Effective date: July 3, 2026
Version: privacy-2026-07-03
1. Who we are
GenieCard LLC ("GenieCard," "we," "us," or "our") is a Florida limited liability company that operates Genie Card — a software-as-a-service platform at geniecard.ai.
Genie Card lets professionals and businesses create AI-powered digital business cards. Each card has a unique link and QR code. When someone visits the card, they can chat with an AI assistant that answers questions, captures leads, and routes interest into a CRM — without downloading an app.
Website: https://geniecard.ai
Privacy contact: privacy@geniecard.ai
General contact: admin@geniecard.ai
2. Scope and roles
This Privacy Policy describes how GenieCard processes personal data when you:
- Create or use a tenant admin account on our admin portal
- Visit our marketing website
- Interact with public chat experiences powered by Genie Card on behalf of a business customer
Important — controller vs processor:
| Context | Who is the controller | GenieCard's role |
|---|---|---|
| Tenant admin accounts, billing, platform security | GenieCard LLC | Controller |
| End-customer chat, CRM data, knowledge base content uploaded by a tenant | The tenant business | Processor (on tenant instructions) |
When you chat with an AI assistant on a business card, the business that owns the card is typically the controller of your conversation data. That business may publish its own privacy notice. GenieCard processes that data to provide the service.
3. Personal data we collect
3.1 Account and billing data (controller)
- Name, email address, Firebase user identifier
- Organization/tenant name and configuration
- Subscription and billing metadata (payment card details are handled by Stripe; we do not store full card numbers)
- Language preferences and notification settings
- Support communications
3.2 Service usage and security (controller)
- Authentication logs and coarse location derived from IP (hashed where possible)
- Error diagnostics and performance telemetry (subject to cookie consent)
- Consent records (what you agreed to, when, and document version)
3.3 Tenant-controlled customer data (processor)
When a tenant uses Genie Card, we process data their visitors provide, including:
- Chat messages and voice interactions
- Contact details shared in conversation (name, email, phone, etc.)
- CRM records extracted from conversations
- Files uploaded to knowledge bases
- Push notification tokens (if enabled)
Tenants configure retention and use of this data. See our Data Retention Schedule.
4. How we use personal data
| Purpose | Lawful basis (EU/UK) | US basis |
|---|---|---|
| Provide the SaaS platform | Contract | Service delivery |
| Authentication and security | Legitimate interest / contract | Security |
| Billing and tax records | Legal obligation / contract | Business records |
| Product improvement (aggregated/de-identified) | Legitimate interest | Business operations |
| Marketing emails to admins | Consent | CAN-SPAM opt-in |
| AI chat inference | Processor: tenant instructions; Controller: contract | Service delivery |
We do not use your tenant customer chat content to train public foundation models unless explicitly agreed in writing.
5. AI processing
Genie Card uses Google Gemini models via Google Cloud Vertex AI to power conversational agents, CRM extraction, and related features. Prompts may include chat history, card context, and knowledge-base search results. See our AI Transparency Notice.
6. Cookies and similar technologies
We use strictly necessary cookies for authentication and security. Analytics and session replay require your consent where required by law. See our Cookie Policy.
7. Subprocessors and international transfers
We use trusted service providers listed in our Subprocessor List, including Google Cloud, Firebase, Stripe, and Sentry. Data may be processed in the United States. For transfers from the EEA/UK, we rely on Standard Contractual Clauses and related safeguards. Enterprise customers may request a Data Processing Agreement.
8. Retention
We retain personal data only as long as necessary for the purposes described or as required by law. See our Data Retention Schedule for category-specific periods.
9. Your rights
Depending on your location, you may have rights to access, correct, delete, restrict, or port your data, and to object to certain processing.
- Platform account holders: Use account settings or contact privacy@geniecard.ai
- Public chat visitors: Contact the business whose card you used, or submit a Privacy Request and we will route your request appropriately
EU/UK residents may lodge a complaint with their local supervisory authority.
10. Security
We implement administrative, technical, and organizational measures including encryption in transit, tenant isolation, access controls, and monitoring. No method of transmission over the Internet is 100% secure.
11. Children
Genie Card is a business tool not directed to children under 13 (or 16 in the EU where applicable). We do not knowingly collect personal data from children.
12. Changes
We will update this policy when practices change materially and will revise the effective date and version identifier. Continued use after notice may constitute acceptance where permitted by law.
13. Contact
GenieCard LLC
Florida, United States
https://geniecard.ai
privacy@geniecard.ai