← My Proposal Card

Privacy Policy

Effective date: March 24, 2026

1. Overview

My Proposal Card ("we", "us", or "our") operates the website at https://myproposalcard.com (the "Service"). This Privacy Policy explains how we collect, use, and protect your personal information when you use our Service. By using My Proposal Card, you agree to the practices described in this policy.

2. Information We Collect

  • Email address — collected when you sign in via email OTP
  • Phone number — optionally provided in your profile for private SMS connections
  • Profile information — display name, bio, location, photo URL, and links you choose to share publicly on your card
  • Contact request data — name, contact information, and message submitted by people requesting to connect with you
  • Card scan data — IP address and user agent logged when your public card is visited via QR code
  • Messages — in-app messages exchanged between connected users

3. How We Use Your Information

  • To authenticate you via email one-time password (OTP)
  • To display your public profile card at your chosen URL
  • To facilitate private connection requests and messaging between users
  • To send SMS notifications via a masked phone number when a connection is approved
  • To notify your designated guardian (Wali) of new connection requests, if you have enabled this feature
  • To maintain session security and prevent abuse

4. SMS Messaging

If you participate in a private SMS connection, your real phone number is never shared with the other party. All SMS messages are routed through a masked Twilio phone number. Message and data rates may apply. You can opt out of SMS at any time by replying STOP to any message. For help, reply HELP.

By submitting a contact request form on this platform, you consent to receive transactional SMS messages related to your connection request. No marketing or promotional SMS messages will be sent.

5. Data Sharing

We do not sell your personal information. We share data only with:

  • Supabase — database hosting (PostgreSQL)
  • Twilio — SMS delivery and phone number masking
  • Resend — transactional email delivery (login codes, notifications)
  • Vercel — web hosting and serverless infrastructure

All third-party providers are bound by their own privacy policies and data processing agreements.

6. Data Retention

  • OTP codes expire after 10 minutes and are marked used upon verification
  • Sessions expire after 7 days
  • Proxy SMS connections expire after 72 hours
  • You may delete your account and all associated data by contacting us

7. Your Rights

You have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your account and data
  • Opt out of SMS communications by replying STOP

To exercise these rights, contact us at the email below.

8. Security

We use industry-standard security measures including HTTPS encryption, httpOnly session cookies, and database-level session revocation. No method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by updating the effective date at the top of this page.

10. Contact

For privacy questions or data requests, contact us at: privacy@myproposalcard.com