The Information We Collect and/or Receive
- Personal Information.
All information that we receive under this section is collectively called “Personal Information.” We do not collect any Personal Information from Visitors, Members, Guests or Merchants unless they provide such information voluntarily.
- Billing Information.
- User Generated Content.
Due to the fact that UGC is available to the public, please be very attentive to the information you post on any social media platform. Any post that is discriminatory based on race, gender, sexual orientation, national origin, or a mental or physical disability is a violation of others' rights, and you may face legal consequences as a result. Your UGC must not be defamatory, sexually explicit, or used for political gain, and the content you post must not result in a breach of contract with us or a third party.
- Other Information.
In addition to the Personal Information, we may collect or receive additional information (collectively, the “Other Information”). Such Other Information may include:
- From Your Activity. Information that we automatically collect when you use the Platform, such as the device from which you access the Platform and/or the Services, your IP addresses, browser type and language, referring and exit pages and URLs, date and time, amount of time spent on particular pages, what sections of the Platform you visit, and similar information concerning your use of the Platform and/or the Services.
For Google Analytics, please visit https://www.google.com/analytics
Giftwalker.app expects all partners and any third parties we conduct business with to comply with relevant data protection and privacy laws at all times. We take every commercially reasonable step to ensure consistent compliance on our end. Transparency is becoming more of a focus for lawmakers when drafting new data privacy laws, so we have made it a priority to ensure all users of our site have the ability to find out how their data is being used, for what purpose, and for how long. We expect the same from all of our partners and any third parties, and will do our best to ensure that we do not conduct business with any individual person or entity that is not compliant with all relevant laws. If any user wishes to receive information pertaining to the use or collection of their personal data at any time, we expect all of our partners to be able to provide that information as necessary. If there is a breach of contract due to the failure of a third party to produce information, an injunction may be sought against that third party to suspend their business operations until they become compliant, and monetary damages may be sought for the actual breach.The Information Collected by or Through Third-Party Advertising Companies
You authorize us to use the Personal Information, and the Other Information (collectively, the “Information”) to provide and improve the Platform; to solicit your feedback; and to inform you about our products and services and those of our promotional partners.
You also authorize us to use and/or share Information as described below.
- Agents, Providers and Related Third Parties. We may engage other companies and individuals to perform certain business-related functions on our behalf. Examples may include providing technical assistance, order fulfillment, customer service, and marketing assistance. These other companies will have access to the Information only as necessary to perform their functions and to the extent permitted by law. We may also share your Information with any of our parent companies, subsidiaries, or other companies under common control with us.
- Aggregated Information. In an ongoing effort to better understand our Visitors, Members, Guests and Merchants, we may analyze Personal Information with Other Information in anonymized and aggregate form in order to operate, maintain, manage, and improve the Platform. This aggregate information does not identify you personally. We may share this aggregate data with our affiliates, agents, business and promotional partners, and other third parties. We may also disclose aggregated user statistics in order to describe the Platform to current and prospective business partners and to other third parties for other lawful purposes.
- Business Transfers. As we develop our businesses, we might sell or buy businesses or assets. In the event of a corporate sale, merger, reorganization, sale of assets, dissolution, or similar event, the Information may be part of the transferred assets.
- Legal Requirements. We may disclose your Information if required to do so by law, or in the good faith belief that such action or disclosure is necessary or appropriate to: (i) operate the Platform, (ii) comply with any legal obligation, report unlawful activity, cooperate with law enforcement, or protect against legal liability, (iii) protect and defend our rights, property, personnel, suppliers, sponsors, agents or licensors, or (iv) protect the personal safety of vendors, users of the Platform or the public.
- Third Party Partners. We may disclose your Personal Information to our Third Party Partners to whom you provided your information as a part of the sign-up process for the Platform. Such Third Party Partners and the company who operates the Third Party Partner website may use your Personal Information for their own marketing and business purposes.
- Third Parties Marketing Companies. With your permission, we may disclose your Personal Information to third party marketers (who may combine such Personal Information with their own records, and records available from other sources), for their own direct marketing purposes. If you opt-in to this information sharing and later want us to stop sharing your Personal Information with such third party marketers, please send an email with your name and address to firstname.lastname@example.org.
Members and Merchants may access, remove, review, and/or make changes to their Personal Information by e-mailing us at email@example.com. In addition, you may manage your receipt of marketing and non-transactional communications by clicking on the “unsubscribe” link located on the bottom of any Giftwalker marketing e-mail. We will use commercially reasonable efforts to process such requests in a timely manner. You should be aware, however, that it is not always possible to completely remove or modify information in our subscription databases. Members cannot opt out of receiving transactional e-mails related to their account with Giftwalker.How We Protect the Information
We take commercially reasonable steps to protect the Information from loss, misuse, and unauthorized access, disclosure, alteration, or destruction. Please understand, however, that no security system is impenetrable. We cannot guarantee the security of our databases or the databases of the third parties with which we may share such Information, nor can we guarantee that the Information you supply will not be intercepted while being transmitted over the Internet. In particular, e-mail sent to us may not be secure, and you should therefore take special care in deciding what information you send to us via e-mail.External Websites
The Platform and the Services are operated in the United States. If you are located outside of the United States, please be aware that any information you provide to us will be transferred to the United States. By visiting the Website and/or accessing and/or using the Platform and/or the Services and/or providing us with any information, you consent to this transfer.California Residents
Under California Civil Code Section 1798.83, California residents who have an established business relationship with Giftwalker may choose to opt out of our sharing your Personal Information with third parties for direct marketing purposes. If you are a California resident and (1) you wish to opt out; or (2) you wish to request certain information regarding our disclosure of your Personal Information to third parties for the direct marketing purposes, please send an e-mail to firstname.lastname@example.org.
In addition, Giftwalker does not monitor, recognize, or honor any opt-out or do not track mechanisms, including general web browser “Do Not Track” settings and/or signals.For Residents of the European UnionEuropean Privacy Rights
For those within the European Economic Area (EEA), the General Data Protection Regulation (GDPR) that went into effect on May 25, 2018 has afforded you certain rights to your personal data. These rights are as follows: (a) the right to access any personal information being held about you, (b) the right to have any personal information being held about you permanently deleted (provided that the information is not required to comply with a legal obligation or to exercise a legal claim), (c) the right to rectify any inaccurate personal information without undue delay, (d) the right to restrict processing of your personal information (provided that processing is not required to comply with a legal obligation or exercise a legal claim), (e) the right to request transfer of your personal information directly to a third party if technically feasible, and (f) the right to object to processing of any personal data at any time.Right to Object to Direct Marketing
Giftwalker.app will only use the information collected from and about you on the following lawful grounds:
- Use is necessary to perform a contract we have entered into or are about to enter into with you;
- Use is necessary for our legitimate business interests;
- Compliance with a legal or regulatory obligation is required; or
- Where consent has been provided (which can be withdrawn at any time)
If none of these conditions will be satisfied by the use of your personal information, then such information will be permanently deleted from our system accordingly.
In addition to the personal information you provide to us, we may also use publicly available information as well as information gathered from you by third parties to improve your shopping experience, inform you about new products or promotions, or for any other legitimate business purpose.Right to Erasure
All users of Giftwalker.app have the right to request that any and all Personally Identifiable Information (PII) associated with their account be erased. Once a data subject access request (DSAR) is filed and customer identity is verified, the Company must respond to and fulfill such request within 30 days. When an account is “erased,” all PII associated with the account will be permanently deleted, leaving the existence of an anonymous account solely for the purpose of maintaining proper transactional records. The right to erasure strictly pertains to PII, and it must be explicitly understood that transactional history will not be deleted from the Company’s records for any reason. The right to erasure exists to protect users of websites from having their PII stored, transferred, or otherwise utilized by another entity in any manner without proper consent. It will not extend so far as to limit the financial responsibilities and legal obligations that Giftwalker.app has to its customers, employees, partners, and the authorities.Third-Party Partners
When Giftwalker.app members sign up through one of our software partners, we begin sharing customer data with that partner. While we are directly responsible for our handling of your information, users must be aware that our partners also store customer information for their own business purposes. Therefore, when a member desires to invoke their right to erasure, the member must send deletion requests to any partner websites they signed up through as well as to Giftwalker.app to have the totality of their data erased.
Members or guests of Giftwalker.app who elect to have their PII deleted from our system may do so by contacting email@example.com.Right to Access
All users of Giftwalker.app have the undeniable right to ask about and obtain a complete and accurate report on the data being stored about them. If you would like to request a report on the data we are storing about you, email us at firstname.lastname@example.org.Transmitting PII + Responding to DSARs
It is against our policy to send PII without proper safeguards. When a user requests a report on the data being stored about them, certain guidelines must be followed:
- A DSAR (Data Subject Access Request) must be sent by the user whose information is being requested to email@example.com.
- The user’s identity must be verified by the submission of a photo ID that clearly shows the user’s legal name. (This is so we can match the name on the photo ID with the name on the Giftwalker.app account.)
- Giftwalker.app will send the user an encrypted, password-protected email containing the PII requested.
- Giftwalker.app will send the user a separate email containing the password that unlocks the encrypted PII in the email.