Back to Home

Privacy Policy

Last updated: February 27, 2026

1. Data Controller

The data controller responsible for processing your personal data is Pavel Taiko, IČ: 69371776. You can contact us at hello@foilio.cards.

2. Data We Collect

We collect the following categories of personal data:

  • Account data: email address and password (stored securely via Firebase Authentication).
  • Collection data: the Magic: The Gathering cards you add to your collection, including foil/non-foil status and quantities.
  • Usage data: anonymous analytics data such as feature usage and crash reports, collected via Firebase Analytics and Crashlytics.
  • Device data: device type, operating system version, and app version for technical support purposes.

We do not collect payment information. In-app purchases are handled entirely by Apple App Store or Google Play.

3. Purpose and Legal Basis

We process your personal data for the following purposes:

  • Providing the service: to maintain your account and sync your collection across devices (legal basis: performance of a contract).
  • Improving the app: to analyse usage patterns and fix bugs (legal basis: legitimate interests).
  • Communication: to respond to support requests (legal basis: legitimate interests).

4. Data Processors

We use the following third-party services to operate Foilio:

  • Google Firebase (Authentication, Firestore, Analytics, Crashlytics) — data may be processed in the USA under Google's Standard Contractual Clauses.
  • Cardmarket — we fetch publicly available card price data. No personal data is shared with Cardmarket.
  • Apple / Google — for in-app purchase processing.

5. Data Retention

We retain your account data for as long as your account is active. If you delete your account, your personal data is permanently and immediately deleted from our servers. Anonymous analytics data may be retained for up to 26 months.

6. Your Rights

Under the GDPR, you have the following rights:

  • Right of access — to request a copy of your personal data.
  • Right to rectification — to correct inaccurate data.
  • Right to erasure — to request deletion of your data.
  • Right to data portability — to receive your data in a structured format.
  • Right to object — to object to processing based on legitimate interests.
  • Right to lodge a complaint — with your local data protection authority.

To exercise any of these rights, contact us at hello@foilio.cards.

7. Cookies

The Foilio mobile app does not use cookies. This website uses only technically necessary cookies required for operation. No tracking or advertising cookies are used.

8. Data Security

We implement appropriate technical and organisational measures to protect your personal data, including encrypted data transmission (TLS), secure password hashing via Firebase Authentication, and restricted access to production data.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via in-app notification or email. Continued use of the app after changes constitutes acceptance of the updated policy.

10. Contact

If you have any questions about this Privacy Policy, please contact us at hello@foilio.cards.