Giftly — Privacy Policy
Giftly helps you remember birthdays and special occasions, plan gifts and track gift budgets. This policy explains what data the app handles, why, and what control you have over it. The short version: we only store what you type into the app, we never sell or share it, and you can delete everything at any time.
1. Data we collect
Account data. When you create an account we store your e-mail address, the name you choose, and your password. Passwords are stored only as salted cryptographic hashes — we cannot read them.
Content you add. Everything you enter in the app is stored so it can be synced to your account: the people you add (their names, relationship, dates such as birthdays, and any optional phone number, address, notes or photo you attach), your gift ideas and their status, budgets and spending amounts, and your preferences (reminder days and time, language, plan).
Security logs. To protect accounts, the server keeps short-lived records of failed sign-in and password-reset attempts (e-mail address and timestamp) used only for rate limiting.
2. How we use your data
- To provide the service itself: signing you in, syncing your people, gifts and settings across sessions and devices.
- To send you a password-reset code by e-mail when you request one.
- To protect your account (rate limiting of sign-in and reset attempts).
We do not use your data for advertising, profiling, or any purpose other than running Giftly.
3. Reminders and notifications
Occasion reminders are scheduled locally on your device using the system notification service. Your reminder schedule is not processed on our servers, and we do not send push notifications from a server.
4. Photos
If you attach a photo to a person, the app asks for access to your photo library only at that moment, and only the single image you pick is uploaded and stored with that person's profile. Photos are deleted together with the person or with your account.
5. Where your data lives & security
Your data is stored on our server and, for offline use, in a local copy on your device. All traffic between the app and the server is encrypted with HTTPS (TLS). Access to your data requires your personal access token; you can revoke it at any time by signing out. Password-reset codes expire after 15 minutes and are stored only as hashes.
6. Sharing
We do not sell, rent, trade, or share your personal data with third parties. No data leaves our infrastructure except when required by law. Using the built-in "call", "message" or "share" shortcuts simply opens the corresponding app on your device — nothing is transmitted to us in the process.
7. Data retention & deleting your account
Your data is kept for as long as your account exists. You can delete your account — and with it all people, gifts, photos, settings and the account record itself, immediately and irreversibly — directly in the app:
If you can no longer access the app, e-mail us at sadig.mammadov@digitup.az from the address your account is registered to and we will delete the account and all associated data within 30 days.
8. Children
Giftly is not directed at children under 13 (or the equivalent minimum age in your country), and we do not knowingly collect personal data from children.
9. Changes to this policy
If we change this policy, the new version will be published at this address with an updated effective date. Material changes will be highlighted in the app.
10. Contact
Questions or requests about your data: sadig.mammadov@digitup.az