Information we collect
We collect account details such as name, email, authentication records, profile settings, and support messages. We also store project content, published links, template choices, RSVP or response submissions, domain setup details, wallet ledger entries, orders, and payment status metadata.
Payment card details are handled by the payment provider. GiftRed stores the order, amount, currency, provider references, webhook status, and fulfillment state needed to reconcile payments and support refunds.
How we use information
We use information to authenticate users, publish and serve projects, collect responses, display analytics, process wallet and billing activity, verify domain setup, send transactional emails, prevent abuse, and provide support.
We may use aggregated operational data to improve reliability, template quality, and fraud or abuse detection.
Service providers
GiftRed may share the minimum required data with infrastructure, database, email, storage, analytics, DNS, and payment providers so the service can operate.
When users request managed-domain setup, relevant domain and project details may be used by GiftRed administrators to review, register, configure, and verify the domain.
Retention, security, and choices
We retain records as needed for account access, published projects, payment reconciliation, support, fraud prevention, tax or accounting obligations, and legal compliance. Soft-deleted or expired records may remain in backups or audit logs for a limited period.
Users can request account, project, or privacy help by emailing [email protected]. We use access controls, environment isolation, signed uploads and downloads, and operational logging to reduce unauthorized access risk.