Privacy Policy

Last Updated: January 28, 2026

At Jose Vault, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our digital card management service.

Important Security Notice

Jose Vault is a demonstration project. While we implement security measures, this application should NOT be used to store real, sensitive financial information in a production environment. For production use, additional security measures including password hashing, HTTPS enforcement, and enhanced encryption are required.

1. Information We Collect

1.1 Personal Information

When you create an account, we collect:

Username: Your chosen display name
Email Address: For account identification and communication
Age: To ensure compliance with age restrictions
Password: For account authentication (stored in plain text - NOT recommended for production)

1.2 Card Information

When you add cards to your vault, we collect:

Card Number: The full 16-digit card number
Cardholder Name: The name on the card
Expiry Date: The card's expiration date (MM/YY format)
CVV: The 3-digit security code
Card Color: Your chosen background color for the card

1.3 Automatically Collected Information

We may automatically collect:

Browser Information: Browser type, version, and language
Device Information: Device type, operating system, and screen resolution
Usage Data: Pages visited, features used, and time spent on the service
IP Address: Your internet protocol address (for security purposes)

2. How We Use Your Information

We use the collected information to:

Provide the Service: Store and display your card information securely
Account Management: Create, maintain, and authenticate your account
Improve the Service: Analyze usage patterns to enhance user experience
Security: Detect and prevent fraudulent activities and unauthorized access
Communication: Send important updates, security alerts, and service notifications
Compliance: Meet legal and regulatory requirements

3. Data Storage and Security

3.1 Storage Location

Your data is stored in:

Google Sheets: Backend database for user accounts and card information
Browser Local Storage: Session data and user preferences (stored locally on your device)

3.2 Security Measures

We implement the following security measures:

Data Encryption: Information is encrypted during transmission
Access Controls: Limited access to backend systems
Secure APIs: Google Apps Script with restricted permissions
Toggle Visibility: Card details are masked by default

3.3 Security Limitations

Please Note: This is a demonstration project with the following limitations:

Passwords are stored in plain text (NOT hashed)
No HTTPS enforcement in development mode
Limited rate limiting and brute-force protection
No two-factor authentication

For production use, these security measures MUST be implemented.

4. Data Sharing and Disclosure

4.1 We Do NOT Sell Your Data

Jose Vault does NOT sell, rent, or trade your personal information to third parties for marketing purposes.

4.2 Third-Party Services

We use the following third-party services:

Google Sheets & Apps Script: For data storage and backend functionality
Subject to Google's Privacy Policy
FontAwesome: For icons and visual elements
Subject to FontAwesome's Privacy Policy

4.3 Legal Requirements

We may disclose your information if required to:

Comply with legal obligations or court orders
Protect our rights, property, or safety
Prevent fraud or illegal activities
Respond to government requests

5. Your Data Rights

You have the following rights regarding your data:

5.1 Access

You can access all your stored card information through the dashboard at any time.

5.2 Modification

You can update your account information and card details through the user interface.

5.3 Deletion

You can delete individual cards or request complete account deletion by:

Deleting cards individually from the dashboard
Contacting us to delete your entire account

5.4 Data Portability

You can request a copy of your data in a machine-readable format.

5.5 Opt-Out

You can opt out of non-essential communications at any time.

6. Cookies and Tracking

6.1 Local Storage

We use browser local storage to:

Maintain your login session
Remember your preferences
Store user email for convenience

6.2 No Third-Party Cookies

Jose Vault does NOT use third-party cookies for advertising or tracking purposes.

7. Data Retention

We retain your data:

Account Data: Until you delete your account
Card Information: Until you manually delete the cards
Session Data: Until you log out or clear browser storage
Logs: For up to 90 days for security and debugging purposes

8. Children's Privacy

Jose Vault requires users to be at least 13 years old. We do not knowingly collect personal information from children under 13. If we discover that a child under 13 has provided us with personal information, we will delete it immediately.

9. International Users

Your data may be stored and processed in any country where we or our service providers operate. By using Jose Vault, you consent to the transfer of your information to countries outside your country of residence, which may have different data protection laws.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Changes will be:

Posted on this page with an updated "Last Updated" date
Effective immediately upon posting
Communicated via email for significant changes

Your continued use of the service after changes constitutes acceptance of the updated policy.

11. Your Consent

By using Jose Vault, you consent to:

The collection and use of your information as described in this Privacy Policy
The storage of your data in Google Sheets
The use of browser local storage for session management

12. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or your data, please contact us:

Email: privacy@josevault.com (placeholder)
GitHub Issues: Report Privacy Concerns
Repository: github.com/yousumohamed/Debit-Card-Colection-Sheetbase-GIT

13. Security Best Practices for Users

To protect your account, we recommend:

Use a Strong Password: At least 12 characters with mixed case, numbers, and symbols
Don't Share Credentials: Never share your password with anyone
Log Out: Always log out when using shared or public devices
Clear Browser Data: Regularly clear browser cache and local storage
Monitor Activity: Regularly review your stored cards for unauthorized changes
Use Secure Networks: Avoid using public Wi-Fi for accessing sensitive information

Production Security Recommendations

If deploying Jose Vault in a production environment, implement:

Password hashing (bcrypt, Argon2, or similar)
HTTPS/SSL encryption for all connections
Two-factor authentication (2FA)
Rate limiting and brute-force protection
Regular security audits and penetration testing
Encrypted database storage
Session timeout and automatic logout
GDPR and CCPA compliance measures

By using Jose Vault, you acknowledge that you have read and understood this Privacy Policy and agree to its terms.

Return to Documentation