The Card Crush Privacy Policy explains what personal information may be collected, how it may be used, how it may be disclosed, what privacy choices are available, and how users can exercise their rights. The policy applies to the wider Card Crush service, including the website, Customer Accounts, Games, Tournaments, and related interactions.
The Privacy Policy also states that it operates within the broader legal framework of the Terms of Service, including the arbitration provisions described there.
This policy applies to personal information collected directly from you, collected automatically when you use the site, or received from other sources in connection with Card Crush services.
For the wider legal structure that this policy sits inside, review the terms of service.
Card Crush states that the types of information collected depend on how you interact with the site and services. The policy lists a wide range of categories.
| Category | Examples | Why It Matters |
|---|---|---|
| Identifiers | Name, email, phone number, address, ID number, government-issued documents | Used for account creation, verification, and contact |
| Profile Data | Username, password, user ID, social profile details | Supports account access and account management |
| Financial Information | Card details, bank details, proof of payment, proof of address, source of funds documents | Used for purchases, verification, and compliance checks |
| Commercial Data | Purchases, transactions, visit frequency, participation in games or promotions | Used to operate services and track activity |
| Internet and Network Activity | IP address, device fingerprint, browser type, operating system, clickstream data | Used for analytics, security, and service delivery |
| Geolocation Data | Approximate location based on IP address | Supports service availability checks and user experience |
| Usage Data | Session activity, time on site, favorite games, referring pages, email opens and clicks | Used for analytics and improvement |
| Marketing and Communications Data | Preferences, campaign data, consent settings, click-through behavior | Used for communications and promotional activity |
| Audio and Visual Information | Call recordings, photos for social media, photos for ID verification | Used for support, verification, and communications |
| Biometric Information | Faceprint and facial geometry used for ID verification | Used for identity checks and fraud prevention |
| Inference Data | Inferences drawn from other personal information | Used for analysis, personalization, and service operation |
The Privacy Policy says Card Crush may collect information that could be considered Sensitive Personal Information under applicable law, including government-issued identification and biometric information.
| Type | Stated Use | Retention Rule |
|---|---|---|
| Government-Issued ID | Identity verification, payment checks, legal compliance | Retained as long as reasonably necessary for the purpose collected, compliance, or legal support |
| Biometric Information | Identity verification, fraud prevention, service improvement, legal compliance | Retained until the original purpose is fulfilled or until 3 years after the last interaction, whichever happens first, unless longer retention is legally required |
The policy says Card Crush collects personal information in more than one way. Some information is provided directly by users, some is collected automatically, and some may come from third parties.
| Source | How It Comes In | Example |
|---|---|---|
| Directly From You | You provide the data yourself | Registering an account, making a purchase, uploading ID, sending a message |
| Automatically | The site collects technical and usage data while you browse or interact | Cookies, IP address, clickstream data, device information |
| From Third Parties | Other services send or expose information to Card Crush | Payment processors, social login providers, advertising partners, hosting platforms |
Card Crush states that it and its service providers use cookies, pixels, and other tracking technologies to recognize browsers or devices, remember activity, and measure user behavior on the site and in messages.
| Tracking Tool | What It Does | User Control |
|---|---|---|
| Cookies | Remember activity, support login continuity, and help measure site use | You can refuse some or all cookies in your browser settings |
| Pixel Tags | Detect page visits and email opens | You cannot directly decline pixel tags, but disabling cookies or external images can reduce tracking |
| Click-Through URLs | Track clicks from emails, SMS, or other messages to measure interest and effectiveness | You can avoid clicking tracked links |
| Google Analytics | Measures visitor behavior and supports analytics and ad relevance | You can use browser settings, Google-specific controls, or Google opt-out tools |
| Do Not Track | Browser DNT signals are not honored by the site | No direct DNT-based opt-out is provided |
The Privacy Policy says Card Crush uses personal information to operate the services, verify accounts, process purchases, improve the site, communicate with users, and comply with legal and fraud-prevention duties.
| Use Case | Stated Purpose | Legal Basis Theme |
|---|---|---|
| Service Delivery | Operate the site, accounts, games, and tournaments | Contract and legitimate interests |
| Verification | Verify identity, payment details, and account information | Legal obligation and contract |
| Purchases | Process and manage transactions | Contract |
| Support | Answer messages, tickets, and account questions | Contract and legitimate interests |
| Analytics and Improvement | Measure, troubleshoot, test, and improve the site and services | Legitimate interests |
| Marketing | Send offers, updates, insights, and advertising communications | Consent and legitimate interests |
| Security and Compliance | Prevent fraud, cooperate with authorities, and comply with legal requirements | Legal obligation and legitimate interests |
The policy says Card Crush discloses personal information to third parties for service delivery, contract fulfillment, and the purposes described in the policy. It also says the company does not share or sell personal information except as expressly set out in the Privacy Policy itself.
| Recipient Type | Why Data May Be Shared | User Impact |
|---|---|---|
| Service Providers | Hosting, identity checks, anti-fraud, billing, payment processing, marketing, support, QA, and back-office services | These providers may process data on Card Crush’s instructions |
| Internal Third Parties | Affiliates, successors, predecessors, assigns, licensees, and business partners | Data may move within the broader corporate or business structure |
| Business Transaction Parties | Investment, merger, acquisition, or asset sale processes | Your data may be part of a transferred business asset set |
| Authorities and Legal Process | Compliance with law, legal process, investigations, and protection of rights or safety | Data may be disclosed where legally required or reasonably necessary |
| Game and Tournament Notices | Transparency around wins or triggered events | Some pseudonymized information may be shown publicly |
| User Public Disclosures | User actions on forums, social media, or shared spaces | Information may become public if you choose to disclose it there |
This is one of the more important privacy sections. The policy says Card Crush does not share or sell personal information except as expressly set out in the policy. At the same time, it also says some disclosures may be considered “selling” or “sharing” under applicable law.
| Issue | Stated Position | Opt-Out Path |
|---|---|---|
| Minors Under 16 | The company says it does not knowingly sell or share their personal information | No special action required if no sharing has occurred |
| Advertising and Analytics Sharing | Some disclosures to advertising partners, marketing partners, and analytics companies may be deemed selling or sharing | Email [email protected] |
| Cross-Brand Promotions | Disclosures to affiliated brands for promotional purposes may also be deemed selling or sharing | Email [email protected] |
| Browser-Based Signal | The policy supports Global Privacy Control where supported by the browser | Enable GPC in a compatible browser |
Card Crush says it may contact users by email, direct mail, phone, text, or push notification depending on communication settings and consent. The policy also gives separate opt-out methods by channel.
| Channel | How to Opt Out | What Still Continues |
|---|---|---|
| Profile settings, unsubscribe link, [email protected], or a Privacy Query ticket | Operational and informational emails may still continue | |
| Direct Mail | Ask to be removed from the mailing list or contact [email protected] or Customer Support | Processing may take a short time |
| Text Messages and Calls | Profile settings, reply STOP to texts, or opt out during the call | Some confirmation messages may still be sent |
| Push Notifications | Change settings on your device | Only device-level push preferences are affected |
The Privacy Policy includes a California privacy rights section and a broader rights section for users in jurisdictions that provide additional rights.
| Right | What It Covers | Important Limit |
|---|---|---|
| Right to Know / Access | Ask what personal information is collected, from what sources, for what purpose, and with whom it is disclosed | Some requests are limited in frequency |
| Right to Correct | Ask to correct inaccurate personal information | The company may need to verify the new information |
| Right to Delete | Ask for deletion of personal information | Exceptions may apply under law or contract |
| Right to Portability | Request a copy of data in a portable format where technically feasible | Frequency limits may apply |
| Right to Opt Out | Opt out of targeted advertising, sale of personal information, or certain profiling | Applies only where required by law or extended by the company |
| Right to Limit Sensitive Data Use | Request limits on the use or disclosure of sensitive personal information | Tied to legal availability under applicable law |
| Right to Withdraw Consent | Withdraw consent where processing is based on consent | Earlier lawful processing remains valid |
| Right to Appeal | Appeal a refusal to act on a privacy request | The appeal deadline is limited |
| Right to Non-Discrimination | Protection against discrimination for exercising privacy rights | Applies within the scope allowed by law |
Card Crush says privacy requests can be made by email or by raising a Privacy Query ticket with Customer Support. The request must be verifiable before the company will respond with protected information.
| Requirement | What to Include | Why It Is Needed |
|---|---|---|
| Identity Details | Full legal name, email, and phone number | Used to verify that the request relates to the correct person |
| Request Detail | A clear description of the request | Helps the company understand and evaluate the request properly |
| Authorized Agent Details | Full legal name of the represented party and supporting authority documents | Required when someone acts on behalf of another person |
| Response Timing | Usually within 45 days | The company may extend up to 90 days if more time is needed |
| Appeal Timing | Appeal by email within 15 calendar days of a refusal decision | Late appeals may not be honored |
| Fees | No fee unless the request is excessive, repetitive, or manifestly unfounded | The company says it will explain any fee before completing the request |
If you need help with a Privacy Query ticket or account-side follow-up, contact Customer Support.
Card Crush says it uses commercially reasonable physical, electronic, and administrative measures to protect personal information. At the same time, it also says no internet transmission can be guaranteed to be completely secure.
It applies to the Card Crush website, related applications, Customer Accounts, Games, Tournaments, purchases, communications, and related dealings with the service.
The policy lists identifiers, profile data, financial data, commercial data, internet and network activity, geolocation data, usage data, marketing and communications data, audio and visual data, biometric information, and inference data.
Yes. The policy says sensitive personal information may include government-issued identification and biometric information such as a faceprint used for ID verification.
The policy says biometric information may be used to verify identity, prevent fraud, improve products and services, and comply with legal obligations.
The stated rule is until the original purpose is achieved or until 3 years after your last interaction with Card Crush, whichever happens first, unless a longer legal retention period applies.
The policy says data may be collected automatically through cookies, pixels, click-through tracking, analytics tools, and other technical tracking methods when you use the site or services.
Yes. The policy says Card Crush and its service providers use cookies, pixels, and other tracking technologies to recognize devices, remember activity, and measure site and message performance.
No. The policy says the website does not respond to browser Do Not Track signals.
Yes. The policy says Card Crush uses Google Analytics cookies to better understand site visitors and usage behavior.
The policy says data may be disclosed to service providers, internal third parties, business transaction parties, legal authorities, and in some cases through public game or user disclosures.
Yes. The policy says some disclosures to advertising partners, affiliated marketing partners, and digital analytics companies may be deemed selling or sharing for targeted advertising purposes.
The policy says you can opt out by emailing [email protected]. It also says you can enable Global Privacy Control if your browser supports it.
You can use profile settings, unsubscribe tools, reply STOP to text messages where applicable, or contact [email protected] or Customer Support using the methods described in the policy.
The policy says California users may have rights to know, delete, correct, opt out of sale or sharing, limit the use of sensitive personal information, and avoid discrimination for exercising those rights.
Send a verifiable request to [email protected] or raise a Privacy Query ticket with Customer Support, including enough information to verify identity and understand the request.
The policy says Card Crush aims to respond within 45 days and may extend that period up to 90 days if needed, with written notice of the reason for the extension.
Yes. The policy says you can appeal by emailing [email protected] within 15 calendar days from receiving the refusal decision, where applicable.
The policy states that privacy questions should be sent to [email protected].
© 2026 CardCrush All rights reserved