Privacy

Privacy policy

How we handle data — spoiler: we don't collect any.
Last updated: 03 May 2026

Summary

Internet Identity Card ™ is a privacy-by-design product. The application is a single HTML file that runs entirely in your browser. We do not operate any server that handles your identity data. We do not have a database. We do not have user accounts. Your data never leaves your device.

This Privacy Policy explains how the limited data we may receive (through the website itself) is handled.

1. Data controller

The data controller for the website internetidentitycard.com is:

Company

HTTPS CARD — INTERNET IDENTITY CARD LIMITED

Company number

09168431

ICO registration

ZA457585

Office

124 City Road, London EC1V 2NX, United Kingdom

Contact

contact@internetidentitycard.com

2. The Internet Identity Card application

The IIC generator is a self-contained HTML file you download from this website. Once downloaded:

It runs locally in your browser, with no internet connection required.
All identity data you enter (name, email, photo, social links, etc.) stays in your browser's local storage.
Encryption (AES-256-GCM with PBKDF2 600,000 iterations) is performed locally using the W3C Web Crypto API.
No telemetry, analytics, or tracking is embedded in the application.
The Content Security Policy default-src 'none' structurally prevents the application from contacting any server.

We never see, store, or process any identity data you enter into the IIC application.

3. Data we may receive

3.1 Server logs

When you visit this website, our hosting provider may automatically record:

Your IP address (truncated where possible)
The date and time of your visit
The pages requested
Your browser type and language
The referring URL (if any)

These logs are used for security, technical diagnostics, and to detect abuse. They are kept for a maximum of 30 days.

3.2 Email correspondence

If you contact us at contact@internetidentitycard.com, we will receive your email address and the content of your message. We use this information solely to respond to your enquiry.

3.3 Cookies

This website may use a minimal number of strictly necessary cookies. See our Cookie Policy for details.

4. Legal basis for processing (GDPR)

Server logs: legitimate interest (security and reliability of the website)
Email correspondence: your consent (you initiated the contact)
Strictly necessary cookies: exempt from consent under the ePrivacy Directive

5. Data sharing

We do not sell, rent, or share your personal data with third parties for marketing purposes.

We may share limited data with:

Our hosting provider (server logs, exclusively for technical operation)
Law enforcement, when required by a valid legal request under English law

6. Your rights (UK GDPR / EU GDPR)

If you are located in the UK or European Union, you have the right to:

Access the personal data we hold about you
Request correction of inaccurate data
Request erasure of your data
Restrict or object to processing
Request data portability
Lodge a complaint with the UK Information Commissioner's Office (ico.org.uk ↗) or your local supervisory authority

To exercise these rights, email contact@internetidentitycard.com.

7. Data retention

Server logs: 30 days maximum. Email correspondence: kept for as long as necessary to respond to and document the enquiry, then deleted.

8. International transfers

Our hosting provider may be located outside the UK or the EU. Where this is the case, transfers are protected by appropriate safeguards such as Standard Contractual Clauses or adequacy decisions of the UK and the European Commission.

9. Changes to this policy

We may update this Privacy Policy from time to time. Significant changes will be reflected in the "Last updated" date at the top of this page.

10. Contact

For any privacy-related question, contact:

HTTPS CARD — INTERNET IDENTITY CARD LIMITED
124 City Road, London EC1V 2NX, United Kingdom
Email: contact@internetidentitycard.com