Effective: July 20th, 2020
What information is collected and how is it used?
1.Information You Directly Provide through our Services
We collect personal information directly from you when you visit our Services to do all the things typically associated with online services. Examples of the personal information we collect include name, address, phone number, email address, personal preferences, payment card number, purchase and ordering information, demographic information, responses to survey questions, and any other information you choose to provide. Our Services may also give you the option to upload or share pictures or videos of yourself and others. This information is collected at various places on our Services for instance, when you check out with your online order; engage with our mobile applications; email offers, and mobile messaging offers; Ticketing, Promo's, participate in surveys; Join Us; enter contests or sweepstakes; or interact with special-event or program offers. We may also collect information that you provide on our Services about people you know or have opted-in to your Client List. For example, we collect your gift recipient's contact information to process your gift orders, send marketing offers and promo's, discounts, BOGO's via email or SMS.
We use personal information about you collected on the Services to do things like:
process your online orders.
personalize your online experience with content and offers that are tailored to your interests.
provide customer service, whether it's responding to a request or following up on an order.
include you in surveys and contests.
enable you to post your content, such as comments, images or videos.
improve our Services, the manner in which offers are made on our Services.
enable you to interact with third-party content service providers, whether by linking to their sites, viewing their content within our online environment, or by viewing our content within their online environment and.
market our products and services that may be of interest to you.
2.Information We Observe or Collect through Technology
We may collect information about your location when you access or use our Services. For more details, please see "What choices do you have over how your information is used?" below.
When you access our Services, we may collect navigational information, such as browser type and version, service-provider identification, IP address, the site or online service from which you came, and the site or online service to which you navigate.
We collect information about the computer or mobile device used to access our Services, such as the hardware model, operating system and version and website or app usage behavior.
Cookies, Clear Gifs and Similar Technologies
To better understand how you interact with our Services, we may collect information using cookies, clear-gifs (also known as web beacons or web bugs) and similar technologies.
A cookie is a small amount of data that's stored by your browser on your device. It's used to do things like see how you navigate our Services, what you click on, and remember you and your online purchases when you return. This helps us improve our Services, provide better customer service, tailor your online experience, and tailor offers to you based on your unique tastes and both your online and offline (e.g., in-store) interactions and purchase history.
A clear gif is a nearly invisible pixel-sized graphic image on a web page, web-based document or e-mail message. It helps us do things like view the URL of the page on which the clear gif appears and the time the site, document or email in question is viewed. Clear gifs in e-mails help us confirm the receipt of, and response to, our emails, including those that you forward to friends and family; and they help deliver a more personalized online experience.
In addition to cookies and clear gifs, we may also use device identifiers, web storage and other technologies to collect information about your interactions with our content and Services.
3.Information Others Observe or Collect through Technology
We evaluate and select third-party partners to help us provide certain features on our Service and analyze our visitors' preferences, such as Google Analytics. These partners may use some or all the technologies described above.
What information do we share with third parties
We may share information about you with third parties, as described below, and as otherwise described in this policy:
Law Enforcement and Emergency Response
We may disclose specific information about visitors to our Services if we have a good-faith belief that it's necessary or authorized under the law or to protect our customers, the public, or our business.
Sale or Merge
In the event we sell or transfer all or a portion of our business assets (including in the event of a reorganization, dissolution or liquidation), including a brand or line of business, information about you may be one of the business assets that is transferred in connection with the transaction.
We link to third-party sites for the purpose of fulfilling mutually agreed upon and contracted agreements for services such as digital and physical gifts, promotions, offers, ticketing and mobile applications. We may also display third-party content through our Services (and vice versa) for the purpose of claiming a gift or offer.
Nothing in this policy restricts our ability to share aggregated or anonymized information that does not directly identify you.
What choices do you have over how your information is used?
You may remove yourself from the email list by following the removal instructions located at the bottom of each commercial email or by completing the unsubscribe form. If you have joined one of our Merchant Partner Join Us email lists, you may receive email from eGiftify or from the Merchant directly. If at any time you'd like to stop future delivery of eGiftify or Merchant email offers, simply follow the removal instructions located at the bottom of each email message. Opting out of any of these emails will not stop operational or transactional messages such as password-reset or account related information from the brand or line of business in question. We may occasionally provide you with the opportunity to opt in to receive email messages from third parties. If you do opt in, we'll share your e-mail address with the specific third party in question. Please review their privacy policies to see how they treat your personal information.
Mobile Text Messaging
If you've signed up for mobile text messaging offers but later decide you no longer wish to receive these offers, simply reply STOP.
Mobile Push Notifications/Alerts
With your consent, we may send push notifications or alerts to your mobile device. You can deactivate these messages at any time by changing the notification settings on your mobile device.
You may have the ability to turn location-based services on and off by adjusting the settings of your Internet browser or mobile device or, for some devices, by revoking permission for our mobile apps to access your location information.
How do we address children's privacy?
We do not knowingly collect or store any personal information about children under the age of 16 and we do not offer any of our products or services directly to children under the age of 13.
How do we secure your information on our Services?
We maintain administrative, technical and physical safeguards designed to protect the personal information we collect through our Services against accidental, unlawful destruction, loss, alteration, access, disclosure or use. While we implement the above security measures on our site, you should be aware that 100% security is not always possible
Where is personal information stored and processed?
eGiftify is a global organization. As the majority of our administrative and technical support functions are headquartered in the US we share, store and process personal information in the United States of America. Customers accessing and purchasing with our Services will be interacting with servers and services provided from within the United States of America.
Data Subject Rights
Individuals have rights concerning their Personal Data.
If you wish to exercise your rights under any applicable law, including the EU General Data Protection
Regulation (GDPR) - More details listed below, or the California Consumer Privacy Act (CCPA), such as
the right to request access to, and rectification or erasure of your Personal Data held with eGiftify, or to
restrict or object to such Personal Data's processing, or to port such Personal Data (each to the extent
available to you under the laws which apply to you) - Please contact us by email at email@example.com
Please note that once you contact us by email, we may require additional information and documents,
including certain Personal Data, in order to authenticate and validate your identity and to process your
request. Such additional data will be then retained by us for legal purposes (e.g. as proof of the identity
of the person submitting the request).
If you would like to make any requests or queries regarding Personal Data we process on behalf of our
Customer's behalf (Merchant or Third Party), please contact the Merchant or Third Party directly. For
example, if you are a User who wishes to access, correct, or delete data processed by eGiftify on behalf
of a Customer (Merchant or Third Party), please direct your request to the relevant Customer (who is the
Data Controller of such data. (See the following section "Data Controller/Processor")
We are the Controller of our Visitor's and Customer's Personal Data and certain types of User Data; we
are the Processor of any Personal Data contained in Customer Data, and of User Data processed on
behalf of our Customer.
Certain data protection laws and regulations, such as GDPR or the CCPA, typically distinguish between
two main roles for parties processing Personal Data: the "Data Controller" (or under the CCPA,
"business"), who determines the purposes and means of processing; and the "Data Processor" (or under
the CCPA, "service provider"), who processes the data on behalf of the Data Controller (or business).
Below we explain how these roles apply to our Service, to the extent that such laws and regulations
eGiftify is the "Data Controller" of its Visitor's and Customer's Personal Data, as well as User Data
consisting of contact details, as well as usage, preferences, engagement and analytic data. With respect
to such data, we assume the responsibilities of Data Controller (solely to the extent under law), as set
the role of "Data Processor".
If any of our Users upload or submit Customer Data or other content to our Service which includes
Personal Data (e.g., by submitting their own client's contact details and other personal data to our
system), such data will only be processed by eGiftify on behalf of our Customer, which is the owner of
the respective relationship, along with all other User Data processed on such Customer's behalf.
In such instances, our Customer shall be deemed the "Data Controller" of such data, and eGiftify will
process such data on the Customer's behalf, as its "Data Processor", in accordance with its reasonable
instructions, subject to our Terms, our Data Processing Agreement with such Customer (to the extent
applicable) and other commercial agreements. eGiftify's Service Providers shall act as designated Sub-
Processors in these instances. The Customer will be responsible for meeting any legal requirements
applicable to Data Controllers (such as establishing a legal basis for processing and responding to Data
Subject Rights requests concerning the data they control).
Supplemental Privacy & Cookie Notice for Visitors from the European Economic Area
European Union Regulation 2016/679 of 27 April 2016, governing the protection of natural persons with regard to the processing of personal data and on the free movement of such data ("EU GDPR"), requires us to provide additional and different information about our data processing practices to data subjects in the EEA.
We use the following web cookies and other information technologies to provide the essential features on our web and mobile sites to users in the EEA.
The following types of cookies (and cookie technology) are enabled when a web or mobile user visits this website:
Cookie / Technology Type
Enables visitor's input, choices, or selections across their website experience. Examples include maintaining a shopping cart during a visit or a form throughout a transaction.
Identifies visitors through the website after they log in.
Multimedia Player Cookies
Ensures such things as image quality, network link speed, or buffer information for video and audio playback.
Load-balancing Session Cookies
Directs website traffic to a particular datacenter for the quickest website access, and enables visitors to return to that datacenter if needed.
Visitor Customization Cookies
Stores preferences and visitor experiential histories: remembers language preference, product-page display preference, and whether certain visitor experiences should be displayed, such as email marketing signup, based on past experiences.
Social Media Plug-in Cookies
These cookies from social media platforms (like Facebook and Instagram) facilitate content sharing on those platforms.
Enables us to do things like estimate number of visitors, detect most used search-engine keywords that lead to a webpage, measure page load times, administer visitor surveys, identify navigation issues, and improve web capabilities.
We, the data processor, are Treatwallet, Inc (dba eGiftify), 20 West 64th, New York, NY, 10023 US, or via email at firstname.lastname@example.org.
As exceptions, we rely on your consent with respect to cookies and direct marketing emails per Art. 6.1(a) EU GDPR, and legitimate interests under Art. 6.1(f) EU GDPR, especially with respect to situations where we must process your personal data to comply with applicable laws (as a U.S.-based company, we are subject to U.S. laws and must comply, just like EEA-based companies have to comply with EEA laws).
Recipients or categories of recipients of your personal data are employees of our company and affiliated and non-affiliated services providers who have a need to know.
When you access our Services, you transfer your personal data to the United States of America and India for which the European Union Commission has not yet issued an unlimited adequacy decision.
We will process and keep your personal information for as long as is necessary for the purposes set out in this Policy, for our legitimate business needs, and for compliance with the law.
You have a right to request from us these EU GDPR rights concerning your personal data: access to data; rectification of data; erasure of data; restriction on processing; objection to data processing; and data portability. You can exercise these rights through a combination of actions: accessing the information in your account; exercising your opt-out options through our Services; and by email at email@example.com.
If you have provided consent for direct marketing emails or other data processing, you have the right to withdraw your consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal. As the data processor, we act on the data controller's behalf as referenced in Art. 28-37 EU GDPR
You have the right to lodge a complaint with a supervisory authority. A list of Supervisory Authorities is available here: https://edpb.europa.eu/about-edpb/board/members_en
We do not use automated decision-making, including profiling, as referred to in Article 22(1) EU GDPR, that is, in a way that produces legal effects concerning you or significantly affects you.
You can contact us with any questions, or to exercise your rights by email at firstname.lastname@example.org
With respect to personal data received or transferred pursuant to the Privacy Shield Frameworks, Treat Wallet, Inc dba eGiftify is subject to the regulatory and enforcement powers of the U.S. Federal Trade Commission.
Pursuant to the Privacy Shield Frameworks, EU and UK individuals have the right to obtain our confirmation of whether we maintain personal information relating to you in the United States. Upon request, we will provide you with access to the personal information that we hold about you. You may also correct, amend, or delete the personal information we hold about you. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data transferred to the United States under Privacy Shield, should direct their query to email@example.com. If requested to remove data, we will respond within a reasonable timeframe.
We will provide an individual opt-out choice, or opt-in for sensitive data, before we share your data with third parties other than our agents, or before we use it for a purpose other than which it was originally collected or subsequently authorized. To request to limit the use and disclosure of your personal information, please submit a written request to firstname.lastname@example.org
In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
Treat Wallet, Inc dba eGiftify accountability for personal data that it receives in the United States under the Privacy Shield and subsequently transfers to a third party is described in the Privacy Shield Principles. In particular, Treat Wallet, Inc dba eGiftify remains responsible and liable under the Privacy Shield Principles if third-party agents that it engages to process personal data on its behalf do so in a manner inconsistent with the Principles, unless Treat Wallet, Inc dba eGiftify proves that it is not responsible for the event giving rise to the damage.
In compliance with the Privacy Shield Principles, Treat Wallet, Inc dba eGiftify commits to resolve complaints about your privacy and our collection or use of your personal information transferred to the United States pursuant to Privacy Shield. European Union and United Kingdom individuals with Privacy Shield inquiries or complains should first contact Treat Wallet Inc, dba eGiftify at: email@example.com
Treat Wallet, Inc dba eGiftify has further committed to refer unresolved privacy complaints under the Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit https://bbbprograms.org/privacy-shield-complaints/ for more information and to file a complaint. This service is provided free of charge to you.
If your Privacy Shield complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See Privacy Shield Annex 1 at https://www.privacyshield.gov/article?id=ANNEX-I-introduction