Privacy Policy

We collect information you provide directly to us, such as when you create an account, make a purchase, or contact customer support. This includes email addresses, cryptocurrency wallet addresses, transaction details, and communication preferences. We also automatically collect certain information about your device and how you interact with our platform, including IP addresses, browser type, operating system, referring URLs, and usage patterns. For cryptocurrency transactions, we collect wallet addresses and transaction hashes for verification and security purposes. We may also collect information from third-party services such as blockchain explorers to verify transaction status and prevent fraud.

We use your personal information to provide, maintain, and improve our services, including processing gift card purchases, sending delivery emails, and providing customer support. We use transaction data to prevent fraud, comply with legal obligations, and improve our platform security. Your email address may be used to send important service notifications, transaction confirmations, and optional marketing communications (which you can unsubscribe from at any time). We analyze usage patterns to enhance user experience, develop new features, and optimize our platform performance. We may use aggregated, anonymized data for research, analytics, and business intelligence purposes.

Your personal information is stored on secure servers located in the United States and European Union, with appropriate safeguards and encryption measures in place. We retain transaction records for a minimum of 7 years to comply with financial regulations and tax requirements. Account information is retained for as long as your account remains active, plus an additional 3 years after account closure. Email addresses used for one-time purchases without account creation are retained for 2 years for customer support purposes. We implement regular data backups and disaster recovery procedures to ensure data availability and protection against loss.

You have the right to access, update, or delete your personal information at any time through your account settings or by contacting our support team. You can request a copy of all personal data we hold about you, and we will provide this information within 30 days. You have the right to object to certain data processing activities, including marketing communications and analytics. For users in the European Union, you have additional rights under GDPR including data portability, rectification, and the right to be forgotten. You can withdraw consent for data processing at any time, though this may affect our ability to provide certain services. We will respond to all user rights requests within the timeframes required by applicable law.

We work with trusted third-party service providers to deliver our services, including payment processors, email delivery services, customer support platforms, and security providers. These partners are contractually obligated to protect your information and use it only for the specific services they provide to us. We integrate with blockchain networks and cryptocurrency services to process payments and verify transactions. We may share anonymized, aggregated data with business partners and analytics providers to improve our services. We do not sell, rent, or trade your personal information to third parties for their marketing purposes. Any data sharing is done in accordance with this privacy policy and applicable data protection laws.

We implement industry-standard security measures to protect your personal information, including SSL/TLS encryption for data transmission, AES-256 encryption for data storage, and multi-factor authentication for account access. Our security infrastructure includes firewalls, intrusion detection systems, regular security audits, and employee security training programs. We monitor our systems 24/7 for suspicious activity and maintain incident response procedures to address any security breaches promptly. Access to personal information is restricted to authorized personnel who need it to perform their job functions. We regularly update our security measures to address emerging threats and maintain compliance with industry best practices and regulatory requirements.

Our services are not intended for individuals under the age of 18, and we do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child under 18, we will take immediate steps to delete that information from our systems. Parents or guardians who believe their child has provided personal information to us should contact us immediately. We encourage parents to monitor their children's online activities and to help enforce this policy by instructing their children never to provide personal information through our platform without permission. If you are under 18, please do not use our services or provide any personal information to us.

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify users of any material changes by email (for registered users) and by posting the updated policy on our website with a new effective date. We encourage you to review this Privacy Policy periodically to stay informed about how we collect, use, and protect your information. Continued use of our services after any changes to this Privacy Policy constitutes acceptance of those changes. For significant changes that materially affect your rights, we may require explicit consent before the changes take effect.