img

Privacy Policy

Your privacy is important to us. This policy explains how we collect, use, and protect your personal information when you use our social gifting and fundraising platform.

Last Updated: 01/08/2025 | Effective Date: 01/08/2025

Our Privacy Commitment

We believe in transparency and your right to privacy

Transparency
We clearly explain what data we collect and how we use it to improve your experience.
Security
Your personal information is protected with industry-standard security measures.
Control
You have control over your data with options to access, update, or delete your information.
1. Introduction

Giftinz Limited (UK) and Giftinz Invent Limited (Nigeria) we are committed to protecting your privacy and safeguarding your personal information.

This Privacy Policy explains how we collect, use, share, and protect your data when you use our web and mobile applications, products, and services .

By using Giftinz, you consent to this Privacy Policy, our Terms of Service, and any applicable local laws.

2. Scope

This policy applies to:

  • All users of Giftinz globally
  • Both personal and business accounts
  • All Services including digital gifting, money spraying, donations, tipping, wallet features, and corporate accounts
3. Data We Collect

3.1 Information You Provide

Personal Information: Full name, date of birth, gender, phone number, email address, physical address
Verification Data: Government-issued ID, tax ID, proof of address, social media profile links
Financial Information: Bank account details, payment card information
Event & Campaign Data: Event details, charity campaign descriptions, photos, videos
Business Information: Company registration details, business licenses, tax documents

3.2 Information We Collect Automatically

  • Device Information: Device type, OS version, browser type, IP address
  • Usage Data: Clickstream data, page views, app interactions, transaction history
  • Geolocation Data: Location information when using location-enabled services

3.3 Information from Third Parties

  • Payment gateways (e.g., Stripe, Flutterwave, Paystack) for transaction verification
  • Identity verification providers (e.g., Jumio, Onfido)
  • Social media platforms (when you connect accounts)
4. How We Use Your Data

We process your data to:

  • Deliver Services – Create and manage your account, process payments, enable gifting, spraying, and donations
  • Verify Identity & Prevent Fraud – KYC/AML checks, suspicious activity monitoring
  • Improve User Experience – Personalize content, recommend events, enhance features
  • Comply with Legal Obligations – Regulatory reporting, tax compliance, transaction monitoring
  • Communicate with You – Send transaction receipts, account updates, marketing offers (where permitted)
5. Legal Basis for Processing (GDPR & NDPR)

We process personal data based on:

  • Contract – To perform our obligations under our Terms of Service
  • Consent – For optional marketing and promotions
  • Legal Obligation – Compliance with financial regulations
  • Legitimate Interests – Fraud prevention, service improvement, network security
6. How We Share Your Data

We may share your data with:

Payment Processors

Stripe, Flutterwave, Paystack, LemFi

Identity Verification Partners

Jumio, Onfido

Vendors & Service Providers

Cloud hosting, analytics, customer support tools

Regulatory Authorities

FCA (UK), CBN (Nigeria), tax agencies

Event Hosts / Campaign Owners

When you participate in an event or donation campaign

Law Enforcement

When required by law

We do not sell your personal data to third parties.

7. International Data Transfers
  • UK/EU data is processed in compliance with GDPR and may be stored in the EU or securely transferred under Standard Contractual Clauses (SCCs)
  • Nigerian data is processed in compliance with NDPR and stored in Nigeria or securely transferred where required
8. Data Retention

We keep your data:

  • For as long as you have an active account
  • For 7 years after account closure for regulatory compliance (financial record-keeping)
  • Shorter retention periods for marketing consents or analytics data where possible
9. Your Rights

Under GDPR and NDPR, you have the right to:

  • Access – Request a copy of your data
  • Rectification – Correct inaccurate information
  • Erasure – Request deletion (subject to legal retention obligations)
  • Restriction – Limit data processing in certain circumstances
  • Portability – Receive your data in a machine-readable format
  • Withdraw Consent – Opt out of marketing at any time

To exercise your rights, email privacy@giftinz.com

10. Data Security

We protect your data with:

  • AES-256 encryption for data at rest and in transit
  • PCI-DSS Level 1 payment security compliance
  • Two-Factor Authentication (2FA) for account access
  • AI-based fraud detection for suspicious transactions
  • Regular security audits and penetration testing
11. Cookies & Tracking

We use cookies and similar technologies to:

  • Keep you logged in
  • Track site performance
  • Measure marketing effectiveness

You can manage cookies in your browser settings.

12. Marketing & Communications
  • We send service-related messages (transaction alerts, account updates)
  • Marketing communications are only sent with your consent
  • You can unsubscribe anytime via your account settings or email footer link
13. Children's Privacy
  • Giftinz is not intended for users under 18
  • We do not knowingly collect data from minors. If we become aware, we will delete such data
14. Changes to This Policy

We may update this Privacy Policy periodically. Updates will be communicated via:

  • Email
  • In-app notifications
15. Contact Us

For privacy-related questions:

📧 privacy@giftinz.com
🌍 www.giftinz.com

Data Controllers:

  • • Giftinz Limited (UK) – For UK/EU users
  • • Giftinz Invent Limited (Nigeria) – For Nigerian users