email, or the content of your cards.

2.5 Data we do not collect

• Your name or email address
• Your precise or approximate location
• The social media handles or URLs stored in your cards
• Who scans your QR codes or when — QR codes link directly to the relevant social platform and our servers are not involved
• Data from other apps or websites — we do not track you across apps
• Any payment information

3. How we use your data

We use the limited data we collect for the following purposes only:

• App improvement — Understanding which features are used and how often, so we can make better product decisions.
• Stability monitoring — Diagnosing crashes and errors so we can fix them quickly.

We do not use your data for advertising, profiling, or any purpose other than operating and improving SocialDeck.

4. Legal basis for processing

We process analytics and crash data on the basis of our legitimate interest (Article 6(1)(f) GDPR) in understanding app stability and usage patterns so we can improve the product. All data processed is keyed to a random device identifier and cannot be linked back to you as an individual without additional information we do not possess.

5. Third-party services

We use the following sub-processors to operate SocialDeck:

Data transferred to providers in the United States is covered by standard contractual clauses or other appropriate safeguards. We do not sell your data to third parties.

6. Data retention

On-device data is retained until you delete the app. If you use iOS's "Offload App" feature, your data is preserved and restored when you reinstall.

Analytics events are retained for no longer than 24 months.

Crash reports are retained by Firebase Crashlytics according to Google's standard retention policies (90 days by default).

7. Requesting data deletion

You can delete all on-device data at any time by deleting the SocialDeck app from your iPhone. This permanently removes all your cards and your device identifier from the device.

To request deletion of analytics data held on our servers, email support@socialdeck.id with the subject line "Data deletion request" and include your Device ID. You can find your Device ID at the bottom of the Add Socials screen in the app — tap the copy icon to copy it. We will process your request within 30 days.

8. Data security

Your device identifier and analytics events are transmitted over encrypted HTTPS connections. Your card data (handles, display names, contact details) never leaves your device. We apply industry-standard access controls to our backend systems, including deny-all database policies that prevent direct access without server-side authorisation.

9. Your rights

Depending on your location, you may have the following rights regarding your data:

• Right of access — Request a copy of any data we hold linked to your device identifier.
• Right to erasure — Request deletion of data associated with your device identifier (see §7 above).
• Right to object — Object to processing based on legitimate interest.
• Right to data portability — Request your data in a machine-readable format.
• Right to lodge a complaint — If you are in Switzerland, you may contact the Federal Data Protection and Information Commissioner (FDPIC) at edoeb.admin.ch. EU residents may contact their local supervisory authority.

To exercise any of these rights, contact us at support@socialdeck.id.

10. Children

SocialDeck is not directed at children under 13. We do not knowingly collect data from children. If you believe a child has used the app and you have concerns, please contact us at support@socialdeck.id.

11. Changes to this policy

We may update this policy as the app evolves. Material changes will be communicated via the app's release notes and by updating the effective date at the top of this page. Continued use of the app after changes are posted constitutes acceptance of the updated policy.