CardFinder

Privacy Policy

Effective: 1 July 2026 • Last updated: 1 July 2026

This is an English courtesy translation. The German Datenschutzerklärung is authoritative.

1. Controller

The controller under the GDPR for personal-data processing in the CardFinder app (package com.martechdm.cardfinder) is:

Martech Digital Media LTDA ("we")
CNPJ 44.803.907/0001-64
[[Street and number]]
[[Postal code, city]], Brazil
Email: contato@dicasperfeitas.com

CardFinder is a brand of Mediaholic OÜ, Tallinn, Estonia.

2. Overview

CardFinder recommends credit cards for the German market. No registration is required for the recommendation. Advertising and analytics are enabled only after you consent via the consent banner (Google UMP / IAB TCF v2). This policy describes the data processed in the process.

3. Data we process

We do not collect bank data, card numbers, or other sensitive financial data. The actual card application happens directly with the provider, outside CardFinder.

4. Purposes and legal bases

5. Consent and management

On first launch CardFinder shows a consent banner via the Google User Messaging Platform (UMP) following the IAB Transparency and Consent Framework (TCF v2), and mirrors your result to Firebase Consent Mode v2. Analytics and personalized ads are not enabled until you consent.

You can change or withdraw your consent at any time in the app under "Privacy settings". Withdrawal takes effect for the future and does not affect the lawfulness of processing carried out beforehand.

6. Recipients and services

We do not sell your data. Data is shared with card providers only through your explicit action in the app (e.g. when you are handed off to a card's application).

7. International transfers

Some processors (notably Google and AWS) may process data in the USA. Such transfers rely on appropriate safeguards under Art. 46 GDPR (EU Standard Contractual Clauses) or on the EU-US Data Privacy Framework where the recipient is certified.

8. Retention

Quiz answers are stored locally until you retake the quiz or clear app data. Analytics and crash data are retained per Google's standard periods (typically up to 14 months for events, 90 days for crash reports). Server logs are kept up to 30 days. Lead contact data is retained as long as needed to handle your request and to meet legal obligations.

9. Your rights

Under the GDPR you have, in particular, the rights to:

To exercise your rights, email contato@dicasperfeitas.com. You also have the right to lodge a complaint with a data-protection supervisory authority.

10. Managing ads and your advertising ID

You can reset your advertising ID or opt out of personalized ads in your device settings (Android: Settings → Google → Ads). In the app you can adjust your consent at any time (see section 5).

11. Minors

CardFinder is intended for people aged 18 and over. We do not knowingly collect data from minors.

12. Security

We take technical and organizational measures to protect your data, including TLS encryption of communication between the app and server and access controls in our cloud infrastructure.

13. Changes

We may update this policy. Material changes are announced in the app or on this page, with the "Last updated" date above adjusted accordingly.

14. Contact

Martech Digital Media LTDA
Email: contato@dicasperfeitas.com