Privacy Policy

Effective June 3, 2026.

Who We Are

Simpli-FI ID is a digital identity and professional networking service operated by Simpli-FI OS LLC, a Texas limited liability company (“Simpli-FI ID,” “we,” “us,” or “our”). We help people create profile pages, share QR and short-link contact experiences, collect new contacts, and manage a private contact directory. Our service does not provide legal, financial, tax, or investment advice.

Information We Collect

We may collect:

  • Account information — name, email address, authentication ID, and support messages.
  • Profile information — title, company, bio, phone number, website links, photos, logos, brand colors, and other public contact details you choose to publish.
  • Contact-sharing data — saved contacts (with consent, see below), notes, tags, scan events, and mutual connection requests.
  • Technical data — browser type, device, referrer URL, and timestamps, used for analytics and security.
  • Billing metadata — transaction records and plan details from our payment provider (Stripe). We do not store full payment card numbers.

Public Profile Data

Information you place on a public Simpli-FI ID card may be visible to anyone with the card URL, QR code, or short link — including search engines. Do not publish private information you do not want visible publicly.

Contact Collection & the Share-Back Consent Model

Founder and Enterprise card holders can collect contacts from people they meet. We take consent seriously and have built it into the data model:

  • Share-back (recipient-initiated). When someone chooses to share their contact details back to a Founder through our share-back form or mobile contact picker, we record an explicit consent flag alongside their data, stamped with a consent version identifier (sb-2026-06). No contact details are stored unless consent === true is present in that request. Recipients may contact us to request deletion of their record.
  • Manual add (Founder-initiated).Founders may manually add contacts they already hold (for example, from a paper business card exchange). By doing so, Founders represent that they have a lawful basis for holding that contact’s information and that the contact would reasonably expect to be added to a professional networking tool. The consent obligation for manually-added contacts shifts to the Founder. See Terms §3.

Contact PII collected through either path is stored only in the Founder’s private CRM, is never surfaced in aggregate admin views, and is never sold or shared with third parties for their independent marketing use.

How We Use Information

We use information to:

  • Provide, operate, and improve the service.
  • Render public cards and power the profile builder.
  • Process plan upgrades and subscriptions via Stripe.
  • Send transactional service messages (card provisioned, billing receipts).
  • Support Enterprise provisioning and organization management.
  • Detect abuse, protect accounts, and comply with legal obligations.
  • Measure product performance through aggregated, non-PII analytics.

How We Share Information

We share information only with:

  • Service providers that help us operate — hosting (Firebase/Google Cloud), payment processing (Stripe), email delivery, analytics, and support tooling. Each provider is bound by data processing terms.
  • Enterprise administrators who may receive organization-level data needed to provision and manage their team.
  • Parties required by law, or in connection with a business transfer (e.g. acquisition).

We do not sell personal information. We do not share contact PII collected through the CRM with other users or third parties for marketing.

Payments

Paid upgrades are processed by Stripe. Stripe collects billing details, payment method information, and transaction metadata under their own privacy policy. Simpli-FI ID stores only the plan tier and transaction reference.

Security and Retention

We use authentication, access controls, Firestore security rules, and audit logging appropriate to a service of our size and stage. No online service can guarantee absolute security. We retain information while needed to provide the service, meet legal obligations, resolve disputes, and maintain audit records. Contact records are soft-deleted (deactivated), not hard-deleted, to preserve audit trails.

You can delete your account at any time — in the mobile app (Account → Delete account) or by contacting us. Deleting your account immediately removes your sign-in identity (your authentication record), and any active subscription is canceled. Your card is deactivated (soft-deleted) and is no longer publicly visible. Any contacts you collected are retained only as needed for the legal, tax, security, and audit purposes described above.

Your Choices

You may request access, correction, export, deactivation, or deletion of your account information by contacting us. Contacts who shared back via our consent flow may request deletion of their specific record. Some records may be retained for security, tax, or legal reasons. You can update many public profile fields directly through the account and builder tools.

Your Privacy Rights

Depending on your state of residence (including under the Texas Data Privacy and Security Act and similar laws in California, Virginia, Colorado, Connecticut, and other states), you may have the right to confirm whether we process your personal data and access it; correct it; delete it; obtain a portable copy; and opt out of targeted advertising, the sale of personal data, or certain profiling. We do not sell personal data, and we do not use it for cross-context behavioral (“targeted”) advertising, so there is no such opt-out to honor; if that ever changes, we will honor browser-level opt-out signals such as Global Privacy Control (GPC).

To exercise any right, email legal@simpli-fi-os.com. We respond within 45 days (extendable once where permitted) and will not discriminate against you for exercising a right. If we decline a request, you may appeal by replying to our decision, and we will respond within the time your state’s law allows. For a verified deletion request, we delete the personal data we are not required to retain for a specific legal, tax, security, or audit purpose and restrict any retained record to that purpose.

Children

Simpli-FI ID is intended for professional use and is not directed to children under 13. We do not knowingly collect personal information from children under 13.

Simpli-FI ID is intended for users in the United States and is not directed to individuals in the European Union or United Kingdom.

Changes to This Policy

We may update this Policy from time to time. We will post the new effective date here and, where reasonable, notify account holders of material changes.

Contact

Privacy questions or requests: legal@simpli-fi-os.com.