политика конфиденциальности

Last updated: January 11, 2026

Introduction

Wizzgift LLC ("Wizzgift," "Company," "we," "us," or "our") is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy ("Policy") describes our practices regarding the collection, use, disclosure, retention, and protection of personal information when you access or use our website located at www.wizzgift.com (the "Website"), our mobile applications, APIs, and any other services, features, or content we offer (collectively, the "Services").

This Policy applies to all visitors, users, customers, and others who access or use our Services ("Users" or "you"). By accessing or using our Services, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with this Policy, please do not access or use our Services.

We encourage you to read this Privacy Policy carefully and in its entirety. If you have any questions or concerns about our privacy practices, please contact us using the information provided in the "Contact Us" section below.

Scope and Applicability

This Privacy Policy applies to:

All personal information collected through our Website, mobile applications, and other digital platforms
Information collected when you create an account, make purchases, or interact with our Services
Information collected through cookies, pixels, and other tracking technologies
Information collected when you communicate with us via email, phone, chat, or social media
Information collected from third-party sources in connection with our Services
Information collected in connection with promotional activities, surveys, and contests

This Policy does not apply to information collected by third parties, including through any application or content that may link to or be accessible from our Services. We encourage you to review the privacy policies of any third-party services before providing your information.

Company Information and Data Controller

Wizzgift LLC is a limited liability company organized and existing under the laws of the State of Wyoming, United States. For the purposes of applicable data protection laws, including the General Data Protection Regulation (GDPR), Wizzgift LLC acts as the "data controller" for the personal information we collect and process.

Legal Entity Name: Wizzgift LLC
Business Address: 30 N Gould St, STE R, Sheridan, WY 82801, USA
State of Incorporation: Wyoming, United States
Filing ID: 2025-001812749
Email: privacy@wizzgift.com
Website: www.wizzgift.com

As the data controller, we are responsible for deciding how personal information is collected and used, and we are accountable for ensuring that such processing is conducted in accordance with applicable laws and regulations.

Regulatory Compliance Framework

We are committed to complying with all applicable privacy and data protection laws and regulations. Our privacy practices are designed to meet the requirements of the following frameworks:

United States Federal Laws

Federal Trade Commission Act (FTC Act) - We adhere to fair information practices and avoid deceptive or unfair practices
Gramm-Leach-Bliley Act (GLBA) - For financial information protection where applicable
Children's Online Privacy Protection Act (COPPA) - We do not knowingly collect information from children under 13
CAN-SPAM Act - Our marketing communications comply with commercial email requirements
Bank Secrecy Act (BSA) and USA PATRIOT Act - For anti-money laundering compliance
Electronic Fund Transfer Act (EFTA) and Regulation E - For electronic payment protections

State Privacy Laws

California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA)
Virginia Consumer Data Protection Act (VCDPA)
Colorado Privacy Act (CPA)
Connecticut Data Privacy Act (CTDPA)
Utah Consumer Privacy Act (UCPA)
Other applicable state privacy laws as they become effective

International Regulations

General Data Protection Regulation (GDPR) - European Union
UK General Data Protection Regulation (UK GDPR)
Personal Information Protection and Electronic Documents Act (PIPEDA) - Canada
Lei Geral de Proteção de Dados (LGPD) - Brazil
Personal Data Protection Act (PDPA) - Singapore
Other applicable international data protection laws

Information We Collect

We collect various types of information to provide and improve our Services. The categories of information we collect include:

1. Information You Provide Directly

Account Registration Information:

Full legal name (first name, last name)
Email address
Phone number (including country code)
Username and password (stored in encrypted form)
Date of birth (for age verification purposes)
Profile picture (optional)
Preferred language and communication preferences

Transaction and Purchase Information:

Billing address (street address, city, state/province, postal code, country)
Shipping address (if different from billing address)
Payment information (credit/debit card numbers, expiration dates, CVV - processed by our payment processors)
Cryptocurrency wallet addresses
Transaction history and purchase records
Gift card redemption codes and activation details
Order preferences and delivery instructions

Identity Verification Information (for KYC/AML compliance):

Government-issued identification documents (passport, driver's license, national ID)
Proof of address documents (utility bills, bank statements)
Selfie or biometric photographs for identity matching
Tax identification numbers (where legally required)
Source of funds documentation (for high-value transactions)

Communications and Support Information:

Customer support inquiries and correspondence
Feedback, reviews, and testimonials
Survey responses and research participation data
Social media interactions and messages
Chat transcripts and call recordings (where permitted by law)

2. Information Collected Automatically

When you access or use our Services, we automatically collect certain information, including:

Device and Technical Information:

IP address (IPv4 and IPv6)
Device type, model, and manufacturer
Operating system and version
Browser type, version, and language settings
Screen resolution and color depth
Time zone settings and locale information
Unique device identifiers (UDID, IDFA, GAID, etc.)
Hardware identifiers and device fingerprints
Mobile network information (carrier, connection type)

Usage and Behavioral Information:

Pages viewed and features used
Links clicked and navigation paths
Search queries and filters applied
Time spent on pages and sessions
Scroll depth and interaction patterns
Referring URLs and exit pages
Error logs and crash reports
Feature usage frequency and patterns

Location Information:

Approximate location derived from IP address (country, region, city)
Precise geolocation (with your explicit consent, where applicable)
Time zone and regional settings

3. Information from Third-Party Sources

We may receive information about you from third parties, including:

Social login providers (Google, Facebook, Apple) - basic profile information you authorize us to access
Payment processors and financial institutions - transaction confirmations and fraud indicators
Identity verification services - verification results and risk scores
Marketing partners and affiliates - referral information and attribution data
Data enrichment providers - demographic and firmographic data
Public databases and records - for identity verification and fraud prevention
Sanctions screening databases - OFAC SDN list and other regulatory watchlists
Credit bureaus and fraud prevention networks - risk assessment data

4. Sensitive Personal Information

In certain circumstances, we may collect what some jurisdictions classify as "sensitive" personal information, including:

Government-issued identification numbers (for identity verification and tax reporting)
Financial account information (processed securely through PCI-DSS compliant payment processors)
Precise geolocation data (only with your explicit consent)
Biometric data (facial geometry for identity verification, with consent)

We only collect sensitive personal information when necessary to provide our Services or comply with legal obligations, and we implement additional safeguards to protect such information.

How We Collect Information

We collect information through various methods and technologies:

Direct Collection

Account registration and profile creation forms
Checkout and payment processing
Customer support interactions (email, chat, phone, social media)
Survey responses and feedback submissions
Newsletter and marketing subscriptions
Contest and promotion entries
Job applications and recruitment processes

Automated Collection Technologies

Cookies (first-party and third-party)
Pixel tags and web beacons
JavaScript and tracking scripts
Local storage and session storage
Server logs and analytics tools
Mobile SDKs and app analytics
Device fingerprinting technologies

Third-Party Collection

Social media platforms and OAuth providers
Payment gateways and processors
Identity verification service providers
Marketing and advertising partners
Analytics and measurement partners
Affiliate and referral networks

How We Use Your Information

We use the information we collect for various purposes, including:

Service Delivery and Operations

Creating, maintaining, and securing your account
Processing transactions and fulfilling orders
Delivering gift cards and digital products
Processing payments and managing billing
Providing customer support and responding to inquiries
Sending transactional communications (order confirmations, receipts, delivery notifications)
Enabling account features and personalization

Security and Fraud Prevention

Verifying your identity and authenticating account access
Detecting, preventing, and investigating fraud, unauthorized access, and other illegal activities
Monitoring for suspicious activity and transaction anomalies
Implementing and maintaining security measures
Protecting our rights, property, and the safety of our users and the public
Conducting risk assessments and security audits

Legal and Regulatory Compliance

Complying with Know Your Customer (KYC) requirements
Performing Anti-Money Laundering (AML) screening and monitoring
Screening against sanctions lists (OFAC, UN, EU, etc.)
Filing required regulatory reports (SARs, CTRs, etc.)
Responding to lawful requests from law enforcement and government authorities
Enforcing our Terms of Service and other agreements
Establishing, exercising, or defending legal claims

Improvement and Development

Analyzing usage patterns to improve our Services
Conducting research and development for new features
Testing and troubleshooting new products and features
Understanding user preferences and behavior
Optimizing website performance and user experience
Training and improving our machine learning models and algorithms

Marketing and Communications

Sending promotional emails, newsletters, and marketing communications (with your consent)
Personalizing content, offers, and recommendations
Displaying targeted advertisements on our Services and third-party platforms
Measuring the effectiveness of our marketing campaigns
Conducting market research and customer surveys
Managing our social media presence and engagement

Business Operations

Managing our vendor and partner relationships
Conducting business analytics and reporting
Processing corporate transactions (mergers, acquisitions, financing)
Maintaining internal records and documentation
Planning and forecasting business operations

Legal Basis for Processing (GDPR)

For users in the European Economic Area (EEA), United Kingdom, and other jurisdictions that require a legal basis for processing personal data, we rely on the following legal grounds:

Contractual Necessity

We process certain personal data because it is necessary to perform our contract with you or take steps at your request before entering into a contract. This includes:

Creating and managing your account
Processing your purchases and transactions
Delivering products and services you have ordered
Providing customer support related to your transactions
Sending transactional communications about your orders

Legal Obligation

We process certain personal data to comply with our legal obligations, including:

Know Your Customer (KYC) verification requirements
Anti-Money Laundering (AML) screening and monitoring
Sanctions compliance and screening
Tax reporting and record-keeping requirements
Responding to valid legal requests from authorities
Fraud prevention requirements under payment card industry standards

Legitimate Interests

We process certain personal data based on our legitimate business interests, where those interests are not overridden by your rights and interests. Our legitimate interests include:

Fraud detection and prevention to protect our business and users
Network and information security
Improving and developing our Services
Understanding how users interact with our Services
Direct marketing to existing customers (with easy opt-out)
Enforcing our terms and policies
Conducting business analytics and reporting
Protecting our legal rights and interests

Consent

We process certain personal data based on your consent, which you can withdraw at any time. This includes:

Marketing communications and newsletters
Non-essential cookies and tracking technologies
Precise geolocation data collection
Sharing data with third-party marketing partners
Using biometric data for identity verification
Processing for purposes beyond those originally disclosed

Vital Interests

In rare circumstances, we may process personal data where necessary to protect someone's vital interests (life or physical safety).

Public Interest

We may process personal data where necessary for the performance of a task carried out in the public interest, such as preventing financial crimes.

Cookies and Tracking Technologies

We use cookies and similar tracking technologies to collect and store information when you visit our Website or use our Services. This section explains our use of these technologies and your choices.

What Are Cookies?

Cookies are small text files that are stored on your device (computer, tablet, or mobile phone) when you visit a website. They are widely used to make websites work more efficiently, provide information to website owners, and enable certain features and functionality.

Types of Cookies We Use

Strictly Necessary Cookies:

Essential for the website to function properly
Enable core functionality such as security, network management, and accessibility
Include session cookies for shopping cart functionality
Cannot be disabled without affecting site functionality
Do not require consent under most privacy laws

Functional/Preference Cookies:

Remember your preferences and settings (language, currency, region)
Enable enhanced personalization features
Store login credentials (with your permission)
Remember items in your shopping cart between sessions
Improve your experience by remembering your choices

Analytics/Performance Cookies:

Collect information about how you use our Website
Help us understand which pages are most and least popular
Track how visitors move around the site
All information is aggregated and anonymous where possible
Include tools like Google Analytics, Hotjar, and Mixpanel

Marketing/Advertising Cookies:

Track visitors across websites to display relevant advertisements
Measure the effectiveness of advertising campaigns
Limit the number of times you see an advertisement
Help us and partners deliver targeted content
Include pixels from Meta (Facebook), Google Ads, and other advertising networks

Other Tracking Technologies

Pixel Tags/Web Beacons: Small graphic images embedded in web pages or emails that collect information about your interactions
Local Storage: Data stored in your browser that persists even after you close your browser window
Session Storage: Temporary data stored in your browser that is deleted when you close your browser
Device Fingerprinting: Collecting device characteristics to create a unique identifier for fraud prevention
Mobile SDKs: Code embedded in mobile apps that collects usage data and enables features

Third-Party Cookies and Services

We use the following third-party services that may set cookies:

Google Analytics - Website analytics and measurement
Google Ads - Advertising and conversion tracking
Meta Pixel (Facebook) - Advertising and conversion tracking
Hotjar - Heatmaps and session recordings for UX analysis
Stripe - Payment processing
Coinbase Commerce - Cryptocurrency payment processing
NOWPayments - Cryptocurrency payment processing
Intercom/Zendesk - Customer support chat
Cloudflare - Security and performance optimization

Managing Your Cookie Preferences

You have several options to manage cookies and tracking:

Cookie Consent Banner: Use our cookie consent tool to manage your preferences when you first visit our site
Browser Settings: Most browsers allow you to refuse or delete cookies through settings. Note that disabling cookies may affect site functionality
Opt-Out Tools: Use industry opt-out tools like NAI (networkadvertising.org/choices) or DAA (aboutads.info/choices)
Mobile Device Settings: Adjust privacy settings on your mobile device to limit ad tracking
Do Not Track: We honor Do Not Track signals where technically feasible
Email Preferences: Disable tracking pixels by blocking images in your email client

For more information about cookies and how to manage them, visit www.allaboutcookies.org or www.aboutcookies.org.

How We Share Your Information

We may share your personal information in the following circumstances and with the following categories of recipients:

Service Providers and Processors

We share information with third-party vendors who provide services on our behalf, including:

Cloud hosting and infrastructure providers (AWS, Cloudflare)
Payment processors (Stripe, Coinbase Commerce, NOWPayments)
Email service providers (SendGrid, Mailchimp)
Customer support platforms (Zendesk, Intercom)
Analytics providers (Google Analytics, Mixpanel)
Identity verification services (Jumio, Onfido)
Fraud prevention services (Sift, Riskified)
Marketing and advertising platforms (Google Ads, Meta)

These service providers are contractually bound to use your information only for the purposes for which we disclose it to them and to implement appropriate security measures.

Business Partners

Gift card issuers and brand partners for order fulfillment
Mobile carrier partners for mobile recharge services
Affiliate and referral partners (limited to attribution data)
Strategic partners for joint offerings (with your consent)

Legal and Regulatory Disclosures

We may disclose your information to comply with legal obligations or protect our rights:

In response to subpoenas, court orders, or other legal process
To comply with government or regulatory requests
To law enforcement agencies when required by law
To financial intelligence units (FinCEN) for suspicious activity reports
To regulatory bodies conducting investigations
To protect our rights, privacy, safety, or property
To enforce our Terms of Service and other agreements
To protect the rights and safety of our users and third parties

Business Transactions

In connection with business transactions, we may share information with:

Potential acquirers, merger partners, or investors during due diligence
Successor entities following a merger, acquisition, or sale of assets
Advisors and consultants (under confidentiality obligations)
Lenders and financing parties (as permitted)

With Your Consent

We may share your information with other third parties when you have given us your consent to do so.

Aggregated and De-identified Data

We may share aggregated, anonymized, or de-identified data that cannot reasonably be used to identify you with third parties for research, marketing, analytics, and other purposes.

Information We Do Not Sell

Wizzgift does not sell your personal information to third parties for monetary consideration. We may share information for targeted advertising purposes, which some state laws may consider a "sale" or "sharing" for cross-context behavioral advertising. You have the right to opt out of such sharing - see the "Your Privacy Rights" section below.

International Data Transfers

Wizzgift is headquartered in the United States, and our Services are hosted on servers located in the United States and other countries. When you use our Services, your information may be transferred to, stored in, and processed in countries other than your country of residence.

Legal Mechanisms for Transfer

When we transfer personal data from the European Economic Area (EEA), United Kingdom, or Switzerland to countries not recognized as providing an adequate level of data protection, we implement appropriate safeguards:

Standard Contractual Clauses (SCCs): We use the European Commission's Standard Contractual Clauses for transfers to our service providers and partners
UK International Data Transfer Agreement (IDTA): For transfers from the United Kingdom
Data Processing Agreements: We enter into agreements with our processors that include data protection obligations
Supplementary Measures: Where required, we implement additional technical and organizational measures to protect transferred data
Binding Corporate Rules: For intra-group transfers where applicable

Your Rights Regarding International Transfers

You may request information about the safeguards we have in place for international transfers of your personal data by contacting us at privacy@wizzgift.com. We will provide you with copies of relevant documentation upon request.

U.S. Data Privacy Framework

We are committed to handling personal data in accordance with the principles of the EU-U.S. Data Privacy Framework, the UK Extension to the EU-U.S. Data Privacy Framework, and the Swiss-U.S. Data Privacy Framework, as applicable.

Data Retention

We retain your personal information for as long as necessary to fulfill the purposes for which it was collected, including to satisfy legal, accounting, or reporting requirements.

General Retention Periods

Account Information: Retained while your account is active and for 7 years after account closure (for legal and tax purposes)
Transaction Records: Retained for 7 years after the transaction date (as required by financial regulations)
KYC/AML Documentation: Retained for 5 years after the business relationship ends (as required by BSA)
Customer Support Records: Retained for 3 years after resolution of the inquiry
Marketing Preferences: Retained until you withdraw consent or unsubscribe
Analytics Data: Aggregated data retained indefinitely; individual-level data retained for 26 months
Server Logs: Retained for 90 days for security and troubleshooting purposes
Cookie Data: Varies by cookie type (session cookies expire at browser close; persistent cookies as specified in our cookie settings)

Factors Affecting Retention

When determining retention periods, we consider:

The nature and sensitivity of the personal data
The purposes for which we process your data
Applicable legal, regulatory, or contractual requirements
Statute of limitations for potential legal claims
Our legitimate business interests
Your expectations and consent
Industry standards and best practices

Data Deletion and Anonymization

When personal data is no longer needed:

We securely delete or destroy the information using industry-standard methods
We may anonymize data so it can no longer be associated with you, in which case we may retain and use this information indefinitely
We ensure our service providers delete or anonymize data in accordance with our instructions
Backups may retain data for a limited period after deletion from primary systems

Data Security

We take the security of your personal information seriously and implement comprehensive technical and organizational measures to protect it from unauthorized access, alteration, disclosure, or destruction.

Technical Security Measures

Encryption: All data transmitted between your device and our servers is encrypted using TLS 1.2 or higher. Sensitive data at rest is encrypted using AES-256 encryption
Secure Infrastructure: Our systems are hosted on enterprise-grade cloud infrastructure with SOC 2 Type II certification
Access Controls: We implement role-based access controls, multi-factor authentication, and least-privilege principles
Network Security: Firewalls, intrusion detection/prevention systems, and DDoS protection are in place
Vulnerability Management: Regular security assessments, penetration testing, and vulnerability scanning
Secure Development: Security reviews, code analysis, and secure coding practices in our development lifecycle

Organizational Security Measures

Security Policies: Comprehensive information security policies and procedures
Employee Training: Regular security awareness training for all personnel
Background Checks: Verification of personnel with access to sensitive data
Vendor Management: Due diligence and security requirements for third-party vendors
Incident Response: Documented incident response procedures and regular testing
Business Continuity: Disaster recovery and business continuity plans

Payment Security

We do not store complete credit card numbers on our servers. Payment information is processed by our PCI-DSS Level 1 compliant payment processors (Stripe). Cryptocurrency transactions are processed through regulated payment processors (Coinbase Commerce, NOWPayments).

Your Security Responsibilities

You play an important role in protecting your information:

Use strong, unique passwords for your account
Enable two-factor authentication (2FA) when available
Keep your login credentials confidential
Log out of your account when using shared devices
Be cautious of phishing attempts - we will never ask for your password via email
Keep your devices and software updated with security patches
Report any suspicious activity to us immediately

Data Breach Response

In the event of a data breach that affects your personal information:

We will investigate and contain the breach as quickly as possible
We will notify affected individuals as required by applicable law (typically within 72 hours for GDPR)
We will notify relevant regulatory authorities as required
We will provide information about the nature of the breach and steps you can take to protect yourself
We will take steps to prevent future incidents and improve our security measures

Your Privacy Rights

Depending on your location and applicable law, you may have certain rights regarding your personal information. We are committed to honoring these rights and have implemented processes to facilitate their exercise.

Rights Available to All Users

Access: Request information about the personal data we hold about you
Correction: Request correction of inaccurate or incomplete personal data
Marketing Opt-Out: Unsubscribe from marketing communications at any time
Account Deletion: Request deletion of your account (subject to legal retention requirements)
Complaint: Lodge a complaint with us or a relevant supervisory authority

GDPR Rights (EEA, UK, Switzerland)

If you are located in the European Economic Area, United Kingdom, or Switzerland, you have the following additional rights under the GDPR:

Right of Access (Article 15): Obtain confirmation of whether we process your data and receive a copy of your personal data
Right to Rectification (Article 16): Have inaccurate personal data corrected and incomplete data completed
Right to Erasure (Article 17): Request deletion of your personal data ("right to be forgotten") in certain circumstances
Right to Restriction (Article 18): Request restriction of processing in certain circumstances
Right to Data Portability (Article 20): Receive your personal data in a structured, machine-readable format and transmit it to another controller
Right to Object (Article 21): Object to processing based on legitimate interests or for direct marketing purposes
Right to Withdraw Consent (Article 7): Withdraw consent at any time where processing is based on consent
Rights Related to Automated Decision-Making (Article 22): Not be subject to decisions based solely on automated processing that significantly affect you

To exercise your GDPR rights, contact us at privacy@wizzgift.com. We will respond within one month, which may be extended by two additional months for complex requests.

You also have the right to lodge a complaint with your local data protection supervisory authority.

California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA). This section describes those rights and how to exercise them.

Your CCPA/CPRA Rights

Right to Know: Request disclosure of the categories and specific pieces of personal information we have collected about you, the sources of collection, the purposes for collection, and the categories of third parties with whom we share your information
Right to Delete: Request deletion of personal information we have collected from you, subject to certain exceptions
Right to Correct: Request correction of inaccurate personal information we maintain about you
Right to Opt-Out of Sale/Sharing: Opt out of the sale of your personal information or sharing for cross-context behavioral advertising
Right to Limit Use of Sensitive Personal Information: Limit our use and disclosure of sensitive personal information to purposes necessary to provide the Services
Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights

Categories of Personal Information Collected

In the preceding 12 months, we have collected the following categories of personal information:

Identifiers (name, email, phone number, IP address, account ID)
Customer Records Information (billing/shipping address, payment information)
Commercial Information (purchase history, products purchased)
Internet or Network Activity (browsing history, search queries, interactions with our website)
Geolocation Data (approximate location from IP address)
Sensory Data (if you provide voice recordings to customer support)
Professional or Employment Information (if provided for business accounts)
Inferences (preferences, characteristics, behaviors derived from other information)

Categories of Sensitive Personal Information Collected

Government-issued identification numbers (for identity verification)
Financial account information (payment card numbers processed by payment providers)
Precise geolocation (with consent)

Sale and Sharing of Personal Information

Wizzgift does not sell personal information for monetary consideration. We may share personal information with advertising partners for targeted advertising, which may constitute "sharing" for cross-context behavioral advertising under the CPRA. You have the right to opt out of this sharing.

How to Exercise Your California Rights

Submit a request by emailing privacy@wizzgift.com
Call us toll-free at [Insert Phone Number]
Use the 'Do Not Sell or Share My Personal Information' link on our website
Submit a request through your account settings

We will verify your identity before processing your request by matching information you provide with information we have on file. You may designate an authorized agent to make a request on your behalf by providing written authorization.

Response Timing and Format

We will respond to verifiable requests within 45 days of receipt. If we need more time (up to an additional 45 days), we will notify you of the extension and explain the reason. If you have an account with us, we will deliver our response to that account. If you do not have an account, we will deliver our response by mail or electronically, at your option.

California Shine the Light

California Civil Code Section 1798.83 permits California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please contact us at privacy@wizzgift.com.

Other U.S. State Privacy Rights

Residents of certain U.S. states have additional privacy rights under state law.

Virginia (VCDPA)

Virginia residents have rights to:

Access their personal data
Correct inaccuracies in their personal data
Delete personal data
Obtain a portable copy of their personal data
Opt out of targeted advertising, sale of personal data, and profiling
Appeal our decision regarding a privacy request

Colorado (CPA)

Colorado residents have rights to:

Access their personal data
Correct inaccuracies in their personal data
Delete personal data
Obtain a portable copy of their personal data
Opt out of targeted advertising, sale of personal data, and certain profiling

Connecticut (CTDPA)

Connecticut residents have rights to:

Access their personal data
Correct inaccuracies in their personal data
Delete personal data
Obtain a portable copy of their personal data
Opt out of targeted advertising, sale of personal data, and profiling

Utah (UCPA)

Utah residents have rights to:

Access their personal data
Delete personal data
Obtain a portable copy of their personal data
Opt out of targeted advertising and sale of personal data

Nevada

Nevada residents may opt out of the sale of their personal information by contacting us at privacy@wizzgift.com.

How to Exercise State Privacy Rights

To exercise your state privacy rights, contact us at privacy@wizzgift.com. We will verify your identity and process your request in accordance with applicable law. You may appeal any decision we make regarding your request by contacting us.

Children's Privacy

Protecting the privacy of children is important to us. Our Services are not intended for, marketed to, or directed at individuals under the age of 18 (or the age of majority in your jurisdiction).

COPPA Compliance

In accordance with the Children's Online Privacy Protection Act (COPPA):

We do not knowingly collect personal information from children under the age of 13
We do not knowingly allow children under 13 to register for our Services
If we become aware that we have collected personal information from a child under 13 without parental consent, we will take steps to delete that information promptly
If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately at privacy@wizzgift.com

Age Restrictions

Users must be at least 18 years old to create an account and use our Services
We may require age verification for certain transactions
Users under 18 may not make purchases or engage in transactions without parental supervision and consent

Parental Rights

Parents and guardians have the right to:

Review personal information collected from their child
Request deletion of their child's personal information
Refuse to permit further collection or use of their child's personal information
Contact us at privacy@wizzgift.com to exercise these rights

Marketing and Communications

We may send you marketing and promotional communications about our products, services, and special offers.

Types of Communications

Promotional Emails: Information about new products, special offers, and promotions
Newsletter: Regular updates about industry news, tips, and company updates
Transactional Emails: Order confirmations, shipping notifications, account alerts (these are not marketing and cannot be opted out of)
SMS/Text Messages: Promotional messages if you have opted in (message and data rates may apply)
Push Notifications: Alerts about deals and updates if you have enabled notifications in our app
Personalized Ads: Targeted advertisements on third-party platforms based on your interests

Your Marketing Choices

You can control the marketing communications you receive:

Email Opt-Out: Click the 'Unsubscribe' link at the bottom of any marketing email
SMS Opt-Out: Reply STOP to any marketing text message
Push Notification Settings: Disable notifications in your device or app settings
Account Preferences: Manage your communication preferences in your account settings
Cookie Preferences: Adjust your cookie settings to limit targeted advertising
Contact Us: Email unsubscribe@wizzgift.com with your opt-out request

CAN-SPAM Compliance

We comply with the CAN-SPAM Act and other applicable email marketing laws:

We do not use false or misleading subject lines
We identify our messages as advertisements where required
We include our physical address in marketing emails
We honor opt-out requests within 10 business days
We do not sell or transfer email addresses to third parties for their marketing purposes

Third-Party Services and Links

Our Services may contain links to third-party websites, applications, and services. This Privacy Policy does not apply to those third-party services.

Third-Party Websites and Services

We are not responsible for the privacy practices of third-party websites or services
We encourage you to read the privacy policies of any third-party services before using them
Third-party services may have different privacy practices and data collection policies
Our inclusion of links does not imply endorsement of those services

Social Media Features

Our Website may include social media features (such as share buttons or interactive widgets). These features may collect your IP address and page visits, and may set cookies to enable functionality. Your interactions with these features are governed by the privacy policies of the companies providing them.

Third-Party Login

We offer login through third-party services (Google, Facebook, Apple). When you use these services:

We receive information you have authorized the third party to share with us
We use this information to create and manage your account
The third party's use of your information is governed by their privacy policy
You can revoke our access through your third-party account settings

Gift Card Brands and Partners

When you purchase gift cards, the issuing brand may have its own terms and privacy practices that apply to your use of the gift card. We recommend reviewing the terms and privacy policies of gift card issuers.

Payment Processing and Financial Data

We take special care in handling your payment and financial information.

Payment Processing

We use PCI-DSS Level 1 compliant payment processors to handle credit/debit card transactions
We do not store full payment card numbers on our servers
We may store a tokenized version of your payment method for recurring transactions (with your consent)
Payment information is transmitted using industry-standard encryption
Our payment processors include Stripe, Coinbase Commerce, and NOWPayments

Cryptocurrency Payments

We accept payments in various cryptocurrencies through our payment processor partners
We may collect wallet addresses associated with your transactions
Cryptocurrency transactions are recorded on public blockchains and may be traceable
We do not have control over or access to your private keys or wallets
We may use blockchain analytics tools for fraud prevention and compliance purposes

Account Balance and Credits

If you maintain an account balance or credits with us:

We maintain records of deposits, withdrawals, and transactions
We may share transaction information with regulatory authorities as required
Account balance information is protected using the same security measures as other account data

Anti-Money Laundering and KYC Compliance

As a U.S.-based company processing financial transactions including cryptocurrency payments, we are required to comply with Anti-Money Laundering (AML) laws and Know Your Customer (KYC) requirements.

Regulatory Framework

Bank Secrecy Act (BSA)
USA PATRIOT Act
Office of Foreign Assets Control (OFAC) Sanctions Programs
Financial Crimes Enforcement Network (FinCEN) regulations
State money transmitter laws (where applicable)

Information Collected for Compliance

For AML/KYC purposes, we may collect:

Government-issued identification (passport, driver's license, national ID)
Proof of address (utility bills, bank statements, government correspondence)
Date of birth and nationality
Tax identification numbers
Source of funds documentation
Selfie or biometric photographs for identity matching
Transaction details and patterns
IP addresses and geolocation data

Sanctions Screening

We screen customers and transactions against sanctions lists, including:

OFAC Specially Designated Nationals (SDN) List
OFAC Consolidated Sanctions List
United Nations Security Council Sanctions Lists
EU Consolidated Sanctions List
Other applicable sanctions programs

Transaction Monitoring

We monitor transactions for suspicious activity patterns
We may apply transaction limits based on verification level
Large or unusual transactions may trigger enhanced review
We file Suspicious Activity Reports (SARs) with FinCEN as required
We file Currency Transaction Reports (CTRs) for cash transactions over $10,000

Data Retention for Compliance

AML regulations require us to retain certain records for at least 5 years after the relationship ends, including:

Customer identification records
Transaction records and receipts
Suspicious activity reports and supporting documentation
Correspondence related to compliance matters

Note: Even if you request deletion of your account, we may be legally required to retain certain information for compliance purposes.

Automated Decision-Making and Profiling

We may use automated systems to process your information for certain purposes.

Types of Automated Processing

Fraud Detection: Automated systems analyze transaction patterns and device characteristics to identify potentially fraudulent activity
Identity Verification: Automated systems compare submitted identity documents against databases and perform facial recognition matching
Risk Assessment: Automated scoring of transactions and accounts based on various risk factors
Sanctions Screening: Automated checking of customer names and data against sanctions lists
Personalization: Automated systems analyze your preferences to provide personalized recommendations and content
Customer Support: Automated chatbots and AI assistants may handle initial customer inquiries

Decisions with Significant Effects

In some cases, automated processing may result in decisions that significantly affect you, such as:

Declining a transaction due to fraud risk
Requiring additional identity verification
Suspending or limiting account access
Blocking service in certain geographic locations

Your Rights Regarding Automated Decisions

Where required by law (such as under GDPR Article 22), you have the right to:

Obtain information about the logic involved in automated decisions
Request human review of automated decisions that significantly affect you
Express your point of view and contest the decision
Opt out of certain automated profiling for marketing purposes

To exercise these rights, contact us at privacy@wizzgift.com.

Do Not Track Signals

Some web browsers have a "Do Not Track" (DNT) feature that sends a signal to websites you visit, indicating that you do not want your online activity tracked.

We currently respond to DNT signals as follows:

When we detect a DNT signal, we will limit non-essential tracking where technically feasible
DNT signals will disable analytics cookies and advertising cookies
Essential cookies necessary for the functioning of our Services will still be used
Your DNT preferences are stored and honored across sessions

California's Consumer Privacy Act (CCPA) requires us to disclose how we respond to DNT signals. We honor DNT signals by limiting tracking as described above.

Global Privacy Control (GPC) signals are also recognized where supported. GPC signals are treated as an opt-out of the sale or sharing of personal information under applicable state privacy laws.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors.

Notification of Changes

We will post the updated Privacy Policy on our Website with a new "Last Updated" date
For material changes, we will provide more prominent notice (such as an email notification or in-app alert)
We will obtain your consent to material changes where required by applicable law
We encourage you to review this Privacy Policy periodically for any changes

Your Continued Use

Your continued use of our Services after any changes to this Privacy Policy constitutes your acceptance of the revised Privacy Policy. If you do not agree to the revised Privacy Policy, you should discontinue your use of our Services and delete your account.

Prior Versions

We maintain an archive of prior versions of this Privacy Policy. You may request a copy of a prior version by contacting us at privacy@wizzgift.com.

Dispute Resolution and Complaints

If you have concerns about our privacy practices or believe we have violated your privacy rights, we encourage you to contact us first so we can try to resolve the issue.

Internal Complaint Process

Submit your complaint to privacy@wizzgift.com with details of your concern
We will acknowledge your complaint within 5 business days
We will investigate and respond substantively within 30 days
If you are not satisfied with our response, you may escalate to a supervisory authority

Supervisory Authorities

Depending on your location, you may have the right to lodge a complaint with a supervisory authority:

EEA Residents: Your local data protection authority (DPA)
UK Residents: Information Commissioner's Office (ICO)
California Residents: California Attorney General's Office
Other U.S. Residents: Federal Trade Commission (FTC) or your state Attorney General
Other Jurisdictions: Your local data protection or privacy authority

Alternative Dispute Resolution

For disputes that cannot be resolved through our internal complaint process or a supervisory authority, we may offer or participate in alternative dispute resolution mechanisms, including mediation or arbitration, as provided in our Terms of Service.

Governing Law and Jurisdiction

This Privacy Policy and any disputes arising from or relating to it shall be governed by and construed in accordance with the laws of the State of Wyoming, United States, without regard to its conflict of law provisions.

For users outside the United States:

Nothing in this Privacy Policy limits your rights under applicable local law
If there is a conflict between this Privacy Policy and mandatory local law, the local law will prevail
You may have additional rights under your local data protection laws

Additional Disclosures

Accessibility

We are committed to making our Privacy Policy accessible to all users. If you need this Privacy Policy in an alternative format, please contact us at privacy@wizzgift.com.

Languages

This Privacy Policy may be available in multiple languages for convenience. In the event of any conflict between the English version and a translated version, the English version shall prevail.

Severability

If any provision of this Privacy Policy is found to be unenforceable, that provision shall be modified to the minimum extent necessary to make it enforceable, or if modification is not possible, that provision shall be severed, and the remaining provisions shall continue in full force and effect.

No Waiver

Our failure to enforce any provision of this Privacy Policy shall not constitute a waiver of that provision or any other provision.

If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us using the information below:

Privacy Inquiries

Email: privacy@wizzgift.com
Subject Line: Privacy Inquiry

Data Subject Requests

Email: privacy@wizzgift.com
Subject Line: Data Subject Request - [Your Request Type]

Marketing Opt-Out

Email: unsubscribe@wizzgift.com
Or use the unsubscribe link in any marketing email

General Inquiries

Email: support@wizzgift.com
Website: help.wizzgift.com

Mailing Address

Wizzgift LLC
Attn: Privacy Team
30 N Gould St, STE R
Sheridan, WY 82801
United States

When contacting us, please provide sufficient information to identify yourself and describe the nature of your inquiry. We may need to verify your identity before responding to your request.

Effective Date and Version History

This Privacy Policy is effective as of January 11, 2026.

Version History

Version 2.0 - January 11, 2026: Comprehensive update including enhanced CCPA/CPRA disclosures, state-specific privacy rights, expanded data practices descriptions, and additional regulatory compliance information
Version 1.0 - April 3, 2025: Initial Privacy Policy

Thank you for taking the time to read our Privacy Policy. Your trust is important to us, and we are committed to protecting your privacy and handling your personal information responsibly.