Giftable Gift Card Privacy Policy

1. Introduction

Welcome to the Giftable Gift Card privacy policy. This policy outlines how we collect, use, and protect your personal data. If we make significant changes, we will notify you via email or a notice on our website.

2. Information Collection

We collect personal data such as your name, email address, payment details, and transaction history. We collect this data based on legitimate interests, consent for marketing, and contractual necessity for fulfilling orders.

3. Cookies

We use essential and non-essential cookies. Essential cookies ensure the website functions properly, while non-essential cookies help us improve your experience.

Consent for non-essential cookies is gathered in compliance with GDPR.

4. Third-Party Processors

We work with trusted third-party processors to provide our services, such as cloud providers and payment processors.

5. Data Security

We take your data security seriously. We use encryption, firewalls, and secure protocols to protect your information, adhering to security standards like ISO 27001.

6. Data Retention

Your personal data is retained for as long as necessary to fulfill the purposes we collected it for, such as storing data for six years post-transaction.

7. Data Sharing

We share data with third parties for order fulfillment and marketing purposes. We ensure that shared data is anonymized where possible, in compliance with legal requirements.

8. Your Rights (GDPR)

You have rights under GDPR, including the right to access, correct, and delete your data.

You also have the right to data portability, allowing you to transfer your data to another provider.

9. Data Transfer

If we transfer data outside the EEA, we comply with GDPR regulations through Standard Contractual Clauses.

10. Supervisory Authority

If you have any concerns about how we handle your data, you can contact the Information Commissioner’s Office (ICO) via their website.

11. Explicit Consent for Marketing

We require explicit opt-in consent for marketing communications. You can unsubscribe at any time.

12. Children’s Data

We do not knowingly collect data from children. If we become aware of this, we will take steps to delete the data or obtain parental consent.

13. Profiling and Automated Decision Making

We do not use automated decision-making or profiling in a way that has legal or significant effects on you.