Data Collection Responsibility on Giftaplace.com:
The website operator processes the data collected on this website. The operator's contact details are available on the website's required legal notice.
Collecting Your Data:
Some data are collected when it submitted through a contact form. Other data are collected automatically by our IT systems when you visit the website. These data are primarily technical data such as the browser and operating system you are using or when you accessed the page. These data are collected automatically as soon as you enter our website.
Using Your Data:
When you purchase something from our store, as part of the buying and selling process, we collect the personal information you give us such as your name, address, phone number, and email address.
When you browse our store, we also automatically receive your computer's internet protocol (IP) address to provide us with information that helps us learn about your browser and operating system.
Part of the data is collected to ensure the proper functioning of the website. Other data can be used to analyze how visitors use the site.
With your permission, we may send you emails or text messages about our store, new products, and other updates.
Your Rights Regarding The Data:
You always have the right to request information about your stored data, its origin, its recipients, and the purpose of its collection at no charge. You can also ask for correcting, blocking, or deleting the data. You can contact us at any time using the address given in the legal notice if you have further questions about the issue of privacy and data protection. You may also, of course, file a complaint with the competent regulatory authorities.
Data Collection on Giftaplace.com
Most of the cookies we use are so-called "session cookies," which we delete after your visit. Other cookies remain in your device's memory until you delete them. These cookies make it possible to recognize your browser when you next visit the site.
List of Cookies
Here is a list of cookies that we use. We've listed them here so you can choose if you want to opt-out of cookies or not.
- unique token
These cookies allow us to store information about your session (e.g., your shopping cart).
Server Log Files
The website provider automatically collects and stores information that your browser automatically transmits to us in "server log files." These are:
- Browser type and browser version
- Operating system used
- Referrer URL
- The hostname of the accessing computer
- Time of the server request
- IP address
There is no combining of data with data from other sources. The basis for data processing is Art. 6 (1) (b) DSGVO, which allows the processing of data to fulfill a contract or for measures preliminary to a contract.
You should send us questions via the contact form, and we collect the data entered on the form, including the contact details you provide, to answer your question and any follow-up questions. We do not share this information without your permission.
We will, therefore, process any data you enter onto the contact form only with your consent per Art. 6 (1) (a) DSGVO. You may revoke your consent at any time. An informal email making this request is sufficient. The data processed before we receive your request may still be legally processed.
We retain the data you provide on the contact form until you request its deletion, revoke your consent for its storage, or the purpose for its storage no longer pertains (e.g., after fulfilling your request). Any mandatory statutory provisions, especially those regarding mandatory data retention periods, remain unaffected by this provision.
Registration on Giftaplace.com
You can register on our website to access additional functions offered here. The input data shall only be used to use the respective site or service for which you have registered. You should provide the mandatory information requested during registration in full.
To inform you about significant changes such as those within the scope of our site or technical changes, we use the email address specified during registration
We continue to store the data collected during registration for as long as you remain registered on our website. Statutory retention periods remain unaffected.
Processing of Data (Customer and Contract Data)
We collect, process, and use personal data only insofar as it is necessary to establish or modify legal relationships with us (master data). It is done based on Art. 6 (1) (b) DSGVO, which allows the processing of data to fulfill a contract or for measures preliminary to a contract. We collect, process, and use your data when accessing our website (usage data) only to the extent required to enable you to access our service or to bill you for the same.
We delete the collected customer data after completion of the order or termination of the business relationship. Statutory retention periods remain unaffected.
Data transmitted when entering into a contract with online shops, retailers, and mail order
We transmit personally identifiable data to third parties only to the extent required to fulfill the terms of your contract, for example, to companies entrusted to deliver goods to your location or banks entrusted to process your payments. Your data won't be transmitted for any other purpose unless you have given your express permission to do so. Your data won't be disclosed to third parties for advertising purposes without your express consent.
The basis for data processing is Art. 6 (1) (b) DSGVO, which allows the processing of data to fulfill a contract or for measures preliminary to a contract.
General and Mandatory Information
Please note that data transmitted via the Internet (e.g., via e-mail communication) may be subject to security breaches. Complete protection of your data from third-party access is not possible.
Notice concerning the party responsible for this website
The party responsible for processing data on this website is:
<Add full address here>
The responsible party is the natural or legal person who alone or jointly with others determines the purposes and means of personal processing data (names, email addresses).
When you provide us with personal information to complete a transaction, verify your credit card, place an order, arrange for a delivery return a purchase, or use our profile photo generator, we imply that you consent to our collecting it and using it for that specific reason only.
If we ask for your personal information for a secondary reason, like marketing, we will either ask you directly for your expressed consent or provide you with an opportunity to say no.
Revocation of Your Consent to the Processing of Your Data
Many data processing operations are only possible with your express consent. You may revoke your consent at any time with future effect. An informal email making this request is sufficient. The data processed before we receive your request may still be legally processed.
Consent Withdrawal Process
If after you opt-in, you change your mind, you may withdraw your consent for us to contact you, for the continued collection, use or disclosure of your information, at any time, by contacting us at email@example.com or mailing us at the mailing address.
We may disclose your personal information if we are required by law to do so or if you violate our Terms of Service.
Age of Consent
By using this site, you represent that you are at least the age of majority in your state or province of residence, or that you are the age of majority in your state or province of residence and you have given us your consent to allow any of your minor dependents to use this site.
Right to File Complaints with Regulatory Authorities
If there has been a breach of data protection legislation, the person affected may file a complaint with the competent regulatory authorities. The competent regulatory authority for matters related to data protection legislation is the data protection officer of the American state. A list of data protection officers and their contact details are at the following link:
Right to Data Portability
You have the right to have data that we process based on your consent or in fulfillment of a contract automatically delivered to yourself or a third party in a standard, machine-readable format. If you require the direct transfer of data to another responsible party, this can only be done to the extent technically feasible.
Information, Blocking, Deletion
You have the right to request any data stored by you, its origin, the recipient, and the purpose of its proceeding. We shall provide you the data free of charge as permitted by law. You also have the right to have this data corrected, blocked, or deleted. You can contact us at any time using the address given in our legal notice if you have further questions on the topic of personal data.
Opposition to Promotional Emails
We expressly prohibit the use of contact data published in the context of website legal notice requirements about sending promotional and informational materials not expressly requested. The website operator reserves the right to take specific legal action if unsolicited advertising material, such as email spam, is received.
In general, the third-party providers used by us will only collect, use, and disclose your information to the extent necessary to allow them to perform the services they provide to us.
However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their privacy policies concerning the information we are required to provide to them for your purchase-related transactions.
You can read their privacy policies to understand how these providers can handle your personal information. In particular, remember that certain providers may be located in or have facilities in a different jurisdiction than either you or us.
Your information may become subject to the laws of the jurisdiction(s) in the location of the service provider or its facilities if you elect to proceed with a transaction that involves the services of a third-party service provider.
As an example, your personal information used in completing that transaction may be subject to disclosure under United States legislation, including the Patriot Act if a United States payment gateway processes the transaction even if you make the payment from Canada.
When you click on the links on our store, they may direct you away from our site. We are not responsible for the privacy practices of other sites and encourage you to read their privacy statements.
Facebook-Plugins (Like & Share Buttons)
Our website includes plugins for the social network Facebook, Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA.
The Facebook logo or the Like button on our site can recognize Facebook Plugins. For an overview of Facebook plugins, see https://developers.facebook.com/docs/plugins/.
The plugin can establish a direct connection between your browser and Facebook when you visit our site. It enables Facebook to receive information that you have visited our site from your IP address. If you click on the like button on Facebook while you logged in, you can link the content of our site to your Facebook profile. It allows Facebook to associate visits to our site with your user account.
If you do not want Facebook to associate your visit to our site with your Facebook account, please log out of your Facebook account.
Analytics and Advertising
This website uses Google Analytics, a web analytics service, operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
Google Analytics uses so-called "cookies." These are text files stored on your computer that allow an analysis of the use of the website by you. The information generated through cookies is transmitted to a Google server in the USA and stored there.
Google Analytics cookies are stored based on Art. 6 (1) (f) DSGVO. The website operator has a legitimate interest in analyzing user behavior to optimize both its website and its advertising.
We have activated the IP anonymization feature on this website. Google shorten your IP address within the European Union or other parties to the agreement on the European Economic Area before transmission to the United States. Only in exceptional cases is the full IP address sent to a Google server in the US and shortened there. Google can use this information on behalf of the operator of this website to evaluate your use of the website, compiling reports on website activity, and to provide other services regarding website activity and Internet usage for the website operator. The IP address transmitted by your browser as part of Google Analytics does not merge with any other data held by Google.
You can prevent these cookies from being stored by selecting the appropriate settings in your browser. However, we wish to point out that doing so may mean you won't be able to enjoy the full functionality of this website. You can also prevent the data generated by cookies about your use of the website (incl. your IP address) from being passed to Google, and the processing of these data by Google, by downloading and installing the browser plugin by clicking here.
Objecting to the Collection of Data
You can prevent the collection of your data by Google Analytics by clicking on the following link. An opt-out cookie can be set to prevent your data from being collected on future visits to this site: Disable Google Analytics.
Outsourced Data Processing
We have entered into an agreement with Google for the outsourcing of our data processing and fully implement the strict requirements of the German data protection authorities when using Google Analytics.
Demographic Data Collection by Google Analytics
This website uses Google Analytics' demographic features. It allows the generation of reports containing statements about the age, gender, and interests of site visitors. This data comes from interest-based advertising from Google and third-party visitor data. You can disable the feature to attribute collected data to any specific person at any time by adjusting the ad settings in your Google account, or you can forbid the collection of your data by Google Analytics as described in the section "Refusal of data collection."
Google Analytics Remarketing
Our websites use the features of Google Analytics Remarketing combined with the cross-device capabilities of Google AdWords, and DoubleClick offered by Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA.
This feature makes it possible to link target audiences for promotional marketing created with Google Analytics Remarketing to the cross-device capabilities of Google AdWords and Google DoubleClick. It allows advertising to be displayed based on your interests, identified based on your previous usage and surfing behavior on one device (e.g., your mobile phone), on the other devices (such as a tablet or computer).
Once you have given your consent, Google associates your web and app browsing history with your Google Account for this purpose. That way, any device that signs into your Google Account can use the same personalized promotional messaging.
To support this feature, Google Analytics collects Google-authenticated IDs of users that are temporarily linked to our Google Analytics data to define and create audiences for cross-device ad promotion.
You can permanently opt out of cross-device remarketing/targeting by turning off personalized advertising in your Google Account by following this link.
The aggregation of the data collected in your Google Account data is based solely on your consent, which you may give or withdraw from Google per Art. 6 (1) (a) DSGVO. For data collection operations not merged into your Google Account (for example, because you do not have a Google Account or have objected to the merge), the collection of data is based on Art. 6 (1) (f) DSGVO. The website operator has a legitimate interest in analyzing anonymous user behavior for promotional purposes.
Google AdWords and Google Conversion Tracking
This website uses Google AdWords. AdWords is an online advertising program from Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, United States ("Google").
As part of Google AdWords, we use so-called conversion tracking. It sets a conversion tracking cookie when you click on an ad served by Google. Cookies are small text files that your internet browser stores on your computer. These cookies expire after 30 days, and we don't use it for personal identification of the user. Should the user visit individual pages of the website and the cookie has not yet expired, Google and the website can tell that the user clicked on the ad and proceeded to that page.
Each Google AdWords advertiser has a different cookie. Thus, cookies cannot be tracked using the website of an AdWords advertiser.
We use "Google reCAPTCHA" (from now on "reCAPTCHA") on our websites provided by Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA ("Google").
reCAPTCHA can check data entered on our website that has been entered by a human or by an automated program. For the analysis, reCAPTCHA evaluates various information (e.g., IP address, how long the visitor has been on the website, or mouse movements made by the user). Google receives the data collected during data analysis.
The website operator has a legitimate interest in protecting its site from abusive automated crawling and spam.
Please visit the following links for more information about Google reCAPTCHA
Our website measures conversions using visitor action pixels from Facebook, Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA ("Facebook").
These allow the tracking of behavior of site visitors after they click on a Facebook ad to reach the provider's website. It allows an analysis of the effectiveness of Facebook advertisements for statistical and market research purposes and future optimization.
You can also deactivate the custom audiences remarketing feature in the Ads Settings section at
You first need to log into Facebook. If you do not have a Facebook account, you can opt-out of usage-based advertising from Facebook on the Website of the European Interactive Digital Advertising Alliance,
Plugins and Tools
Google Web Fonts
This site uses so-called web fonts, provided by Google, for the uniform representation of fonts. When you call up a page, your browser loads the required web fonts into your browser cache to display texts and fonts correctly.
To do this, the browser you use must connect to Google's servers. As a result, Google can learn that your IP address accessed our website. The use of Google Web Fonts is in the interest of a consistent and attractive presentation of our online services. It constitutes a legitimate interest within the meaning of Art. 6 paras. 1 lit. F DSGVO.
Your computer uses a default font in case your browser does not support web fonts.
If you would like to receive our newsletter, we require a valid email address as well as information that allows us to verify that you are the owner of the specified email address and that you agree to receive this newsletter. No additional data is collected or is only collected voluntarily. We only use this data to send the requested information and do not pass it on to third parties.
We will, therefore, process any data you enter onto the contact form only with your consent per Art. 6 (1) (a) DSGVO.
You can refuse to store your data as well as unsubscribe to the newsletter anytime. The data processed before we receive your request may still be legally processed.
The data provided when registering for the newsletter be used to distribute the newsletter until you cancel your subscription on the deletion of stored data. Data we have stored for other purposes (e.g., e-mail addresses for the member's area) remain unaffected.
This website uses the services of MailChimp to send newsletters provided by Rocket Science Group LLC, 675 Ponce De Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA.
MailChimp is a service that organizes and analyzes the distribution of newsletters. MailChimp servers in the USA can save your data if you subscribe to our newsletter.
The EU-US Privacy Shield certified MailChimp. The Privacy Shield is an agreement between the European Union (EU) and the US to ensure compliance with European privacy standards in the United States.
We use MailChimp to analyze our newsletter campaigns. When you open an email sent by MailChimp, a file included in the email (called a web beacon) connects to MailChimp's servers in the United States. It allows the determination of messages and links which you clicked on. Also, technical information is collected (e.g., time of retrieval, IP address, browser type, and operating system).
You can unsubscribe from the newsletter if you do not want MailChimp to analyse your usage of the newsletter. For this purpose, we provide a link in every newsletter we send. You can also unsubscribe from the newsletter directly on the website.
Completion of a Data Processing Agreement
We have entered into a data processing agreement with MailChimp, in which we require MailChimp to protect the data of our customers and not to disclose said data to third parties.
Payment Service Providers
Our website accepts payments via PayPal. The provider of this service is PayPal (Europe) S.à.r.l & Cie, SCA (22-24 Boulevard Royal, L-2449 Luxembourg.
If you select payment via PayPal, the payment data you provide can be supplied to PayPal based on Art. 6 (1) (a) (Consent) and Art. 6 (1) (b) DSGVO (Processing for contract purposes). You have the option to revoke your consent at any time with future effect. It does not affect the processing of data previously collected.
We will disclose your information provided during the ordering process and the information about your order (Name, address, account number, bank code, possibly credit card number, invoice amount, currency and transaction number) if the payment service Stripe Payments Europe Ltd, Block 4, Harcourt Centre, Harcourt Road, Dublin 2, Ireland processes your payment if you choose to pay by credit card. The transfer of your data is exclusively for payment processing with the payment service provider Stripe Payments Europe Ltd. Please review Stripe's service agreement for more information: click here.
Encrypted Payments on Giftaplace.com
If you enter into a contract that requires you to send us your payment information (e.g., account number for direct debits), we require this data to process your payment.
We use encrypted SSL or TLS connections to allow payment transactions using conventional means of payment (Visa/MasterCard, direct debit). You can recognize an encrypted connection in your browser's address line when it changes from "HTTP://" to "https://" and the lock icon in your browser line is visible.
The third parties cannot read your payment details in case of encrypted communication.
<OR This Method of Payment?>
Payment on our site is implemented using a secure third-party service called Braintree, owned by PayPal.
The Payment Card Industry Data Security Standard (PCI-DSS) is used to encrypt payment information. Your purchase transaction data is not stored at or passes through our servers.
All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express, and Discover.
PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
If our store is acquired or merged with another company, your information may be transferred to the new owners so that we may continue to sell products to you.
Customer Support via ZenDesk
We use Zendesk's Support Widget, a Zendesk Inc. Customer Service Platform, 989 Market Street #300, San Francisco, CA 94102, to process customer inquiries. Last name, first name, postal address, telephone number, email address recorded on our website to answer your questions.
As far as you contact us by email or via a form, we use the personal data you provide exclusively for processing the specific request and keep the data confidential. We store the specified data and the message history with our service desk for follow-up questions and subsequent contact. The legal basis here is a contract processing contract according to Art. 6 (1) (b) GDPR with Zendesk, which in turn is EU-US Privacy Shield certified.
Questions and Contact Information
If you would like to: access, correct, amend or delete any personal information we have about you, register a complaint, or want more information contact our Privacy Compliance Officer at firstname.lastname@example.org or by mail at Gift A Place, ___________.
SSL or TLS Encryption
This site uses SSL or TLS encryption for security reasons and for the protection of the transmission of confidential content, such as the inquiries you send to us as the site operator. You can recognize an encrypted connection in your browser's address line when it changes from "HTTP://" to "https://" and the lock icon is displayed in your browser's address bar.
If SSL or TLS encryption is activated, the third parties cannot read the data you send to us.
To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered, or destroyed.
If you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL). Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards.