Privacy Policy

Last updated: [DATE — confirm before publish]

This policy explains how [program-entity legal name and jurisdiction — to confirm] (“Dream”, “we”) collects and uses personal data when you register your interest through this website. We act as the data controller for that information.

1. What we collect

When you submit an invitation request or Boundless enquiry, we collect:

• Your full name, email address and phone number;
• The card tier you are interested in, and any introducing host or member you name;
• For Boundless, the invitation code you enter;
• Technical data needed to operate and secure the form (e.g. IP address for rate-limiting and fraud prevention).

2. Why we use it (legal bases)

• To respond to your enquiry and assess eligibility — on the basis of taking steps at your request prior to entering a contract, and our legitimate interests in evaluating prospective members;
• To contact you about your enquiry — on the basis of your consent, which you may withdraw at any time;
• To protect the service from abuse and fraud — on the basis of our legitimate interests and legal obligations.

3. Who we share it with

We share your data only with service providers acting on our behalf, including our email provider (SendGrid, a Twilio company) used to deliver your enquiry to our team, and [any CRM/onboarding partners — to confirm]. We do not sell your personal data. Where issuance proceeds, your data is processed by our sponsor bank and program partners under their own terms, as part of regulated KYC and onboarding.

4. International transfers

Where data is transferred outside your jurisdiction, we rely on appropriate safeguards such as standard contractual clauses. [Confirm transfer mechanisms before publish.]

5. Retention

We keep enquiry data only as long as needed to respond to you and, where relevant, to progress an application — and thereafter as required by law. [Confirm retention periods before publish.]

6. Your rights

Subject to applicable law (including the GDPR), you may have the right to access, correct, delete or port your data, to object to or restrict processing, and to withdraw consent. To exercise these rights, contact us at tom@nanocard.co. You also have the right to lodge a complaint with your local data protection authority.

7. Contact

Data protection enquiries: tom@nanocard.co. See also our Legal & Terms.