Privacy policy

Version of the 19.02.2023


The platform of Giftit has been set up in order to : (i) make gifting more fun, interactive and spontaneous, and (ii) reducing the amount of waste caused by unwanted or non-fitting gifts. Furthermore, the Giftit platform aims to facilitate the search for gifts by allowing gifters and potential recipients to see and interact with each other’s wish lists and consult each other’s profiles. 

The present privacy policy (« Privacy Policy ») addresses the use of personal data collected through the Giftit social platform available at (the « Platform ») managed by the Giftit Partnership with its office located at Clausiusstrasse 16, 8006 Zürich.

Please read this Privacy Policy carefully before using the Platform. This Privacy Policy explains how information relating to an identified or identifiable individual (« Personal Data ») is collected, used and protected.

As a basic principle, the Swiss Federal Data Protection Act applies to the processing of your personal data. If you access our services from the State of California, USA, the California Consumer Privacy Act of 2018 (CCPA) may also apply. 

By using our Platform, you acknowledge and agree with the collection and processing of your Personal Data in accordance with this Privacy Policy. If you do not wish your Personal Data to be processed according to the present Policy, please do not use the Platform.


  1. The Platform is managed by the Giftit Partnership. 
  2. The Giftit Partnership is considered the Data Controller in relation to the processing of Personal Data on the Platform and your first point of contact. You can contact us by e-mail to or by post at Clausiusstrasse 16, 8006 Zürich.
  3. Giftit has the role of making the Platform available to users who wish to register requests for account creation on the Platform and to accompany users in their search for gifts and to consult other user’s profiles. 


  1. We use the Personal Data collected through our Platform, as described below, to provide the following information and services : 
  1. registration on the Platform and creating a user account ; 
  2. profiles and wish lists consultation; 
  3. informational updates in relation to Giftit and its services ; 
  4. links to the main website of Giftit. 
  5. in-app purchasing and delivery of gifts
  6. gift recommendation
  7. birthday and event reminders
  8. displaying friend activity
  1. This Privacy Policy does not apply to any services offered offline.


A. Sources of collection

  1. The Personal Data that we collect through our Platform consists of the Personal Data that you provide us with (infra C.)

B. What Personal Data do you provide to us? 

  1. We collect the Personal Data you provide to us on a voluntary basis when, through our Platform, you : 
    1. Register on the Platform and create an account ;
    2. Log into your account using your personal login (e-mail or phone number and password). 

  1. If you register on the Platform as a user, the Personal Data we may collect includes your full name, nationality, date of birth, e-mail address, mobile phone number, account password, language preferences, shoe size, dress size, profile image, postal address, country code, friends network, gifts brands and category preferences, preferences regarding recipients or gifters and log data.

  1. Our website may allow you to authenticate using third-party services, such as Google Firebase. If you choose to use a third-party authentication service, your password will be stored with the third party provider and some of these services can track your actions when you interact with them. We do not have access to your password, and we encourage you to review the privacy policies of any third-party authentication services that you use to understand their data handling practices. 

  1. It should be noted that the only Personal Data that is displayed on the Platform and visible on your profile is your name, your postal address, your shoe and dress sizes  and your preferences for products or gifts you are looking for. Our Platform allows users to control the visibility of their profile information and change their profile visibility setting at any time. Users may choose to make their profile public information, visible only to their friends, or private. The shipping address will only be visible if the user sets its profile visibility to “Friends only” and private otherwise. However, if the user sets their profile visibility setting to “Public” their shipping address will not be visible to other users of the platform. Please note that if a user chooses to make their profile private, it will not be visible to anyone on the Platform except her or him and our administrators, who may access and use the information in accordance with this Privacy policy.

C. For what purpose do we collect this information?

  1. We collect the Personal Data you provide to us on a voluntary basis in order to provide the services you have requested, namely : 
    1. to validate your registration to the Platform ; 
    2. to create your account and to send you your unique login by e-mail ; 
    3. to contact you to understand your needs ; and
    4. to publish your profile and wish lists on the Platform.  


  1. Our Platform contains links that direct you to Giftit’s main website enabling you to access the content available therein. 
  2. Please refer to the privacy policy of this website for any information in relation to the purpose and extent of the collection of Personal Data, the further processing and use of such Personal Data, as well as the rights related thereto and the adjustment possibilities to enable the protection of your Personal Data.


  1. We may give certain independent contractors, partners and affiliates access to the Personal Data you made available to us through our Platform. To this day, these contractors and partners are the following : 
    1. Payment service provider : inc., based in the United States of America and Stripe Inc. based in the United States of America ;
    2. Platform host : Google (Cloud), based in the United States of America ; and
    3. Authentication service provider : Google (firebase), based in the United States of America. 
    4. Brand partners : the full list of the brand partners is published on the website of Giftit and is regularly updated by Giftit.
  1. We take all necessary steps to ensure that your Personal Data is processed securely and in accordance with this Privacy Policy and applicable laws. All our contractors are committed to protect your Personal Data using procedures similar to ours.
  2. Giftit records certain requests and transactions in log files This log data is used for troubleshooting, statistics, analytics, quality assurance, and to monitor system security and can be analyzed to that end. also uses Google Analytics and Google Firebase Analytics (for iOS and Android apps) to compile usage statistics. These services are provided by Space Pencil, Inc. and by Google Inc. respectively.
  3. The purpose of sharing your Personal Data with the above-mentioned third parties is to provide you with the Platform and our services of registering on our Platform, creating accounts and consulting profiles, as well as to maintain and seek to improve our Platform on an ongoing basis. 


  1. We may use your Personal Data (including your communications) if we think it is necessary for security purposes, to investigate possible fraud and/or attempts to harm other users of our Platform. Hence, we may use your Personal Data to investigate, respond to and resolve complaints or disputes relating to our Platform. 
  2. It is possible that we will need to disclose your Personal Data when required by law or if we have good faith belief that disclosure is necessary to:
    1. investigate, prevent, or take actions regarding suspected or actual illegal activities or to assist government enforcement agencies ;
    2. enforce our agreements with you ;
    3. investigate and defend ourselves against any third-party claims or allegations ;
    4. protect the security or integrity of our Platform ; or
    5. exercise or protect the rights and safety of our users, employees, or others.
  1. We attempt to notify users about legal demands for their Personal Data when appropriate in our judgement and technically feasible, unless prohibited by law or by an authority decision or when the request is an emergency. We may dispute such demands when we believe, in our discretion, that the requests are overbroad, vague or lack proper authority, but we do not promise to challenge every demand. 
  2. The purpose of sharing your Personal Data with the aforementioned authorities, is to comply with our duty to comply with a legal obligation to which we are subject.


  1. We do not sell your Personal Data to third parties. We do not share or otherwise make available your Personal Data to third parties, except as otherwise provided in this Privacy Policy.


  1. If, as a result of certain services provided by third parties, we need to transfer your Personal Data to one of their databases outside Switzerland, potentially to a country that does not have a level of personal data protection comparable to that prevailing in Switzerland, unless provided otherwise under this Privacy Policy, we undertake to enter into an agreement with the third-party service provider in order to ensure an adequate level of protection of your Personal Data. 
  2. If the level of data protection in a particular country is lower than that applicable in Switzerland, we will ensure under contract the level of protection for your Personal Data is equivalent to that applicable in Switzerland. We shall ensure this through one or more of the following measures :

    a) by concluding EU Model Clauses with the appointed services providers, or

    b) through the appointed service providers having in place Binding Corporate Rules (BCR) that are recognised by a European data protection authority.


  1. We are committed to using commercially reasonable means to prevent exposure or disclosure of your Personal Data. In Particular, we implement and maintain measures (including administrative, physical, and technical measures) to manage unauthorised disclosures or exposures of your Personal Data. 
  2. In the event of a data breach, or in the event that we suspect a data breach, we will (i) use our best efforts to promptly notify you, where technically feasible, and (ii) cooperate with you to investigate and resolve the data breach, including without limitation by providing reasonable assistance to you in notifying injured third-parties. We will give you prompt access to such records related to a data breach as you may reasonably request; provided such records shall be our confidential information, and we shall not be required to provide you with records belonging to, or compromising the security of, other users. 
  3. In the event of a data breach, or in the event that we suspect a data breach, we will in addition notify the competent authorities in accordance with applicable law.


  1. Right to access and update your Personal Data: Wherever we process your Personal Data, we take reasonable steps to ensure that your Personal Data is kept accurate and up-to date for the purposes for which it was collected. 
  2. Right to delete your Personal Data: You may request the deletion of your Personal Data at any time, subject to any retention obligations imposed on us. We may retain de-personalized (anonymous) information after the deletion of your Personal Data. 
  3. Right of rectification: You have the right to obtain the rectification of your Personal Data if it is inaccurate or incomplete.
  4. Right to object to processing: Within the limits of the law, you have the right to object our processing of your Personal Data.
  5. Right to restriction: You have the right to request that we restrict the processing of your Personal Data. 
  6. Right to data portability: You have the right to be provided with a copy of the personal Data we have on you in a structured, machine-readable and commonly used format.
  7. Right to withdraw consent: You have the right to withdraw your consent at any time where we relied on your consent to process your Personal Data. However, it should be noted that such withdrawal: (i) does not affect the lawfulness of any processing carried out prior to such withdrawal and based on your consent; and (ii) may result in you no longer being able to use certain features of the Platform. 
  8. Right to complain to a supervisory authority: You have the right to complain to a data protection supervisory authority with regards to our collection and use of your Personal Data. 
  9. We may ask you to prove your identity before responding to a request based on the abovementioned rights or otherwise related to your Personal Data. In order to exercise the abovementioned rights, you may make your request in writing by sending us an e-mail to the following address:, or by post to the following address: Clausiusstrasse 16, 8006 Zürich.


  1. We retain the Personal Data you provide us with to the extent necessary to provide you access to and use of our Platform and our services, as well as to the extent required to comply with our legal obligations (for example, if we are required to retain your Personal Data under applicable law), to resolve a dispute or to enforce agreements we have entered into and our internal regulations.
  2. We automatically delete any Personal Data from accounts that have been inactive during two (2) years.
  3. We reserve the right to store the data in a depersonalized (i.e. anonymous) form after deletion of your Personal Data.


  1. We do not provide services specifically targeted at minors (individuals under the age of 18) and, unless provided otherwise under the present Privacy Policy, notably it’s Section 4.10, we do not proactively collect Personal Data from minors.


  1. Each user agrees to use the Platform at their own risk. We implement commercially reasonable technical, administrative and organizational measures to protect Personal data both online and offline from loss, misuse, and unauthorized access, disclosure, alteration, or destruction. We are not responsible for circumvention of any privacy settings or security measures contained on the Platform, or third party websites. 


  1. We may change this Privacy Policy at any time by posting a new version on this page or on a successor page, without prior notification. In this case, you shall be notified of any change to the Privacy Policy through a notice on the Platform home page. By continuing to access or use our Platform after such notification becomes effective, you acknowledge and agree to the processing of your Personal Data in accordance to the revised Privacy Policy. If you do not agree to the new terms, please do not use the Platform. If you do not wish your Personal Data to be processed in accordance with the revised Privacy Policy, please do not use our Platform.
  2. The new version of the Privacy Policy will become effective on the date it’s posted, which will be listed at the top of the page as the new effective date. 


  1. Should you have questions or complaints regarding the present Privacy Policy, please contact us by e-mail at
  1. You can also reach us by post at Clausiusstrasse 16, 8006 Zürich.
© 2023 Giftit. All rights reserved.