← Back to login

Privacy Policy

Last updated: April 16, 2026

1. Who We Are

Carte is operated by Huntington Analytics (huntington-analytics.com). When this policy refers to “we,” “us,” or “Carte,” it means Huntington Analytics.

2. Data We Collect

We collect only the data needed to deliver the service:

  • Account information— name, email address, and avatar from your Google or Apple sign-in provider.
  • Profile information— company, role, and goals you provide in settings.
  • Business card images— photos you capture or upload for scanning.
  • Extracted contact data— name, title, company, email, phone, and other details obtained via OCR.
  • AI-generated dossiers— research summaries, meeting prep, and email drafts created from extracted data.
  • Location data— GPS coordinates captured at scan time (only when you grant permission) to tag where you met a contact.
  • Event tags and notes— tags, event names, and free-text notes you attach to contacts.

3. How We Use Your Data

  • Scanning and extracting text from business card images.
  • Generating AI-powered dossiers, meeting prep, and email drafts to help you follow up with contacts.
  • Displaying your contacts on a map based on scan location.
  • Exporting contacts as vCards or CSV files.
  • Improving reliability and fixing errors in the service.

4. AI Processing

Business card images and extracted text are sent to the Anthropic Claude API for OCR and dossier generation. Anthropic's API does not use your data for model training. Prompts and responses are not retained by Anthropic beyond a short safety-evaluation window. See Anthropic's privacy policy for details.

5. Third-Party Services

  • Amazon Web Services (AWS)— hosting, database (DynamoDB), file storage (S3), and authentication (Cognito).
  • Anthropic / Claude API— OCR, dossier generation, meeting prep, and email drafts.
  • Google OAuth— sign-in authentication.
  • Apple OAuth— sign-in authentication.

We do not sell, rent, or share your personal data with advertisers or data brokers.

6. Data Storage and Security

Your data is stored in AWS infrastructure in the United States. Contact data is stored in DynamoDB and card images in S3. Both are encrypted at rest using AWS-managed keys. Data in transit is encrypted via TLS. Access to production systems is restricted to authorized personnel only.

7. Cookies

Carte uses a single session cookie containing a JWT token to keep you logged in. We do not use tracking cookies, analytics cookies, or any third-party cookies.

8. Location Data

When you scan a card, Carte may request access to your device's GPS location. This is entirely optional — you can deny the permission and the app will function normally without it. Location data, when collected, is stored alongside the contact record and used to show where you met someone on the map view. Location data is never shared with third parties.

9. Data Retention

Your data is retained for as long as your account is active. If you delete a contact, its card image, extracted data, and dossier are permanently removed. If you delete your account, all associated data is permanently deleted within 30 days.

10. Your Rights

You may at any time:

  • Access your data through the app (contacts, dossiers, profile).
  • Export your contacts as vCard or CSV files.
  • Delete individual contacts or your entire account.
  • Correct your profile information in settings.

For any data request we cannot fulfill through the app, email us at the address below.

11. Changes to This Policy

We may update this privacy policy from time to time. Material changes will be communicated via the app or email. Continued use of Carte after changes constitutes acceptance of the updated policy.

12. Contact Us

Questions or concerns? Email support@huntington-analytics.com.