CardTrezor ('we', 'us', or 'our') is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application for managing your Pokemon card collection. Please read this privacy policy carefully. If you do not agree with the terms of this privacy policy, please do not access the application.

We collect information that you provide directly to us when you: • Create an account (email address, username) • Sign in with Google (email, profile information) • Add cards to your portfolio (card information, quantities, conditions, pricing data) • Use premium features (subscription details, payment information via RevenueCat) • Contact us through the app (messages, feedback) We also automatically collect: • Device information (device type, operating system) • Usage data (features used, app performance) • Local storage data (for offline functionality)

We use the information we collect to: • Provide, maintain, and improve our services • Manage your account and portfolio • Process subscription payments and manage premium features • Send you technical notices and support messages • Respond to your comments and questions • Analyze usage patterns to improve app functionality • Protect against fraud and unauthorized access • Comply with legal obligations We DO NOT sell your personal information to third parties.

We may share your information with: • Service Providers: Firebase (authentication, database, storage), RevenueCat (subscription management), TCGdex API (card information) • Legal Requirements: When required by law or to protect our rights • Business Transfers: In connection with any merger, sale, or acquisition We do not share your personal card collection data with other users or third-party marketers.

Your data is stored securely using: • Firebase Cloud Firestore (encrypted database hosting) • Local device storage (AsyncStorage for offline access) • Industry-standard encryption for data transmission • Secure authentication via Firebase Auth and Google Sign-In While we implement reasonable security measures, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security of your data.

You have the right to: • Access: Request copies of your personal data • Rectification: Correct inaccurate or incomplete data • Erasure: Request deletion of your account and data (via Settings > Delete Account) • Data Portability: Request your data in a machine-readable format • Withdraw Consent: Opt out of data collection (may limit functionality) • Object to Processing: Object to certain data uses To exercise these rights, contact us through the app or at the email provided in the Contact section. We will respond within 30 days.

We employ various security measures including: • Encrypted connections (HTTPS/TLS) • Firebase Security Rules for database access control • Secure authentication tokens • Regular security updates • Password requirements for account protection You are responsible for maintaining the confidentiality of your account credentials. Notify us immediately of any unauthorized access.

Our service is not directed to children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us, and we will delete such information from our systems.

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy in the app and updating the 'Last Updated' date. You are advised to review this Privacy Policy periodically for any changes. Changes are effective when posted.

If you have questions or concerns about this Privacy Policy or our data practices, please contact us through: • In-app Contact Form (Settings > Contact Us) • Email: support@cardtrezor.com We will respond to privacy-related inquiries within 30 days.