← Back to Cardly

Privacy Policy

App: Cardly — Loyalty Card Wallet
Developer: KJ Labs (ABN 56 351 284 462)
Last updated: 13 June 2026
Contact: support@appcardly.com

The short version

You can use Cardly without an account, and most people will. In that mode your cards are stored only on your device. We don't use analytics, ad networks, or tracking of any kind, and we never sell your data. The only time information leaves your phone is if you add a card to Apple Wallet (the barcode is sent once to create the pass) or if you choose to turn on optional cloud backup by signing in. Both are explained below.

1. Overview

Cardly is a loyalty card wallet for iPhone, developed by KJ Labs in Sydney, Australia. This policy explains exactly what information Cardly does and does not handle. Cardly does not sell your data, does not show advertising, and contains no analytics or third-party tracking. We have designed the app to need as little of your information as possible.

2. Using Cardly without an account

By default, Cardly works with no account at all. When you use Cardly this way:

In this mode, the app contacts our servers in only two limited situations, described in Section 3.

3. Information handled when you use certain features

(a) Searching for a loyalty program

When you add a card and search for a program, the text you type is sent to our server to return matching programs from our Australian loyalty catalogue. This search request is not stored against you and is not used to identify you.

(b) Adding a card to Apple Wallet

If you choose to add a card to Apple Wallet, the card's barcode value, card name, and program name are sent to our server once, so we can generate and cryptographically sign the Apple Wallet pass. This information is used only to create that pass and is not stored in our database afterwards. The finished pass is then handled by Apple Wallet under Apple's privacy policy. If you never add a card to Apple Wallet, none of this occurs.

4. Optional cloud backup (only if you sign in)

Creating an account is entirely optional and exists for one purpose: backing up your cards so you can restore them on a new device. If — and only if — you choose to register and sign in, we store the following on our servers:

If you never sign in, none of this information is ever sent to or stored by us. Cloud backup is off by default.

5. Device permissions

Cardly does not request location, contacts, or tracking permissions.

6. What we do not do

7. Where your data is stored and how it's protected

8. Third parties

We keep third parties to the minimum required to run the service:

We do not use any analytics, advertising, or crash-reporting third parties. We may disclose information if required by Australian law.

9. Server logs

Our servers keep minimal operational logs needed to run and secure the service. These logs do not record your card numbers, barcode values, or passwords. Operational logs are retained for a limited period and then deleted.

10. Deleting your account and data

If you created an account, you can delete it at any time from within the app: Settings → Delete Account. This permanently and immediately erases your account and all backed-up card data from our servers. Cards stored locally on your device are removed from the app at the same time. Deletion is immediate, not deferred.

If you never created an account, there is nothing stored on our servers to delete — removing the app removes your locally stored cards.

11. Your rights

Under the Australian Privacy Act 1988, you have the right to access, correct, or delete your personal information. For account holders, deletion is available directly in the app (Section 10). You can also contact us at support@appcardly.com. You may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au.

12. Children's privacy

Cardly is not directed at children under 13, and we do not knowingly collect personal information from them.

13. Changes to this policy

We may update this policy as the app evolves. Material changes will be reflected here with an updated date. Significant changes affecting account holders may also be communicated by email.

14. Contact

KJ Labs
Email: support@appcardly.com

Office of the Australian Information Commissioner: oaic.gov.au · 1300 363 992