Effective date: November 10, 2025

Controller/Owner: Gifts Of The Spirit (owned by Teresa Carthron)
Address: 279 W Crogan St., Lawrenceville, GA 30046
Phone: 678-486-0262
Email: teresa@giftsotsapp.com
Website: https://giftsofthespirit.com

1) Scope & Who This Applies To

This Privacy Policy explains how we collect, use, disclose, and protect personal information when you use:

• our mobile application (“App”),

• our website and any related pages, and

• any services, features, or content provided by Gifts Of The Spirit.

It applies globally. If you are in the EEA/UK/Switzerland, additional GDPR rights and disclosures below also apply.

2) The Information We Collect

A. Information You Provide

• Identity & contact data: name, mailing address, email address, phone number.

• Account data: username, password (hashed), profile photo.

• User-generated content: text, images, audio, and video you submit (e.g., posts, forms, comments, testimonies, wall submissions).

• Purchases & support: order details, billing-related information routed through our payment processor, and the content of messages you send to support.

B. Information Collected Automatically (App & Website)

• Device data (often anonymous): device model, OS version, device language, screen size, app version, mobile network info.

• Usage data: pages/screens viewed, session duration, interactions, referral sources, crash logs, performance diagnostics.

• Approximate location data: if enabled by you or your device OS, we may receive geolocation signals (country, city, general region).

• IP address & browser data (web): IP, browser type, cookie identifiers, and similar online identifiers.

• Cookies/SDK identifiers: we use cookies on the site and SDKs in the App for analytics, performance, and (if enabled) marketing/attribution.

C. Data From Third-Party Analytics/Attribution Tools (App SDKs)

We may receive analytics or attribution insights from:

• Flurry (https://www.flurry.com)

• Firebase (https://firebase.google.com)

• Countly (https://count.ly)

• AppsFlyer (https://www.appsflyer.com)

• Facebook App Events (https://developers.facebook.com/docs/app-events)

These tools help us measure App performance, diagnose issues, understand feature usage, and (if enabled) attribute installs and campaigns. They usually receive pseudonymous device/app identifiers and usage events, not your direct identity.

3) How We Collect Information

• Directly from you: when you create an account, submit forms or content, make a purchase, contact us, or opt in to communications.

• Automatically: when you use the App or website, through cookies, pixels, and mobile SDKs.

• From third parties: analytics/attribution providers listed above; (if activated) social media platforms and payment processors.

4) How We Use Information

We use your information to:

• Provide & operate the App/website: account setup, authentication, content display, community features.

• Process orders & manage billing: fulfill purchases, provide receipts, combat fraud.

• Enable features that use your camera/gallery: scanning QR codes you choose to scan; allowing you to upload images or set a profile picture.

• Publish content you submit: with your action/consent, we may display your text, images, audio, or video in the App (e.g., walls, forms, comments).

• Communicate with you: respond to messages, send service notices, and—if you opt in—send marketing emails or in-app notifications about offers and updates.

• Analytics, performance, and safety: monitor usage, fix bugs, improve features, protect against spam, abuse, and violations of our terms.

• Legal compliance & protection: comply with applicable laws, enforce our terms, and protect the rights, safety, and property of users and our community.

5) Marketing & Your Choices

• We may send you promotional emails or in-app messages about our products and services and those of select partners only if you have opted in or where permitted by law.

• You can opt out anytime using the unsubscribe link in emails or by emailing teresa@giftsotsapp.com.

• You can adjust mobile notification permissions in your device settings.

6) When We Share Information

We do not sell your personal information. We may share limited information:

• Service providers/Processors: hosting, analytics, attribution, customer support, payment processing, email delivery, anti-fraud. Access is limited to performing services for us under contract.

• Payments & fraud prevention: when processing orders we may share data with third-party payment processors and anti-fraud providers or credit/banking agencies to prevent fraudulent purchases.

• With your direction/consent: e.g., posting your submitted content publicly in the App.

• Legal & safety: to comply with law, lawful requests, or protect users, our organization, and the public.

• Business changes: in a merger, acquisition, or similar event, your information may transfer consistent with this Policy.

Third-party tools and sites. Our site/App may link to external websites or include third-party components (e.g., embedded content). Their privacy practices are governed by their own policies. Please review them before sharing information.

7) Cookies, Pixels & Mobile SDKs

A. What They Are

• Cookies (web) are small files stored by your browser.

• Pixels are tiny code snippets that can measure actions (e.g., page views).

• Mobile SDKs (App) perform similar functions inside apps (analytics, crash reporting, attribution).

B. Why We Use Them

• Strictly necessary: sign-in/session management, security, load balancing.

• Performance/analytics: app performance, usage patterns, diagnostics.

• Functionality: remember preferences (e.g., language).

• (If enabled) Advertising/attribution: measure campaigns, avoid duplicate ads, understand installs.

C. Examples & Opt-Outs (Use As Applicable)

• Google Analytics (web): learn more: https://www.google.com/policies/privacy/ ; opt-out: https://tools.google.com/dlpage/gaoptout

• Facebook Pixel / App Events: https://www.facebook.com/policies/cookies/ and https://www.facebook.com/about/privacy ; ad settings: https://www.facebook.com/settings/?tab=ads

• Google Ads/AdSense (if used): ad settings: https://www.google.com/settings/ads ; privacy: https://policies.google.com/privacy

• Industry opt-outs: NAI: https://www.networkadvertising.org/understanding-online-advertising/how-does-it-work ; DAA: https://optout.aboutads.info/

Managing cookies: You can block or delete cookies in your browser. Guidance: Chrome, Firefox, Safari, Edge, Opera, and Internet Explorer each offer cookie controls. Blocking certain cookies may impact functionality.
Mobile advertising choices: iOS “Limit Ad Tracking”; Android “Opt out of Ads Personalization.” You can also use the DAA AppChoices app.

8) Data Storage, Location & Retention

• Storage location: We securely store data on servers located in France (Europe) with appropriate technical and organizational measures.

• Retention:

  • Account data: kept while your account is active and for up to 24 months after last activity, unless you request deletion sooner or law requires a longer period.

  • Transaction records: kept for 7 years (tax/audit).

  • Analytics/diagnostics: typically 12–24 months, depending on the provider’s defaults.

  • Marketing preferences: kept until you opt out or request deletion.

  • User-generated content: kept until you delete it or your account, subject to backups and legal holds.

When retention ends, we delete or irreversibly anonymize the data.

9) Security

We use industry-standard safeguards to protect personal information, including encrypted transport (HTTPS), access controls, least-privilege principles, firewalls, intrusion detection/prevention, and regular reviews. No method of transmission or storage is 100% secure, but we continuously work to enhance protections.

10) Your Rights & Choices

A. GDPR/EEA/UK/Switzerland Rights

Where applicable, you have the right to:

• Access your data,

• Rectify inaccurate or incomplete data,

• Erase your data in certain cases,

• Restrict processing in certain cases,

• Object to processing (including direct marketing),

• Data portability (receive your data in a portable format).

We will respond within 30 days. To exercise rights, contact teresa@giftsotsapp.com.

B. U.S. & Other Regions

Depending on your state/country, you may have similar rights (e.g., access, deletion, opt-out of marketing). Contact us to exercise them.

11) Children’s Privacy

Our services are not directed to children under 13 (or the relevant age of digital consent in your jurisdiction). We do not knowingly collect personal information from children without verifiable parental consent. If you believe a child has provided personal information, contact teresa@giftsotsapp.com and we will promptly delete it.

12) International Transfers

When we transfer data across borders, we use appropriate safeguards (e.g., contracts with standard data protection clauses) to protect your information consistent with applicable laws.

13) Changes to This Policy

We may update this Policy from time to time. We will post the revised version with a new “Effective date.” Material changes may also be communicated in-app or by email where required.

14) How To Contact Us

Email: teresa@giftsotsapp.com
Mail: Gifts Of The Spirit, 279 W Crogan St., Lawrenceville, GA 30046
Phone: 678-486-0262

Supervisory Authority (EU example)

If you are in the EU and have concerns, you may contact your local Data Protection Authority. For France, CNIL (Commission Nationale de l’Informatique et des Libertés) provides guidance and complaint intake at https://www.cnil.fr/.

Short Cookie/Tracking Summary (for your App Store/Play listing)

• Data collected: identifiers (device/app IDs), diagnostics (crash logs, performance), usage data (screen views, taps), approximate location (if enabled), account/profile info you provide.

• Purposes: app functionality, analytics, diagnostics, optional marketing/attribution.

• Not sold. Limited sharing with processors to operate services.

Notes you can keep internally (not displayed to users)

• If you enable Facebook Pixel/AdSense/other ad tech, the “Examples & Opt-Outs” section already includes proper links—no further edits needed.

• If you add additional processors (e.g., Zapier/Airtable/Tawk.to/CRM), list them in Section 6 under “Service providers/Processors” with a brief purpose line.

• If you ever move hosting from France, update Section 8 “Storage location.”

• If you add push notifications for marketing, ensure opt-in prompts are clear and reference Section 5.