At Kardynal, we believe that innovation should never come at the cost of your privacy. Our mission is to help you shop smarter — with a secure, transparent, and privacy-respecting platform. This manifesto outlines the key principles that guide our approach to data protection, AI transparency, and system integrity.
1. Your Data, Your Rules
We start from a simple belief: your data belongs to you.
When you interact with Kardynal — whether you’re generating your card, asking the assistant for help, or making a purchase — we treat your information with the utmost respect. We never read, analyze, or use your personal data beyond what’s needed to deliver the service you expect.
You’re not the product. You’re the customer.
2. End-to-End Encryption Across the Board
All communication between you and Kardynal is encrypted using industry-leading standards (TLS 1.2+).
Payment data is encrypted at the point of entry and never stored in full on our servers.
We also encrypt any sensitive metadata (e.g. search preferences, card activity) when stored, ensuring it remains protected even in the rare event of a breach.
3. No Advertising, Ever
We don’t sell your data.
We don’t share your data.
We don’t build ad profiles.
Your interaction with Kardynal is private by design. You will never see targeted ads based on your behavior within our platform — because we don’t track you for that purpose.
4. AI With Boundaries: How We Use OpenAI
Our smart assistant is powered by a secure, third-party large language model (LLM). It helps you compare products, track purchases, and discover deals — but it does not store, reuse, or exploit what you share. The LLM is used in real-time and never trained on your personal data. We also avoid sending any personally identifiable information in assistant queries.
The assistant is here to help — not to collect.
5. Card Data Is Never Stored
We work with PCI DSS Level 1–certified payment providers to handle all transactions. This means:
• Kardynal never stores your full card number or CVC.
• Transactions are tokenized and processed via secure, compliant rails.
• Refunds are processed through the same protected systems.
5. Compliance With the Law — and Beyond
We comply fully with the UK GDPR, the Data Protection Act 2018, and other applicable privacy laws.
We also adhere to best practices from the ICO (Information Commissioner’s Office) and the European Data Protection Board. If law enforcement ever requests your data, we will only comply if legally required and will notify you wherever possible.
In Summary:
Kardynal is designed to give you power, not surveillance. We use AI to serve you, not to track you. We store what’s necessary, secure what’s sensitive, and let you stay in control.
Because we’re building not just a smarter way to shop — but a more respectful one.
.svg)
.svg)
.svg)