Privacy Policy
At GiftsCertificates.com, we value your privacy and are committed to safeguarding your personal data. This Privacy Policy outlines how we collect, use, disclose, and store your personal information. We are dedicated to ensuring that your personal data is handled in a secure, transparent, and lawful manner in accordance with data protection laws, including the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and the California Consumer Privacy Act (“CCPA”).
1. Commitment to Privacy and Data Protection
We are committed to maintaining the trust and confidence of our users and customers. Your privacy matters deeply to us, and we adhere to the strictest standards in handling, protecting, and processing your information. This Privacy Policy explains how GiftsCertificates.com processes your data and the rights you have in relation to it.
2. Scope of Policy and Data Controller
This Privacy Policy applies to all personal data collected from visitors, users, and customers of the website giftscertificates.com. For purposes of data protection laws, GiftsCertificates.com acts as the “data controller” when determining the purpose and means of processing your personal information. Where appropriate, we may also act as a “service provider” or “processor” for third parties.
3. Categories of Data We Process
We may collect and process the following categories of personal data in the course of providing our services:
– Usage Data
Includes data about how you use our website, such as IP address, browser type, browsing behavior, session data, referring URLs, and time spent on pages.
– Account Data
Includes your first and last name, billing and delivery addresses, email address, and telephone number, which are provided when creating or managing an account.
– Profile Data
Includes purchase history, customer preferences, average order values, and other behavioral data derived from your interactions with our services.
– Communication Data
Encompasses inquiries submitted via forms, support requests, emails, chats, and other interactions between you and our support teams.
– Technical Data
Includes information about the devices used to access giftscertificates.com, such as device identifiers, operating system, internet protocol addresses, browser settings, and system configuration.
– Transaction Data
Includes payment-related data (provided through our secure payment providers), purchase records, order contents, and delivery tracking information.
– Preference Data
Includes any data you provide relating to your communication preferences, marketing consents, and product-interest indicators.
4. Legal Bases for Processing Personal Data
We process personal data under the following legal bases, as outlined in the GDPR and applicable U.S. laws:
– Consent: When you explicitly consent to the use of your data (e.g., receiving newsletters or targeted promotions).
– Contractual Necessity: When processing is required to fulfill a contract with you, such as order processing and customer account access.
– Legal Obligation: To comply with applicable legal and regulatory obligations.
– Legitimate Interests: When processing is necessary for the operation of our business, provided your interests or fundamental rights do not override these.
5. Your Rights
Under applicable data protection laws, you have the following rights:
– Right of Access: You can request a copy of the personal data we hold about you.
– Right to Rectification: You may request corrections to inaccurate or incomplete data.
– Right to Erasure: You may request that we delete your personal data, subject to legal or contractual obligations.
– Right to Restriction: You may limit how we use your data under specific circumstances.
– Right to Data Portability: You can request to receive your data in a structured, commonly used format or have it transferred to another controller.
To exercise any of these rights, you may contact us at [email protected].
6. Security Measures
We implement robust technical and organizational security measures to help protect your data, including:
– Encryption: All sensitive data, including payment-related information, is transmitted using secure encryption protocols.
– Access Controls: Data access is restricted to authorized personnel only via role-based permissions.
– Backups and Redundancy: Regular backups are performed to ensure data integrity and continuity.
– Staff Training: Employees and contractors undergo data protection and privacy training on a regular basis.
7. International Data Transfers
Where we transfer your data outside of the European Economic Area or your local jurisdiction, we ensure such transfers are governed by adequate safeguards, including:
– Standard Contractual Clauses approved by the European Commission.
– Binding corporate rules where applicable.
– Data transfer agreements with third-party service providers located outside the EEA or the U.S.
By using giftscertificates.com, you consent to your data being transferred and processed in jurisdictions where our hosting providers and partners operate.
8. Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including:
– Account Data: Retained as long as your account remains active and for up to 6 years thereafter for legal compliance.
– Transaction Data: Maintained for a period of 7 years to meet financial and contractual obligations.
– Communication Data: Stored for 3 years after the most recent contact with you unless an ongoing support case remains active.
– Preference Data: Retained until you withdraw your consent or update your marketing preferences.
After these periods, your data will be securely deleted or anonymized for analytical purposes.
9. Cookie Policy
GiftsCertificates.com uses cookies to enhance your browsing experience. Categories of cookies we use include:
– Essential Cookies: Necessary for the basic functionality of the website, such as shopping cart and account management features.
– Functional Cookies: Enable website personalization, such as storing language preferences or location-based features.
– Analytics Cookies: Help us understand how users interact with the site using tools like Google Analytics.
– Performance Cookies: Monitor system performance for optimization and diagnostics.
10. Cookie Management and Compliance
You may manage or refuse cookies at any time by adjusting your browser settings, or by using cookie consent tools we deploy on the site in compliance with GDPR and CCPA requirements.
In California, you have the right to opt out of the sale or sharing of your personal information using the “Do Not Sell My Personal Information” link on our homepage. Californians may also request information about the categories of personal information we collect, disclose, or “share” under the CCPA.
11. Children’s Privacy
GiftsCertificates.com does not knowingly collect, use, or disclose personal data from children under the age of 13. If we become aware that we have inadvertently collected personal information from a child without verified parental consent, we will take immediate steps to delete such information.
12. Policy Updates
We continuously monitor changes to applicable laws and may update this Privacy Policy accordingly. Any material changes will be communicated prominently on the website or via email, where feasible. Continued use of giftscertificates.com after updates constitutes acceptance of the revised policy terms.
13. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or your data rights, you may contact our Data Protection Officer by email at:
✉ [email protected]
Compliance Statement
GiftsCertificates.com is committed to maintaining full compliance with all applicable privacy regulations, including GDPR, CCPA, and other relevant laws. Your data privacy and trust are our highest priorities. Please reach out to [email protected] with any concerns or inquiries regarding your personal data.