CardPicker

Privacy Policy

Last updated: March 18, 2025

1. Overview

CardPicker ("we," "us," or "our") is a free credit card rewards optimization tool operated by The Button Factory. We take your privacy seriously. This policy explains exactly what data we collect, how we use it, and how we protect it. The short version: we collect the minimum necessary to provide recommendations, we store nothing permanently, and we never sell your data.

2. Information We Collect

2a. Via Plaid (Bank Connection)

When you connect your bank account through Plaid, we receive read-only access to:

  • Transaction history (amount, date, merchant name, and Plaid's assigned category)
  • Account type (checking, savings) — used only to confirm it's a transaction-bearing account

We do not receive your bank account numbers, routing numbers, Social Security Number, credit score, or any other personally identifiable information (PII) beyond what Plaid provides in the transaction feed. We request read-only permissions and cannot initiate transactions, move funds, or make any changes to your accounts.

2b. Via CSV Upload

If you upload a CSV file, we process the transaction data you provide (amounts, dates, merchant names). The file is read in memory only and never written to disk on our servers beyond the life of your request.

2c. Usage Analytics

We use Plausible Analytics — a privacy-first analytics provider — to collect aggregate, anonymized page view data. Plausible does not use cookies, does not track individuals across sites, and does not collect any personal information. No IP addresses are stored. See Plausible's privacy policy for details.

3. How We Use Your Data

Your transaction data is used solely to:

  • Categorize your spending across standard categories (dining, groceries, travel, etc.)
  • Calculate estimated annual rewards for each card in our database
  • Generate a ranked list of credit card recommendations personalized to your spending

We do not use your data for advertising, profiling, training machine learning models, or any purpose other than generating your recommendations.

4. Data Storage and Retention

Your transaction data is stored in-memory only, associated with a server-side session. Specifically:

  • Session TTL: 1 hour. Your session and all associated transaction data are automatically deleted after 1 hour of inactivity.
  • No persistent database storage. Your transactions are never written to a persistent database. They exist only in server memory for the duration of your session.
  • No backups. Because data is in-memory only, it is not included in any database backups.
  • Instant deletion available. You can delete your session data at any time by clicking "Delete My Data" on the results page. This immediately clears all your transaction data from our servers.

5. Third-Party Services

Plaid

Bank connections are powered by Plaid Inc. ("Plaid"). When you connect your bank, you authenticate directly with Plaid — CardPicker never sees your bank login credentials. Plaid is SOC 2 Type II certified and used by thousands of financial applications. Your use of Plaid is subject to Plaid's End User Privacy Policy.

OpenAI (Smart Categorization)

When you use our "Smart Categorize" feature, merchant names from your transactions may be sent to OpenAI's API to improve category accuracy. Only merchant names are sent — no amounts, dates, or account identifiers. OpenAI's usage policies govern how they handle API data. We do not send transaction data to OpenAI for any other purpose. See OpenAI's API Data Usage Policy.

Vercel

CardPicker is hosted on Vercel. Vercel may log standard HTTP request metadata (IP address, user agent, timestamps) for security and performance monitoring, as described in Vercel's Privacy Policy. These logs are retained per Vercel's standard policies and are not accessible to us in identifiable form.

6. Data Sharing

We do not sell, rent, or share your transaction data with any third parties except as described in Section 5 (service providers necessary to operate the application). We will not share your data in response to law enforcement requests unless legally required — and given our in-memory-only storage model, we typically would not have data to provide after your session expires.

7. Your Rights

You have the right to:

  • Delete your data immediately — click "Delete My Data" on the results page at any time
  • Disconnect Plaid access — visit my.plaid.com to revoke CardPicker's access to your bank account
  • Know what we have — since we only hold session data and it auto-deletes, you can contact us to confirm the status of any data

8. Security

All data in transit is encrypted via TLS/HTTPS. We do not store transaction data on disk or in a persistent database. Session tokens are cryptographically random and expire after 1 hour. We do not store Plaid access tokens beyond the life of a session.

9. Children's Privacy

CardPicker is not directed at children under 13. We do not knowingly collect information from children under 13. If you believe a child has provided us with personal information, please contact us immediately.

10. Changes to This Policy

We may update this privacy policy from time to time. Material changes will be noted by updating the "Last updated" date at the top of this page. Continued use of CardPicker after changes constitutes acceptance of the updated policy.

11. Contact Us

Questions about this privacy policy? Contact us at: claudito@thebuttonfactory.com