GiftCardEZ Privacy Policy

GiftCardEZ operates a multi-tenant software platform that enables businesses to sell, deliver, manage, and redeem merchant-issued, closed-loop digital gift cards. This Privacy Policy explains how we collect, use, disclose, retain, and protect information when you use our website, checkout flows, dashboard, redemption tools, APIs, and related services.

This Policy applies to Merchant account users, invited team members, gift card purchasers, gift card recipients, and other visitors who interact with GiftCardEZ. A Merchant may also have its own privacy policy that applies to its customers and business operations.

We collect information you provide directly, including name, email address, phone number, login information, business name, business contact details, branding assets, account settings, support messages, and other information submitted through the Service.

We collect gift card and order information, including purchaser and recipient names, email addresses, delivery preferences, gift messages, order amounts, gift card balances, redemption records, refund or adjustment activity, and related transaction history.

We collect technical and usage information, including IP address, browser type, device information, pages visited, timestamps, authentication events, error logs, security events, and other diagnostic information needed to operate and protect the Service.

Payment processing is handled by third-party payment processors, including Stripe and Stripe Connect. Card details, bank account information, identity verification information, and payout details may be collected and processed directly by Stripe under Stripe's terms and privacy policy.

Stripe may collect and process payment, identity, payout, and fraud-prevention information directly under Stripe's own terms and privacy policy.

GiftCardEZ receives limited payment-related information needed to operate the Service, such as transaction identifiers, payment status, amount, currency, fees, refunds, disputes, payout status, and connected account references. We do not store full card numbers or CVV codes.

We use information to provide and maintain the Service, create and secure accounts, process gift card orders, deliver transactional emails, support redemption workflows, record balances and adjustments, provide reporting, process billing, communicate with users, respond to support requests, and improve platform reliability.

We also use information to prevent fraud, enforce our Terms, troubleshoot technical issues, comply with legal obligations, protect the rights and safety of GiftCardEZ, Merchants, customers, payment processors, and others, and support audits or investigations when necessary.

We use email service providers, including Resend or similar vendors, to send transactional and account-related emails. These may include gift card delivery emails, purchaser receipts, account invitations, password and security messages, billing notices, support responses, and service updates.

Transactional emails may include Merchant branding, recipient information, gift card details, redemption links, order details, and other information needed to deliver the Service. We do not sell email content to third parties.

Our application and database infrastructure may be hosted by providers such as Supabase, Vercel, and other operational vendors. Account data, tenant settings, order records, gift card records, redemption history, and related configuration data may be stored in secure, access-controlled systems.

GiftCardEZ is designed as a multi-tenant platform. We use access controls and application logic intended to keep each Merchant's account data separated from other Merchants' account data.

We use cookies and similar technologies that are necessary for authentication, session management, security, preferences, and core platform functionality. These technologies help keep users signed in, protect accounts, and operate checkout and dashboard workflows.

We do not currently operate a third-party advertising network that tracks users across unrelated websites. If our analytics or advertising practices materially change, we will update this Policy and provide any notice or consent required by law.

We share information with service providers that help us operate the platform, including payment processors, hosting providers, database providers, email providers, security providers, analytics or diagnostics tools, customer support tools, and professional advisors. These providers are authorized to use information only as needed to provide services to us or comply with law.

GiftCardEZ does not sell personal information to third parties.

We may share information with Merchants when needed to fulfill gift card orders, support redemption, provide reporting, resolve customer issues, investigate disputes, or operate the Merchant's account. For example, a Merchant may access purchaser, recipient, gift card, order, and redemption information related to its own account.

We may disclose information if required by law, subpoena, court order, payment processor request, regulatory process, fraud investigation, security incident, business transfer, or to protect the rights, property, or safety of GiftCardEZ, users, Merchants, customers, or others.

We retain information for as long as needed to provide the Service, maintain accurate gift card and redemption records, operate accounts, resolve disputes, prevent fraud, enforce agreements, comply with legal and tax obligations, and support business operations.

After account closure, we may retain certain records for a reasonable period when needed for legal, tax, accounting, security, fraud prevention, backup, audit, or operational reasons. Gift card, order, and redemption records may need to be retained to support customer balances, refunds, disputes, and compliance.

We use reasonable administrative, technical, and organizational safeguards designed to protect information in transit and at rest, including access controls, encryption where appropriate, authentication controls, and operational monitoring.

No system is completely secure. You are responsible for safeguarding your account credentials, devices, email accounts, payment processor accounts, and team member permissions. Please contact us promptly if you believe your account or information has been compromised.

Depending on your location, you may have rights to request access, correction, deletion, portability, restriction, or objection to certain processing of your personal information. You may also have the right to appeal a privacy decision or lodge a complaint with a regulator.

To exercise privacy rights, contact us using the information below. We may need to verify your identity and account relationship before responding. Merchants can update certain business and account information directly from their dashboard.

If you are a customer of a Merchant and your request relates to a gift card, order, service appointment, refund, redemption, or Merchant business policy, we may direct you to the Merchant because the Merchant controls many customer-facing decisions and obligations.

GiftCardEZ may assist Merchants with privacy, order, or support requests when appropriate, but Merchants remain responsible for their own customer relationships, business policies, and legal obligations.

The Service is not intended for children under 13, and we do not knowingly collect personal information from children under 13. If you believe a child has provided personal information to GiftCardEZ, please contact us so we can review and take appropriate action.

GiftCardEZ is operated from the United States. If you access the Service from outside the United States, your information may be processed and stored in the United States or other locations where our service providers operate. Those locations may have data protection laws different from those in your jurisdiction.

We may update this Privacy Policy from time to time. Updates are effective when posted unless a later date is stated. If changes are material, we may provide additional notice through the Service, by email, or by other reasonable means.