QReateCards respects the privacy of all users and processes personal data in accordance with the General Data Protection Regulation (GDPR).
Which data do we process?
Depending on the use of the platform, we may process data such as:
- name
- company details
- company number
- VAT number
- address
- email address
- phone number
- login data
- IP address
- technical log files
- gift card data
- transaction data
- communication with our support service
Payment data is processed by Stripe. QReateCards does not store full card payment details.
Why do we process this data?
We process personal data for:
- account management
- platform delivery
- customer support
- invoicing
- security
- fraud prevention
- delivery of digital gift cards
- improvement of our services
- legal obligations
Responsibility
For end-customer data entered by a merchant, the merchant remains the data controller.
QReateCards processes that data only to make the service possible.
Retention period
Personal data is not retained longer than necessary for the performance of the agreement or to comply with legal obligations.
Security
We take appropriate technical and organisational measures to protect personal data against loss, misuse or unauthorised access.
Sharing with third parties
We may share personal data with carefully selected service providers such as:
- Stripe
- hosting providers
- email providers
- cloud providers
- support services
Where required, we enter into appropriate data processing agreements with these parties.
Rights
Users have the right to:
- access
- rectification
- deletion
- restriction
- portability
- objection
Requests can be sent to:
info@qreatecards.com
Changes
This privacy policy may be updated when our services or the law changes.