Data Safety & GDPR Disclosure

Last updated: May 29, 2026 · Full Privacy Policy · hello@giftrack.app

This page provides detailed information for Google Play Data Safety and for users in the European Economic Area (EEA) under the GDPR.

Security practices

Data is encrypted in transit
Yes
Data is encrypted at rest
Yes
Users can request data deletion
Yes — Settings → Delete account

Data types collected

Email addresses
Optional · Account creation · Not shared
Optional
User-generated content
Gift records, events, wishlists · Core feature
Core feature
Contacts (names, phone, birthday)
Only if you explicitly enable contact sync
Optional
Device or other IDs (Firebase Messaging)
Only if you enable reminders · Shared with Google Firebase only
Optional

Data NOT collected

Location, financial data, health data, advertising ID
Not collected
Third-party advertising SDKs
None — no ads

EU / GDPR Compliance

Data controller: GiftRack · hello@giftrack.app

Data is stored in Supabase (Tokyo, Japan — EU adequacy decision 2019). Firebase (USA — EU-US DPF adequacy 2023).

RightHow to exercise it
Access / PortabilitySettings → Export data (JSON)
ErasureSettings → Delete account
RectificationEdit any record in the app
Restriction / ObjectionEmail hello@giftrack.app — respond within 30 days
Lodge a complaintedpb.europa.eu