PRIVACY POLICY
Gift Baskets for Europe (The merchant) has updated its Privacy Policy and Terms of Use, effective January 1, 2021. These changes were made for compliance with the EU’s Data Privacy Law, the General Data Protection Regulation (GDPR). The merchant is committed to protecting your privacy.
With these updates, The merchant , reaffirms its commitment to safeguarding the personal data of our clients and anyone who visits our websites. The merchant, has three core privacy principles: accountability through awareness, empowering individuals, and protecting and safeguarding information. We embrace privacy by design, which means our team actively design and build features with privacy considered alongside innovation and functionality.
We believe strongly in protecting your personal data and understand that doing so is critical in the preservation of trust and confidence of our customers. Our platform is GDPR-compliant including features to enable us to offer our customers transparency into and control over the personal data. We have built in technical measures to ensure that our customer’s personal data is protected as it crosses borders. To comply with the GDPR, as part of the processing of orders, we only process personal data when authorized to do so by the customer. For example, when a client clicks Fulfill items, they give The merchant instruction to process the data necessary to perform that purchase.
The merchant is committed to protecting your privacy. Your personal and payment information is 100% Secure. We may occasionally communicate with you via email as a courtesy to inform you of specials, discounts or new products. If at anytime you prefer not to receive this information, please notify us.
This site uses a secure server (SSL) encryption to safe guard your personal information. We have security measures in place to prevent loss or misuse of your information.
Complying with marketing and cookie regulations.
We are responsible for making sure that these comply with marketing and cookie regulations in the jurisdictions in which they operate. EU buyers should make sure that they obtain appropriate consent for the use of cookies—the ePrivacy Directive generally requires some form of consent in order to use tracking technologies. We comply with all applicable email marketing practices such as applicable e-marketing or anti-spam requirements.
The merchant uses a combination of data centers and cloud service providers to store this personal data in the United States and Canada. When personal data is transferred to the United States, it is either done so through the EU-U.S. and Swiss-U.S. Privacy Shield, for our own storage, or through contractual data protection addenda (DPAs) with third-party service providers. The EU-U.S. and Swiss-U.S. Privacy Shields are also considered adequate under the GDPR.
Disclosures to third parties.
The merchant will never independently sell personal data for commercial purposes. However, The merchant does not disclose personal data to third parties or allow third parties to access personal data. The Merchant will 1- Store platform data 2- Respond to and manage support inquiries. The merchant may provide personal data, where permitted, to prevent, investigate, or respond to potential fraud, Illegal conduct, violations of any agreements with The merchant. It may also provides information to third parties when legally required to do so and were it believes it is legally required to provide such information with a legal order. In this event it will notify the data subject and give the data subject a chance to seek a protective order.
Erasure Data
Clients have the right to request that their personal data be erased in certain circumstances. If we receive a request from a buyer to delete their personal data, we will verify that the requester is the same as the data subject (that is, the requester is not asking to erase someone else’s personal data). Confirm there is no legal reason to preserve this data if both conditions are satisfied. After a request is received, The merchant will ensure that the relevant personal data is erased. If erasing is impossible, The merchant will let the client know to what degree it is impossible, and why.
Timing
Personal data cannot be erased from The merchant while it is: 1- Associated with a pending order 2- Associated with an order made fewer than 180 days before the request (the usual window in which a buyer can make a chargeback). If the buyer’s personal data cannot be erased for this reason, The merchant will re-submit the deletion request after the appropriate time has passed.
Security controls
Our Processor encrypts data sent to and from merchants and buyers using the HTTPS protocol. They also encrypt any sensitive stored information, and salts and hashes merchant and buyer passwords using bcrypt.
Any changes to our privacy and security policy, will be noted on this page. If you have any questions about this privacy statement, the practices of this website or you require any additional information, please contact us at Customerservice@GiftBasketsforEurope.com attention Data Compliance Officer.
Updated January 1, 2024.