BitgiftsBack to Home

PRIVACY POLICY

Effective Date: July 8, 2025

Last Updated: July 11, 2025

1. Introduction

Bitgifts ("we," "our," or "us") operates the Bitgifts platform at Bitgifts.co, which provides Bitcoin gift card services. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform.

2. Information We Collect

2.1 Personal Information You Provide

For Gift Purchasers:

  • Name and email address
  • Payment information (processed securely through Stripe)
  • Gift recipient's name and email address
  • Optional personal messages for gift recipients

For Gift Recipients:

  • Name and email address (when redeeming)
  • Bitcoin wallet addresses or Lightning Network information (when transferring funds)

For Partners:

  • Business information and contact details
  • Account management preferences
  • Transaction history and balance information

2.2 Automatically Collected Information

  • Device information and browser type
  • IP addresses and location data
  • Platform usage analytics and session data
  • Email delivery tracking (open rates, click-through rates)
  • Transaction logs and BitGift status tracking

2.3 Third-Party Information

  • Real-time Bitcoin pricing data from Coinranking API
  • Payment processing data from Stripe
  • Email delivery data from SendGrid

3. How We Use Your Information

3.1 Core Platform Services

  • Creating, managing, and tracking BitGift vouchers
  • Processing payments and facilitating Bitcoin transfers
  • Sending purchase confirmations and gift delivery notifications
  • Providing customer support and platform communications

3.2 Security and Compliance

  • Preventing fraud and unauthorized transactions
  • Complying with legal obligations and regulatory requirements
  • Implementing security measures and rate limiting
  • Maintaining audit trails for financial transactions

3.3 Platform Improvement

  • Analyzing usage patterns to improve our services
  • Developing new features and functionality
  • Monitoring system performance and reliability

4. Information Sharing and Disclosure

4.1 Service Providers

We share information with trusted third-party service providers who assist in operating our platform:

  • Stripe: Payment processing and PCI-compliant transaction handling
  • SendGrid: Email delivery and notification services
  • Lightspark: Bitcoin Lightning Network transfer services
  • Supabase: Database hosting and authentication services
  • Vercel: Platform hosting and content delivery

4.2 Legal Requirements

We may disclose your information when required by law, regulation, or legal process, or to protect our rights, property, or safety, or that of our users or others.

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.

5. Data Security

5.1 Technical Safeguards

  • End-to-end encryption for sensitive data transmission
  • Secure database storage with Row Level Security (RLS) policies
  • PCI-compliant payment processing through Stripe
  • Multi-factor authentication for administrative access
  • Regular security audits and vulnerability assessments

5.2 Access Controls

  • Role-based access control limiting data access to authorized personnel
  • Subdomain isolation for production security boundaries
  • API rate limiting and input validation to prevent abuse
  • Automated session management and timeout policies

6. Data Retention

6.1 Transaction Records

We retain transaction data, including BitGift purchase and redemption records, for a minimum of 7 years to comply with financial record-keeping requirements.

6.2 Personal Information

  • Account information is retained while your account is active
  • Email addresses are retained for BitGift delivery and support purposes
  • Marketing communications data is retained until you opt out
  • Unused BitGift vouchers are retained indefinitely until redeemed

6.3 Deletion Requests

You may request deletion of your personal information, subject to our legal obligations to retain certain financial and transaction records.

7. Your Rights and Choices

7.1 Data Access and Portability

You have the right to request access to your personal information and receive a copy of your data in a portable format.

7.2 Correction and Updates

You may update or correct your personal information by contacting our support team or accessing your account settings.

7.3 Email Communications

You can opt out of marketing emails by using the unsubscribe link in our communications. Transactional emails (purchase confirmations, gift deliveries) cannot be opted out of while using our services.

7.4 Account Deletion

You may request deletion of your account and associated personal information, subject to our data retention requirements.

8. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place to protect your information in accordance with applicable privacy laws.

9. Children's Privacy

Our platform is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children under 18. If we become aware that we have collected personal information from a child under 18, we will take steps to delete such information promptly.

10. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act:

  • Right to Know: Request information about the categories and specific pieces of personal information we collect
  • Right to Delete: Request deletion of your personal information
  • Right to Opt-Out: Opt out of the sale of personal information (we do not sell personal information)
  • Right to Non-Discrimination: Equal service and pricing regardless of exercising privacy rights

11. European Privacy Rights (GDPR)

If you are located in the European Economic Area, you have additional rights under the General Data Protection Regulation:

  • Lawful Basis: We process your information based on contract performance, legitimate interests, or consent
  • Data Protection Officer: Contact our DPO for privacy-related inquiries
  • Supervisory Authority: You may lodge complaints with your local data protection authority

12. Cookies and Tracking Technologies

We use essential cookies for platform functionality, including:

  • Session management and authentication
  • Shopping cart persistence during the BitGift creation process
  • Security and fraud prevention
  • Performance monitoring and error tracking

We do not use advertising cookies or third-party tracking for marketing purposes.

13. Updates to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices or for legal reasons. We will notify you of significant changes by posting the updated policy on our platform and updating the "Last Updated" date.

14. Contact Information

For questions about this Privacy Policy or our privacy practices, please contact us:

Email: privacy@bitgifts.co

15. Dispute Resolution

Any disputes relating to this Privacy Policy will be resolved in accordance with the dispute resolution procedures outlined in our Terms of Use.