Cardify logo

Cardify BV ("Cardify") operates, explots and maintains certain SaaS Products and Services ( "Products and Services") for and on behalf of Cardify customers' use and benefit.

These Cardify Privacy FAQs wish to explain what processing activities are taking place in respect of information relating to individuals (as being an identified or identifiable natural person) ("Personal Data") when such individual (the "Data Subject") is interacting, directly or indirectly (e.g. through an integration or through a software client), with the Products and Services and/or certain content or information of the Cardify Customer managed thereon (see FAQ B7.).

These Cardify Privacy FAQs do NOT apply in situations other than explained above, or in the specific situations where the Cardify Privacy Policy applies.

These Cardify Privacy FAQs are always subject to i) the terms of the Agreement between Cardify and the Cardify Customer, as well, ii) the applicable polic(y)(ies) of the Cardify Customer (e.g. as being Your employer, the applicable Cardify Customer Privacy Policy,...) ("Customer Policy") that apply to Your interaction with the Products and Services and/or certain Customer Information managed thereon (see FAQ A2.).

Cardify may change these Privacy FAQs at any time, and all such changes are effective immediately upon posting a revised version of these Privacy FAQs on the Cardify website. You should review these Privacy FAQs often to stay informed of changes that may affect You. Your Interactions constitute Your continuing agreement to these Privacy FAQs, as they are amended from time to time.

Privacy FAQs


1. Applicable data protection legislations (GDPR, CCPA,...)

2. What is the aim of these Privacy FAQs & relationship with the Customer Policy?

3. What "Interactions" trigger these Privacy FAQs to be applicable?

Cardify Products and Services

1. What do the Products and Services consist of?

2. Does Cardify process Personal Data for other purposes than exploiting the Products and Services?

3. What categories of Personal Data are being processed by the Products and Services?

4. Are the Products and Services processing regulated or so-called "sensitive" Personal Data?

5. Are the Products and Services processing data regulated by the "PCI Security Standards Council"?

6. Are the Products and Services making use of automated decision-making processes?

7. What Roles / interactions exist within the Products and Services?

8. What about re-sharing Customer Information through the Products and Services?

9. Are there third-party integrations interacting with the Products and Services?

10. Which recipients may receive access to Personal Data?

11. Are the Products and Services targeted towards minors and children?

12. Is Cardify acting as Data "Processor" or Data "Controller" in respect of the Products and Services

13. Do the Products and Services involve Sub-Processors?

14. Do the Products and Services Transfer Personal Data to third countries?

15. Under what legal ground is Personal Data being processed through the Products and Services?

16. How long is Personal Data retained on the Products and Services?

C. Cardify organistion

1. What is Cardify doing in order to help its Customers comply with applicable data protection laws?

2. What security measures are used for the Products and Services?

3. Does Cardify have a Data Processing Agreement available?

E. Rights of Data Subjects

1. What rights do Data Subjects have?

2. How to exercise Your rights as Data Subject?

3. How does Cardify respond to a request from a Data Subject?

4. Where to log a complaint?