CarDesk CarDesk

Privacy Policy

Last updated: February 2026

Introduction

CarDesk ("we", "us", "our") is operated by a small dev company based in Dubai, United Arab Emirates. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our platform at cardesk.net.

Information we collect

We collect only the information necessary to provide our service:

  • Account information: your name, email address, and password (stored as a salted hash — we never store your actual password).
  • Business information: business name, logo, address details, tax settings, timezone, and language preference.
  • Business data: products, services, clients, visits, invoices, and stock movements that you create within the platform.
  • Payment information: processed securely by Stripe. We never see or store your credit card number.
  • Product images: photos you upload for product recognition (processed by AI) or product catalog display.

How we use your information

We use your information to:

  • Provide and operate the CarDesk platform for your business.
  • Send transactional emails (account confirmation, welcome email).
  • Process your payment through Stripe.
  • Improve our service based on aggregate, anonymized usage patterns.

Data storage and security

Your data is stored on secure servers. Passwords are hashed using PBKDF2-SHA512 with 120,000 iterations and a unique random salt per user. Sessions are encrypted and expire after 7 days. We use HTTPS for all communications.

Third-party sharing

We do not sell, rent, or share your personal data with third parties for marketing purposes. Data is only shared with:

  • Stripe: for payment processing (governed by Stripe\'s privacy policy).
  • OpenRouter/Google: product images sent for AI recognition are processed and not stored by the AI provider.

Cookies

We use a single encrypted session cookie to keep you logged in. We do not use tracking cookies, advertising cookies, or third-party analytics cookies. The session cookie is httpOnly, secure, and expires after 7 days.

Your rights

You have the right to:

  • Access all data stored about you and your business via the Export feature in Settings.
  • Correct your personal information at any time through your account settings.
  • Delete your account and all associated data by contacting us.
  • Withdraw consent and stop using the service at any time.

Children\'s privacy

CarDesk is a business tool and is not intended for use by children under 16. We do not knowingly collect personal information from children.

Changes to this policy

We may update this Privacy Policy from time to time. We will notify registered users of significant changes via email. Continued use of the platform after changes constitutes acceptance of the updated policy.

Contact us

If you have questions about this Privacy Policy or how we handle your data, contact us at:

welcome@CarDesk.net