Privacy policy

Privacy Policy

This Privacy Policy explains how Givvie, Inc. ("Givvie", "we", "us", or "our") collects, uses, shares, and protects your personal data when you use our website, mobile application, and related services (the "Service")

Givvie is a gifting platform that enables users to send digital vouchers to curated local venues. We are committed to handling your personal data carefully, transparently, and in accordance with applicable data protection laws, including the General Data Protection Regulation (GDPR).

By using the Service, you agree to the collection and use of information in accordance with this Privacy Policy.

1. Data Controller

Givvie, Inc. is the data controller responsible for your personal data. If you have any questions about this Privacy Policy or how we process your data, you can contact us at: support@givvie.ai

2. Information We Collect

We collect personal data that you provide directly, as well as data collected automatically when you use the Service.

a. Information You Provide to Us

This may include:

Full name
Email address
Account details (e.g., login credentials)
Payment information (processed securely via our payment provider)
Gift messages and recipient details
Customer support communications

Payment information is processed securely by Stripe. We do not store full payment card details on our servers.

b. Information Collected Automatically

When you use the Service, we may automatically collect:

IP address
Device type, browser type, and operating system
App version
Usage data (pages viewed, features used, time spent)
Date and time of access
Approximate location (based on IP or device settings)

c. Location Data

If you enable location services, we may collect location data to show nearby partner venues. You can disable location access at any time in your device settings.

3. How We Use Your Data

We process personal data for the following purposes:

To create and manage your account
To process and deliver gifts
To facilitate voucher redemption at partner venues
To process payments
To provide customer support
To improve and optimize the Service
To comply with legal obligations
To prevent fraud and ensure security

4. Legal Basis for Processing (GDPR)

If you are located in the European Economic Area (EEA), we rely on the following legal bases:

Contractual necessity – to provide the Service you request
Legal obligation – to comply with applicable laws
Legitimate interests – to improve our Service, prevent fraud, and ensure security
Consent – where required (e.g., marketing communications or certain cookies)

You may withdraw your consent at any time where processing is based on consent.

5. Sharing of Personal Data

We do not sell your personal data.

We may share your personal data only where necessary to provide the Service, including:

With partner venues when you redeem a gift (e.g., name or QR code for validation)
With payment processors such as Stripe
With analytics providers such as Google Analytics
With service providers who support hosting, infrastructure, customer support, or technical operations
Where required by law or legal process

All third-party service providers are required to process personal data in accordance with applicable data protection laws.

6. International Data Transfers

If personal data is transferred outside the European Economic Area, we ensure appropriate safeguards are in place, such as:

Standard Contractual Clauses approved by the European Commission
Transfers to countries with an adequacy decision

7. Cookies and Similar Technologies

We use cookies and similar technologies to:

Enable essential website functionality
Analyze usage and improve performance
Remember preferences
Support marketing efforts (where consent is given)

You can manage cookie preferences via your browser settings or our cookie consent tool. Please note that disabling certain cookies may affect the functionality of the Service.

8. Data Retention

We retain personal data only as long as necessary to:

Provide the Service
Comply with legal obligations
Resolve disputes
Enforce agreements

When personal data is no longer required, it is securely deleted or anonymized.

9. Data Security

We implement appropriate technical and organizational measures to protect your personal data, including:

Encryption
Secure servers
Access controls
Monitoring for vulnerabilities

However, no method of transmission over the Internet or electronic storage is completely secure.

10. Your Rights

If you are located in the EEA or where applicable law grants you rights, you may have the right to:

Access your personal data
Correct inaccurate or incomplete data
Request deletion of your personal data
Restrict processing
Object to processing
Withdraw consent (where processing is based on consent)
Request data portability
Lodge a complaint with your local data protection authority

To exercise any of these rights, please contact: support@givvie.ai

We may request verification of your identity before fulfilling your request.

11. Third-Party Links

The Service may contain links to third-party websites or partner venues. We are not responsible for the privacy practices or content of those third-party sites. We encourage you to review their privacy policies.

12. Children’s Privacy

Givvie is not intended for individuals under the age of 16. We do not knowingly collect personal data from children. If we become aware that we have collected data from a child without appropriate consent, we will take steps to delete it.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time.

If we make material changes, we will notify you via email (if provided) or through a prominent notice within the Service. The “Last updated” date at the top reflects the most recent version.

Contact information:

If you would like to contact us to understand more about this Policy or wish to contact us concerning any matter relating to individual rights and your Personal Information, you may send an email to sammie@givvie.ai.