Data Safety & GDPR Disclosure
Last updated: May 29, 2026 · Full Privacy Policy · hello@giftrack.app
This page provides detailed information for Google Play Data Safety and for users in the European Economic Area (EEA) under the GDPR.
Security practices
Data is encrypted in transit
YesData is encrypted at rest
YesUsers can request data deletion
Yes — Settings → Delete accountData types collected
Email addresses
OptionalOptional · Account creation · Not shared
User-generated content
Core featureGift records, events, wishlists · Core feature
Contacts (names, phone, birthday)
OptionalOnly if you explicitly enable contact sync
Device or other IDs (Firebase Messaging)
OptionalOnly if you enable reminders · Shared with Google Firebase only
Data NOT collected
Location, financial data, health data, advertising ID
Not collectedThird-party advertising SDKs
None — no adsEU / GDPR Compliance
Data controller: GiftRack · hello@giftrack.app
Data is stored in Supabase (Tokyo, Japan — EU adequacy decision 2019). Firebase (USA — EU-US DPF adequacy 2023).
| Right | How to exercise it |
|---|---|
| Access / Portability | Settings → Export data (JSON) |
| Erasure | Settings → Delete account |
| Rectification | Edit any record in the app |
| Restriction / Objection | Email hello@giftrack.app — respond within 30 days |
| Lodge a complaint | edpb.europa.eu |