Privacy Policy

1. Data Controller

[Your Name], [Your Address], [contact@example.com]

Please replace with your actual contact details.

2. What Data We Collect

We collect and process the following personal data:

  • Account data: Your name and email address, provided during registration.
  • Wishlist data: The wishlists you create, including item titles, URLs, notes, and due dates.
  • Reservation data: Names entered by guests when reserving items on shared wishlists.

3. Why We Collect It

We process your data solely to provide the Giftrou service — creating, managing, and sharing wishlists. We have no other purpose for your data. The legal basis for processing is Art. 6(1)(b) GDPR (performance of a contract).

4. Third-Party Sharing

We do not share your data with any third parties. We do not use analytics services, advertising networks, or tracking tools. If Google login is enabled, authentication data is exchanged with Google solely for the purpose of signing you in.

5. Cookies

We use only a single essential session cookie required for the application to function. This cookie does not track you and is deleted when you close your browser or when your session expires. See our Cookie Policy for details.

6. Data Retention

Your data is stored for as long as your account exists. When you delete your account, all associated data (including wishlists and items) is permanently removed from our systems.

7. Your Rights

Under the GDPR, you have the right to:

  • Access your personal data — available via the data export feature in your account settings.
  • Rectification — you can update your account information at any time.
  • Erasure — you can delete your account and all associated data from your account settings.
  • Data portability — use the export feature to download your data in a machine-readable format.
  • Lodge a complaint with a supervisory authority if you believe your data is being processed unlawfully.

8. Data Export

You can export all your data at any time from your Account Settings page. The export includes your account information and all wishlist data in a machine-readable format.

9. Data Security

We use industry-standard security measures to protect your data, including encrypted connections (HTTPS) and secure password hashing.

10. Changes to This Policy

We may update this privacy policy from time to time. Significant changes will be communicated to registered users via email.

Pick an emoji