Privacy policy

StackGift Ltd, 71-75 Shelton Street, Covent Garden, London, WC2H 9JQ, United Kingdom, is the data controller for personal data processed on this site. Contact for any privacy request: [email protected].

We collect the minimum data necessary to deliver our service:

• Email: required to deliver the gift card code.
• Postal address: only for physical cards.
• Blockchain transaction hash: to verify payment.
• Server logs: IP address, user agent, timestamp (retained 30 days for security).
• KYC data: only above regulatory thresholds (typically €1,000), via Sumsub.

We do not collect: banking data, advertising cookies, behavioral tracking.

• OxaPay: processes crypto payments (their privacy policy applies).
• Resend: delivers transactional emails.
• Card suppliers: receive minimum data to fulfill the order.
• Sumsub: processes KYC data when triggered.

All processors are bound by data processing agreements under GDPR article 28.

You have the right to access, rectify, erase, port, and object to the processing of your personal data, and to lodge a complaint with your local data protection authority. Send requests to [email protected].

Where data is transferred outside the EEA, we rely on Standard Contractual Clauses or adequacy decisions issued by the European Commission.

Data in transit is encrypted with TLS 1.3. Data at rest is encrypted on managed databases. Access is restricted to authenticated staff and protected by 2FA.