Privacy Policy

The top standard to protect your private data

Giftpack cares about your privacy. We value transparency and commit to being open about our privacy practices, including how we treat any personal information you may consent to share with us. You are not required to share personal information with us in order to access our website, but if you choose to avail yourself of the services on our Platform, we will inform you of the nature of the information you need to provide. In either event, any information you provide us will be protected in accordance it the regulations and statutes that govern such information.

Personal information is information that you share with us about yourself, telephone number, email address, etc. which we use to identify you or a gift recipient.

This privacy policy explains the privacy practices for the website (the “Site”) and the personalized gift platform (the “Platform”). This policy applies solely to information collected on the Site or through your use of the Platform and is organized around the topics set out below. Effective Date: 2020.06.27



The purpose of this policy is to inform you of how and when we use the information you provide to us on the Site or through your use of the Platform. This notice applies to our collection of information from users of the Site or our Platform.


Policy Effective Date

This policy is effective as of the Effective Date listed above and may change from time to time. Revisions to this policy will be updated by posting on the Site and/or by notification sent to you by email.


Information Collection, Sharing, and Use

We obtain certain personal information from you with your consent and in order to provide you with and communicate with you or a gift recipient about the services offered on our Platform. This collection may occur through the Site, our Platform, telephone discussions, email and other forms of communication.

We will obtain your express consent in order that we may collect your personal information and will provide details of the purpose of collection, what details are required and how your personal information may be collected by us. We may choose to retain your personal information to the full extent of any period as provided by law and statute. We may also choose to delete your information from our databases after a required number of years and/or if the intended purposes for which we have collated your information is completed or no longer relevant. In certain circumstances, we may retain your personal information where there is a legal obligation to which we are subject and where retention is necessary to protect your vital interests or the vital interests of another natural person.

Much of the personal information we collect is so that you can place orders, make purchases, complete transactions, interact with us, or have access to certain features of the Platform or the Site, we may ask you to register or provide certain personal information. This information may include but is not limited to, your name, contact information, email address, age or date of birth, payment information, or a username and password.

We do not share personal information with any third party outside of our organization, other than as necessary to fulfill a specific request, e.g., to process an order. We may use your information to contact you via email in the future to tell you about specials, new products or services, or changes to this policy. If you prefer not to be contacted for marketing purposes, we will respect your wishes and not include you on our list.

Giftpack may use personal information in order to facilitate your use of the Platform, including receiving, processing, fulfilling and delivering your purchases. We may use personal information to identify you when you log in to our Platform, to provide a better experience through the Platform, or to personalize your experience across the Platform. We may also use personal information as we believe to be necessary or appropriate to protect our rights, privacy, safety or property, and to allow us to pursue available remedies or limit the damages that we may sustain.

You can learn more security practices at Giftpack Security.


Access to Personal Information

You may at any point retract your consent for us to possess your personal information, by which we will immediately take steps to delete your information from our database.

You may request from us to alter or delete your personal information from our records at any point, however, you are informed that any retraction of consent/deletion and/or alteration of required information may affect our ability to accurately and timely process the information for our requirement.

You will only have access to your personal information and we will require some form of authentication in order to verify that the information you are attempting to access belongs to you. You will not be granted access to information that you are unable to verify as belonging to you.


Where is Personal Information stored and processed?

By using the Platform, you acknowledge that your personal information may be stored or processed in the United States or another country in which we maintain a facility or engage a third-party servicer (e.g. Google Cloud Platform in Tokyo for disaster recovery purposes). This means that we may transfer information we collect about you including personal information to entities across borders to another country or jurisdiction. If you are located within the European Union or other jurisdictions with laws governing data storage or processing that are different from United States laws, please be aware that we may transfer information to a country that does not have the same laws. By using the Platform, you expressly consent to: (a) the transfer of information to the U.S. or any other country in which we or our respective service providers maintain facilities; and (b) the use and disclosure of information about you as described in this Privacy Policy.


What Non-Personal Information do we Collect?

We may collect non-personal information from you including, but not limited to, demographic data, location data, browser type, your Internet Service Provider or operating system, the URL of previous sites you visited, and your IP address. Unless otherwise required by applicable law, we may use and share this information, which does not personally identify you, for any purpose, including sharing with our partners, affiliates, agents or service providers for various administrative, analytical and marketing purposes.

We may use your IP address to help diagnose problems with our server, to detect fraud, and to administer the Platform. We may also use your IP address to assist in attempting to identify you when we feel it is necessary to enforce compliance with this Privacy Policy or the Terms of Use, to protect the Platform, systems, information, employees, business partners, service providers, users, customers or others or as may be required by law enforcement.

Giftpack ensures all our data processing practices follow SoC2 and GDPR standard based on our Enterprise Security Implementation.


How do we Use Cookies and Similar Technologies?

Read Giftpack's cookie policy at



In order to use the Site, a user must first complete the registration form. During registration, you will be required to give certain information (such as name and email address). This information is used to contact you about any orders you place on the Site or in relation to services we offer in which you have expressed an interest. It is your responsibility to ensure that this information is accurate and complete. Should this information change, you should inform us of the change.

At Giftpack, safeguarding the integrity of our business and ensuring the protection of our valued customers' rights are of paramount importance. Therefore, we are committed to conducting a Know Your Customer (KYC) process whenever deemed necessary. This proactive measure enables us to establish the authenticity of our customers' identities, ensuring that our services are utilized for legitimate purposes. By implementing stringent KYC protocols, we not only fortify our business against potential risks but also uphold the trust and confidence that our customers place in us. This approach underscores our unwavering dedication to maintaining a secure and transparent environment for all stakeholders involved.


Order Information

When making purchases through the Platform, we require information from you on our order form. To arrange a purchase through the Platform, you must provide contact information, a credit card, billing address, and we may require additional information, such as a gift message. We will also need the information of the recipient of the gift, this may include name, email, and mailing address. The information we request is used for us to process your order and deliver the gift. If we have trouble processing an order, we will use this information to contact you.


Third Parties

We may supplement the information you provide to us with data we obtain or receive from third parties, such as our affiliates, marketing firms, data vendors or address verification services. For example, if you change your address and fail to advise us, we may verify your address through a third-party address verification company. We may combine information we collect online with information we collect offline.

We may disclose the personal information you provide us about yourself or a gift recipient to one or more selected third-parties for the purpose of providing you with the services you have requested on the Platform. We work with these vendors to make sure any information we share with them is properly protected and we only share the information necessary for the particular transaction or service.

Giftpack is meticulous in its partner selection, prioritizing those who align with our unwavering commitment to customer security and data protection. We diligently vet and collaborate with partners who adhere to the stringent standards set forth by the General Data Protection Regulation (GDPR) and the Service Organization Control 2 (SoC 2) framework. These standards serve as cornerstones for safeguarding sensitive information and upholding the privacy rights of our customers. By partnering with entities that share our dedication to maintaining the highest levels of security and compliance, we reinforce our pledge to create a safe and trustworthy environment for all our valued customers.


The Site may contain links to other websites. Please be aware that we are not responsible for the content or privacy practices of such other websites. We encourage our users to be aware when they leave our site and to read the privacy statements of any other website(s) that collects personal information.


Information of Children and Minors

Our Platform is not directed at children under the age of 18 and we do not knowingly collect personal information from anyone under 18. Indeed, in order to make a purchase through the Platform, you must be 18 and have a valid credit card or a valid business registration profile. Children should always get permission from their parents before providing any information about themselves online, to us or to anyone else. If parents believe their minor children have accessed the Platform and provided their personal information, please contact us.

Our Terms of Use require all account owners to be at least 18 years of age.


Our Security Practices

We take precautions to protect your information. When you submit personal information via the website, your information is protected both online and offline. Our website incorporates privacy controls that allow you to specify whether you would like to receive marketing communications. You can access these controls via this link The unsubscribe link will be included in every email we sent to ensure your right of communication.

Wherever we collect and store personal information, that information is encrypted and transmitted to us in a secure way. You can verify this by looking for a closed lock icon at the bottom of your web browser or looking for 'https' at the beginning of the address of the web page.

While we use encryption to protect personal information transmitted online, we also protect your information offline. Only employees who need the information to perform a specific job (for example, billing or customer service) are granted access to personal information. The computers/servers in which we store personally identifiable information are kept in a secure environment and safeguarded against unauthorized use. See more security practices here at


Your Rights

If you consider that our processing of your personal information infringes data protection laws, you have a legal right to lodge a complaint with a supervisory authority responsible for data protection. You may do so in the EU member state of your habitual residence, your place of work or the place of the alleged infringement.

If you are a citizen of the EU, to the extent that the legal basis for our processing of your personal information consent, you have the right to withdraw that consent at any time. Withdrawal will not affect the lawfulness of processing before the withdrawal. You also have the right to request we delete or erase any personal information we have collected about you under certain circumstances.

If you feel that we are not abiding by this privacy policy, wish to obtain copies of the data we have about you (as allowed by applicable law), or want use to erase information we have collected about you (as allowed by applicable law) you should contact us immediately via email -


Data Subject Rights

The European Union’s General Data Protection Regulation (GDPR) and other countries’ privacy laws provide certain rights for data subjects. Data Subject rights under GDPR include the following: Right to be informed, Right of access, Right to rectification, Right to erasure, Right to restrict processing, Right of data portability, Right to object, Rights related to automated decision making including profiling.

You may also request information about: the purpose of the processing; the categories of personal data concerned; who else outside Giftpack Inc. might have received the data from Giftpack Inc.; what the source of the information was (if you didn’t provide it directly to Giftpack Inc.); and how long it will be stored. You have a right to correct (rectify) the record of your personal data maintained by Giftpack Inc. if it is inaccurate. You may request that Giftpack Inc. erase that data or cease processing it, subject to certain exceptions. You may also request that Giftpack Inc. cease using your data for direct marketing purposes. In many countries, you have a right to lodge a complaint with the appropriate data protection authority if you have concerns about how Giftpack Inc. processes your personal data. When technically feasible, Giftpack Inc. will—at your request—provide your personal data to you. Reasonable access to your personal data will be provided at no cost. If access cannot be provided within a reasonable time frame, Giftpack Inc. will provide you with a date when the information will be provided. If for some reason access is denied, Giftpack Inc. will provide an explanation as to why access has been denied.

For questions or complaints concerning the processing of your personal data, you can email us at Alternatively, if you are located in the European Union, you can also have recourse to the European Data Protection Supervisor or with your nation’s data protection authority.

Honor Every Relationship with Personalization

Try for freeBook a Call

  • SOC2 logo
  • GDPR logo
  • CCPA logo
  • Vanta SOC2 logo
  • Vanta GDPR logo
  • Comodo Secure logo

©2024 All Rights Reserved. Giftpack Inc.®