Privacy Policy
Last updated: 2026-06-23
This Privacy Policy explains what MuricaCards (“we,” “us”) collects when you use this site, how we use it, who we share it with, and the choices you have. We try to collect only what we need to make and mail your cards. By using the site you agree to this policy and to our Disclaimer & Terms.
1. Who we are.
MuricaCards is a parody greeting-card service operated as a sole proprietorship in California, USA. If you have questions about this policy or your data, contact us at muricacards@gmail.com.
2. What we collect.
- Account info. When you sign in with Google or Apple, we receive your name, email, and a unique account identifier from that provider. If you use email sign-up, we collect your email address and a password (stored only as a salted hash by our auth provider — we never see your plaintext password).
- Card inputs. The occasion, roast level, recipient name or relationship, age, hobbies, and any other details or text you type to generate a card. These may include information about other people that you choose to provide.
- Uploaded photos. If you upload a reference photo, we process it to generate artwork. See section 5.
- Order & shipping info. Recipient and shipping name and address, order contents, and order history.
- Payment info. Payments are processed by Shopify and its payment providers. We do not collect or store your full card number; we receive limited confirmation details (such as that a payment succeeded) needed to fulfill the order.
- Consent records. When you accept these terms, we record the fact, the time, the document version, and the IP address and browser our servers observed, so we can show that the terms were agreed to.
- Technical & usage data. IP address, device and browser type, and basic log and error data automatically collected when you use the site.
- Cookies. See section 7.
3. How we use it.
We use your information to: create, preview, store, and mail your cards; process and fulfill orders and provide customer support; operate, secure, debug, and improve the site; detect and prevent fraud, abuse, and prohibited content; keep records of terms acceptance and orders; and comply with our legal obligations. We do not use your card inputs or uploaded photos to train our own AI models.
4. Who we share it with.
We share information only with the service providers we need to run the business, and only as needed:
We do not sell your personal information, and we do not share it for cross-context behavioral advertising.
- Supabase — database, authentication, and file storage.
- xAI (Grok) — generates card text and images from the inputs you provide.
- Shopify — checkout and payment processing.
- Printify and its print partners — printing and mailing your physical cards.
- Google / Apple — only if you choose to sign in with them.
- Cloudflare and our hosting/email providers — to deliver the site and send transactional email.
We do not sell your personal information, and we do not share it for cross-context behavioral advertising.
5. Uploaded photos.
If you upload a photo, it is sent to our AI provider to generate artwork and is stored in our systems so you can reuse and order the resulting card. Only upload photos you have the right to use. Do not upload photos of other people without their permission, and never upload photos of minors in any sexualized context — see the content rules in our Disclaimer & Terms. You can ask us to delete uploaded photos (section 8).
6. How long we keep it.
We keep your account and card information for as long as your account is active. Order, payment, and consent records are kept as long as needed for the order, our records, tax, and legal purposes. When you ask us to delete your account, we delete or de-identify your personal information except where we are required or permitted to retain it (for example, transaction and consent records needed for tax, accounting, or to resolve disputes).
7. Cookies & analytics.
We use cookies and similar technologies that are necessary for the site to function (such as keeping you signed in and remembering your cart) and, where applicable, to understand usage and improve the site. You can manage non-essential cookies any time through the Cookie preferences link in the footer, and you can block cookies in your browser, though some features may not work without them.
Do Not Track. Some browsers send a “Do Not Track” signal. There is no industry-standard response, so the site does not currently respond to those signals.
Do Not Track. Some browsers send a “Do Not Track” signal. There is no industry-standard response, so the site does not currently respond to those signals.
8. Your choices & rights.
You can update your account details or delete your account at any time. Depending on where you live (for example, California), you may have the right to request access to the personal information we hold about you, request its correction or deletion, and request information about how it is shared. Because we do not sell or share personal information for advertising, there is nothing to opt out of in that respect. To make a request, email muricacards@gmail.com. We may need to verify your identity before acting on a request, and we will not discriminate against you for exercising these rights.
9. Children.
The site is for adults. You must be at least 18 years old to use MuricaCards. We do not knowingly collect personal information from anyone under 18. If you believe a minor has provided us information, contact us and we will delete it.
10. Security.
We use reasonable technical and organizational measures to protect your information, including access controls and encryption in transit. No method of transmission or storage is perfectly secure, so we cannot guarantee absolute security.
11. Changes to this policy.
We may update this policy from time to time. When we make material changes, we will update the date above and the version, and where appropriate ask you to review the updated policy.
TL;DR — We collect what we need to make and mail your card, we don't sell your data, and you can ask us to delete it. 🦅