Get started

Privacy Policy

We don't collect your data.

That's it. That's the policy. But legally we owe you the details, so here they are — in plain English, under 500 words, with no dark patterns.

Effective: 18 April 2026 Last updated: 18 April 2026 Version: 1.0

✓ The short version

We don't ask you to sign up. No account, no email, no phone number.

Your spending data stays on your device. We don't have a server that stores it.

We use Plausible for page-view counts. It doesn't use cookies or identify you.

We don't run ads. We don't earn affiliate commissions. We don't sell anything to anyone.

Who we are

Desi Cards is a credit card comparison and portfolio optimization tool for the Indian market, operated by Abhishek as a sole proprietorship based in Bengaluru, Karnataka, India ("we", "us", "our"). Under India's Digital Personal Data Protection Act, 2023 ("DPDP Act"), we would be considered a Data Fiduciary — except, as explained below, we don't actually process any personal data that would trigger those obligations.

This policy describes how we handle information when you visit desi.cards and use our tools. It applies to all visitors and users of the site.

What we collect

From you directly: nothing. We do not ask for your name, email address, phone number, PAN, Aadhaar, CIBIL report, bank statements, or any other identifying information. You can use every feature on Desi Cards — including the portfolio optimizer — without providing any personal details.

About your visit: aggregate analytics only. We use Plausible Analytics to count page views, see which pages are popular, and understand where our traffic comes from. Details in the next section.

In your browser: the spending profile you enter into the optimizer. When you use the stack builder, the categories and amounts you enter are saved in your browser's localStorage — a local file on your own device — so you can come back later without re-entering everything. This data never leaves your device. We cannot see it. It is not transmitted to any server, including ours.

Analytics via Plausible

We use Plausible Analytics to measure site traffic. Plausible is a privacy-focused analytics service based in the EU that is deliberately designed to comply with GDPR, CCPA, and similar regulations.

Plausible does not:

  • Set any cookies on your browser
  • Store persistent identifiers that follow you across sessions
  • Use local storage or browser cache to fingerprint you
  • Share data with advertisers

Plausible does use your IP address and user-agent string to generate a daily anonymized identifier (the IP and user-agent are hashed with a salt that is rotated and deleted every 24 hours — the raw values are never stored). This identifier lets us count "unique visitors today" without knowing who you are.

The metrics we see are limited to: total page views, unique visitors per day, country (approximate, from IP), device type, browser, and referring site. That's it. We cannot identify any individual visitor from this data, and neither can Plausible.

Your data stays on your device

The portfolio optimizer works entirely in your browser. When you enter your monthly spend across categories, your income, and your preferences, that information is:

  • Saved to your browser's localStorage under the key desicards:wizard-state:v1
  • Read back the next time you visit so you don't have to re-enter it
  • Used locally to compute your recommended card stack

This means your data is never transmitted to our servers. We don't have a database. We don't have a server-side application that stores user inputs. If you open the browser's developer tools and watch the network tab while using the optimizer, you will see zero requests to desi.cards that contain your spending information.

You can delete this data at any time by clearing your browser's site data for desi.cards, using your browser's "Clear browsing data" function, or opening your browser's developer console and running localStorage.clear().

Your rights under the DPDP Act

The DPDP Act grants every Indian resident (Data Principal) specific rights regarding their personal data. Because we do not collect, store, or process personal data that identifies you, most of these rights are trivially satisfied by default — but for completeness, you have the right to:

  • Access information about any personal data we hold about you (we hold none)
  • Correction, completion, updating, and erasure of your personal data (nothing to correct or erase)
  • Grievance redressal for any violation of your rights under the Act
  • Nominate someone to exercise these rights on your behalf in case of death or incapacity

If you believe we've violated your rights under the DPDP Act, you can reach us directly (see Contact section) or file a complaint with the Data Protection Board of India.

Children's data

Desi Cards is not directed at children under 18. The DPDP Act has specific protections for children's data, and while our site does not collect personal data from anyone, we explicitly do not intend for minors to use our tools. Credit card eligibility in India starts at age 18 (21 at most banks), so the content itself is not relevant to minors.

Changes to this policy

If our data practices change — for example, if we add advertising, affiliate programs, or features that collect additional information — we will update this policy and post the changes on this page. Material changes will be flagged at least 7 days before they take effect, through an on-site notice visible to all visitors.

We will never reduce your privacy rights retroactively. Any data collected under the old policy will continue to be governed by the old policy unless you separately agree otherwise.

Contact & grievances

For any privacy-related questions, concerns, requests, or complaints, contact us by email. We aim to respond within 7 working days.

Privacy contact

Abhishek, operating Desi Cards (sole proprietorship)

Bengaluru, Karnataka, India