GiftBow
Privacy Policy
  1. Introduction
Our Privacy Policy explains how we collect, use and protect your personal information when providing giftbow.online (hereinafter referred to as “GiftBow”) services. For the purposes of this Privacy Policy, the pronouns “we” and “our” refer to GiftBow, and “you” and “your” refer to you as a consumer of the Services.
1.1. Privacy Principles GiftBow adheres to two fundamental principles when it comes to collecting and processing personal data: we promise not to use your correspondence data for advertising purposes; we only store the data that is necessary for GiftBow to function correctly as a reliable and multifunctional service. Our services are not intended for persons under 5 years of age. We do not knowingly collect personal identifiable information from children under 5 years of age. In the event that we discover that a child under 5 has provided us with personal information, we will immediately delete it from our servers. If you are a parent or guardian and you are aware that your child has provided us with personal information, please contact us so that we can take the necessary actions.
1.2. User Agreement This Privacy Policy forms an integral part of our GiftBow User Agreement, which sets out the terms of use of our Services. Therefore, this Privacy Policy should be read in conjunction with the User Agreement, available at https://giftbow.online/agreement
1.3. Contents
This Privacy Policy sets out:
  • on what legal grounds we process personal data;
  • which of your personal data we may collect;
  • how we ensure the security of personal data;
  • for what purposes we may use personal data;
  • to whom personal data may be transferred;
  • what rights you have in relation to your personal data.
  1. Legal grounds for processing personal data
The basis for processing your personal data is its necessity for the implementation of our legitimate interests (including the provision of effective and up-to-date Services to users and the detection, suppression and other measures to prevent fraud or security threats in connection with the provision of Services by us), except in cases where your interests or fundamental rights and freedoms that require the protection of personal data prevail over our interests.
  1. Types of personal data we use
3.1 Basic Account Information
As a gift ordering service, GiftBow asks for your phone number and basic information when you register (such as your first name, last name, and phone number). The name you provide is available to your GiftBow friends to make it easier for your contacts and others to recognize and contact you. The display name does not have to be your real name. Please note that the user who added you to their contacts will not see you under the name you provide, but under the name they have saved for your number in their contacts. For example, your father may indicate the name "Alexander S.", but you will see him as "Dad" and your subordinates will see him as "Boss" (or any other name, depending on how the other person saves it in their contacts).
3.2 Email Address
You can provide an email address for password recovery. This address is used exclusively for sending a code as part of the forgotten password recovery process. We do not send annoying mailings like "You haven't visited us for a long time" or send advertising emails.
3.3. Phone number and contact list
In GiftBow, phone numbers act as unique identifiers. Using phone numbers and contact lists, you can easily find friends or colleagues who are also on GiftBow, or you can send GiftBow invitations to contacts in your phone's contact list. We ask for permission before synchronizing your contacts. We store up-to-date data about your contacts to notify you when one of them registers on GiftBow. To do this, we only need the number, first name, and last name; we do not store any other data about your contacts.
3.4. Location data
Your location data is used only for the purpose of providing high-quality and fast services. In the application, location is used only to determine the nearest delivery points for the gifts you ordered and to suggest a delivery location if a courier service is selected.
3.5. Cookies
We only use cookies that are necessary for us to operate and provide the Services online. Our use of cookies is limited to the bare minimum to ensure the operation of the service and to improve your user experience without creating advertising profiles. The cookies we use are small text files that allow us to provide and personalize the Services, thereby improving your user experience. Internet browsers usually allow you to manage cookie settings, including the ability to accept or reject their use, and to delete them. You can block cookies in your browser.
  1. Personal data security
4.1. Data Storage
Your data is stored in data centers. These data centers are owned by third parties, and GiftBow rents dedicated space in them. However, the servers and networks located in such data centers that contain your personal data are the property of GiftBow. We do not transfer your personal data to data centers. We guarantee the security of your data using strong encryption, preventing access to it by both our staff and unauthorized persons.
4.2. Data Retention Period Unless otherwise specified in this Privacy Policy, we store your data only for as long as necessary to provide our services, in accordance with our obligations
  1. Personal data processing
We process your data to provide you with access to our services, on any devices of your choice, without the need to resort to third-party backup services or cloud storage services.
  1. Third-party payment services
6.1. Payment details
Users have the option to pay for gifts and delivery. GiftBow does not process payments made by users: this function is performed by various payment systems around the world. These payment systems themselves process and store your bank card details. GiftBow does not have access to this data. Although we use the services of payment systems, they are completely independent from GiftBow. We recommend that you familiarize yourself with the privacy policies of such payment systems before transferring your data to them.
6.2. Bank card details
When making a purchase, you enter your bank card details in the interface of the payment system that processes the payment. Your bank card details are never sent to GiftBow servers, we do not have access to them and we do not store them. If you save your bank card details, they will be located on the servers of the corresponding payment system.
6.3 Delivery information
When you place an order and enter the information required for delivery, we send it directly to the online store where the product is located for purchase.
6.4. Deleting payment data
We only store information about gifts ordered and paid for by you, but we do not store information about the payment method (see 7.1 and 7.2). You can delete information about sold (delivered) gifts in your personal account in the application.
6.5. Disputing payments
GiftBow does not store bank card details, but it does store information about purchases made, so we can only consider claims regarding the quality of the order and delivery. All disputes regarding the execution of payments are the responsibility of the payment systems and banks involved in the transaction.
7.Persons to whom your personal data may be shared with
7.1. Other GiftBow Users
Other GiftBow users are users with whom you voluntarily share information as desired. Please note that by accepting the User Agreement and sharing data with other GiftBow users, you authorize us to transfer your personal data to such users on your behalf in accordance with this Privacy Policy. We take all appropriate technical and organizational measures (including encryption of personal data) to ensure a level of data security that will correspond to the possible risks.
7.2. Other Companies
Other companies are third-party companies that are involved in the process of providing the Service. We may share your data to:
  • facilitate our service;
  • to provide the Service on our behalf;
  • to perform services related to the Service;
  • to help us analyze how our service is used.
We want to inform users of our service that these third parties have access to your personal information. The reason is the performance of the tasks assigned to them on our behalf. However, they are obliged not to disclose or use the information for any other purposes.
  1. Your rights in relation to the personal data provided
8.1. Your rights
Under applicable data protection laws, in certain circumstances you have rights in relation to your personal data.
You have the right to:
(1) request a copy of all your personal data stored by GiftBow;
(2) delete (see point 9 below) or change your personal data;
(3) restrict or object to the processing of your personal data;
(4) correct any inaccurate or incomplete personal data stored by GiftBow; and
(5) lodge a complaint with a national data protection authority regarding our processing of your personal data.
8.2. Your Rights in action
If you wish to exercise any of these rights, you can contact us via the “Help” section.
8.3. Data Management
If you are not willing to provide GiftBow with the minimum data required to operate the application, unfortunately we will not be able to provide you with the Services. In this case, you can delete your account in the application in the “My Data” section.
  1. Deleting personal data
You can delete your GiftBow account in the app in the “My details” section. When you delete your account, all your wishes, information about orders and your friends will be deleted. After this, it will be impossible to restore the account.
  1. Changes to the Privacy Policy
We may update our Privacy Policy from time to time to reflect changes in our operations or legal requirements. Any changes to this Privacy Policy will be effective when a new version is posted on this page at https://giftbow.online/politica. Please check this page from time to time to stay informed of any changes to the text of the Privacy Policy.
User data storage policy
  1. General terms
1.1. This User Data Storage Policy (hereinafter referred to as the Policy) has been developed in accordance with Federal Law No. 152-FZ "On Personal Data" (hereinafter referred to as the Law) and defines the procedure for storing, processing and protecting personal data provided by users.
1.2. The purpose of the Policy is to ensure the protection of the rights and freedoms of personal data subjects during their processing, including the protection of the rights to privacy, personal and family secrets.
  1. Data storage principles
2.1. Personal data is processed and stored on a lawful and fair basis.
2.2. Data is stored strictly in accordance with the purposes for which it was collected.
2.3. Personal data is stored only for the period necessary to achieve the processing purposes, unless otherwise provided by Russian legislation.
2.4. The confidentiality and security of personal data is ensured using organizational and technical measures.
  1. Data retention periods
3.1. Personal data shall be stored for the period necessary to fulfill the obligations to users established by the user agreement.
3.2. After achieving the processing objectives or upon expiration of the established storage periods, the data shall be depersonalized, unless otherwise provided by law.
3.3. In the event of withdrawal of consent to the processing of personal data, the data shall be depersonalized within 30 calendar days from the date of receipt of the corresponding request from the data subject.
  1. Data protection measures
4.1. The following measures are applied to protect personal data from unauthorized access, loss, modification or distribution:
  • use of the https protocol when transmitting data over the Internet;
  • control of access to information systems and user data;
  • regular updating of software and anti-virus protection;
  • conducting internal audits and checks of compliance with the Policy.
4.2. Access to personal data is limited to authorized employees who have undergone appropriate training and signed a non-disclosure agreement.
  1. Personal data subjects rights
5.1. The user has the right to:
  • receive information about the purposes, terms and methods of processing their data;
  • demand correction, updating or deletion of their data;
  • revoke consent to the processing of personal data (leads to deletion of the user account).
5.2. User requests are processed within 30 calendar days from the date of their receipt.
  1. Stored Personal Data of Users
  • Name
  • Last name
  • Phone number
  • Email
List of changes:
  • April 08, 2024 Privacy Policy updated to meet AppStore and Google Play platform requirements
  • March 10, 2025 User Data Storage Policy added