FAQ

Frequently asked questions.

Everything people actually ask. Last updated .

Does Cryptocardium collect government ID?

No. Cryptocardium never asks for a passport, national ID, driving licence, selfie, proof of address, source of funds or tax identification number. None of these are collected at signup, top-up, card issuance, or withdrawal.

What does Cryptocardium actually collect?

Only what is strictly required to operate the card programme: email address, bcrypt password hash, account balance, card metadata (BIN, last 4 of PAN, limits, MCC rules), transaction history at the issuer, IP for security analytics, and an audit log of significant account events.

Is data shared with third parties?

Card transaction data is shared with our licensed card-issuing partner, Visa, Mastercard and the acquiring banks that process authorisations — this is intrinsic to the card rails. No data is shared for advertising, data resale or analytics outside of operational security and fraud prevention.

How long is data retained?

You can request a copy of your data, ask for corrections, or request deletion. Submit the request from the authenticated ticket system at /contact. Some financial records must be retained by our issuing partner for the period required by their regulators.

How do I exercise my data rights?

You can request data export, correction or deletion through the authenticated ticket system at /contact. Account deletion erases all data Cryptocardium controls; transaction records held by the issuing partner are subject to their retention obligations.

Does Cryptocardium use tracking cookies?

No third-party advertising or analytics cookies. The site uses a single first-party session cookie (CCMSESS) marked Secure, HttpOnly and SameSite=Lax. There is no fingerprinting, no cross-site tracker, and no Google Analytics.