CardToCRM by Voittaa Ltd — Last updated: 7 April 2026
CardToCRM is operated by Voittaa Ltd, a company registered in England and Wales. If you have any questions about this policy or your data, please contact us at support@voittaa.co.uk.
When you register we collect your name, email address, and a password (which is stored in hashed form only).
When you scan a business card, we collect the photograph(s) you take and extract the following contact details from them:
Card images are stored securely on our servers and used solely for the purpose of extracting contact information.
Credit pack purchases are processed by Apple (App Store) or Google (Google Play). We do not collect or store your payment card details. We receive a purchase confirmation and the number of credits to add to your account.
We maintain records of your credit balance, scan history, and CRM push status to provide the service.
We use your data to:
We do not use your data for advertising, profiling, or any purpose unrelated to delivering the CardToCRM service.
We use the following third-party services to operate CardToCRM:
Business card images are sent to Anthropic's API for text extraction and contact parsing. Anthropic processes images in accordance with their privacy policy. Images sent via the API are not used to train their models.
We use RevenueCat to manage in-app purchases and credit entitlements. RevenueCat receives a pseudonymous user identifier and purchase events. See their privacy policy.
When you connect a CRM and push a contact, the extracted contact data is sent to your CRM provider using credentials you supply. We act as an intermediary; the data is then governed by your CRM provider's terms and privacy policy.
App distribution and payment processing are handled by Apple and Google respectively. Their privacy policies govern any data they collect during the purchase process.
CardToCRM requests the following device permissions:
We do not access your photo library, contacts, location, or any other device data.
Your data is stored on servers located in the United Kingdom. We use industry-standard security measures including:
Your account data and scan history are retained for as long as your account is active. Business card images are retained to allow you to review past scans. If you wish to have your account and all associated data deleted, please contact us at support@voittaa.co.uk.
Under UK data protection law (UK GDPR), you have the right to:
To exercise any of these rights, contact us at support@voittaa.co.uk. We will respond within 30 days.
CardToCRM is not intended for use by anyone under the age of 16. We do not knowingly collect data from children. If you believe a child has provided us with personal data, please contact us and we will delete it.
We may update this policy from time to time. We will notify you of material changes via the app or email. The "last updated" date at the top of this page indicates when the policy was most recently revised.
If you have questions, concerns, or requests regarding this privacy policy or your personal data, contact us at:
Voittaa Ltd
Email: support@voittaa.co.uk
Website: voittaa.co.uk