Duilink Privacy Policy
This policy applies only to the Duilink service: account registration, digital card management, public URL and vCard.
1) Controller and contact
Data controller: Duilio. Operational contact: info@duilio.cc.
2) Data processed
- Account data: email, hashed password and technical timestamps.
- Card data: name, surname, email, optional company, website, address, social links, photo and logo.
- Technical security data: hosting and application logs used for diagnostics, security and abuse prevention.
3) Purposes and legal bases
Data is processed to provide the Duilink service, authenticate users, publish the digital card, handle password reset and protect the service from abuse.
4) Retention
Data is kept for the time needed to provide the service. For inactive accounts, the MVP operating policy currently provides a 12-month retention window followed by a scheduled purge process.
5) Third parties
Data may be processed by technical infrastructure providers strictly required to operate the service, such as hosting and email providers.
6) Rights
You can request access, correction, deletion or restriction of processing by writing to info@duilio.cc. If applicable, you may lodge a complaint with the competent data protection authority.
7) Cookies
Duilink uses strictly necessary technical session cookies for authentication and security. It does not use profiling or advertising cookies.