GIBGIB

PRIVACY POLICY

Last updated: December 28, 2024

1. Introduction

GIB ("we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service at gib.page (the "Service").

By using the Service, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with our policies and practices, please do not use the Service.

2. Information We Collect

2.1 Information You Provide

We collect information you voluntarily provide when you:

  • Create an account: Email address, username
  • Set up your profile: Display name, bio, avatar image, social media links
  • Add wallet addresses: Cryptocurrency wallet addresses (public blockchain addresses only)
  • Customize your page: Theme preferences, layout settings
  • Subscribe to a paid plan: Payment information processed through Stripe (we do not store credit card details)
  • Create donation goals: Goal titles, descriptions, target amounts

2.2 Automatically Collected Information

When you access the Service, we automatically collect:

  • Usage data: Page views, wallet clicks, navigation patterns
  • Device information: Device type (mobile, desktop, tablet), browser type, operating system
  • Analytics data: Aggregated, anonymized visitor statistics
  • Log data: IP addresses, access times, error logs (retained for security and debugging purposes)

2.3 Information from Third Parties

We may receive information from:

  • Stripe: Payment processing and subscription status information
  • Alchemy API: Public blockchain data for donation goal progress tracking
  • Analytics providers: Plausible Analytics for privacy-friendly visitor statistics

3. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve the Service
  • Create and manage your account and profile
  • Display your donation page to visitors
  • Process subscription payments and manage billing
  • Send transactional emails (login links, account notifications)
  • Provide customer support and respond to inquiries
  • Monitor and analyze usage patterns and trends
  • Detect, prevent, and address technical issues and security vulnerabilities
  • Enforce our Terms of Service and comply with legal obligations
  • Improve user experience and develop new features

4. How We Share Your Information

We do not sell or rent your personal information. We may share your information in the following circumstances:

4.1 Public Profile Information

Information you choose to display on your public profile (username, display name, bio, avatar, wallet addresses, social links, donation goals) is publicly accessible to anyone who visits your donation page.

4.2 Service Providers

We share information with third-party service providers who perform services on our behalf:

  • Stripe: Payment processing and subscription management
  • Cloudflare R2: Image storage for avatars and profile images
  • Resend: Transactional email delivery (magic login links)
  • Neon: Database hosting and management
  • Plausible Analytics: Privacy-friendly website analytics
  • Sentry: Error tracking and application monitoring
  • Upstash: Rate limiting and security services

4.3 Legal Requirements

We may disclose your information if required by law or in response to:

  • Legal process, court orders, or government requests
  • Enforcement of our Terms of Service
  • Protection of our rights, property, or safety
  • Investigation of fraud, security, or technical issues

4.4 Business Transfers

If we are involved in a merger, acquisition, or sale of assets, your information may be transferred. We will provide notice before your information is transferred and becomes subject to a different privacy policy.

5. Data Security

We implement appropriate technical and organizational security measures to protect your information, including:

  • Encryption of data in transit using HTTPS/TLS
  • Encryption of sensitive data at rest
  • Regular security assessments and monitoring
  • Access controls and authentication mechanisms
  • Rate limiting to prevent abuse

However, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security of your information.

6. Cryptocurrency and Wallet Privacy

We do not custody or control your cryptocurrency:

  • GIB never has access to your private keys or control over your cryptocurrency wallets
  • Wallet addresses you provide are displayed publicly on your donation page for donors to send funds directly to you
  • We do not track, monitor, or have visibility into transactions to your wallets
  • Blockchain transactions are public by nature. Anyone can view transactions on blockchain explorers
  • You are responsible for the privacy and security of your own cryptocurrency wallets

We may use public blockchain APIs (like Alchemy) to check wallet balances for donation goal progress tracking, but this only accesses publicly available blockchain data.

7. Data Retention

We retain your information for as long as necessary to provide the Service and fulfill the purposes outlined in this Privacy Policy:

  • Account data: Retained until you delete your account
  • Analytics data: Aggregated data retained indefinitely; individual event data retained for 90 days
  • Log data: Retained for 30 days for security and debugging purposes
  • Billing records: Retained as required by law and for tax purposes (typically 7 years)

When you delete your account, we permanently delete your profile data, wallet addresses, and personal information within 30 days. Some information may remain in backups for up to 90 days before permanent deletion.

8. Your Privacy Rights

Depending on your location, you may have certain rights regarding your personal information:

8.1 Access and Portability

You can access, review, and export your personal information at any time through your account settings.

8.2 Correction

You can update or correct your profile information, wallet addresses, and account settings at any time.

8.3 Deletion

You can delete your account and associated data at any time from your account settings. This action is permanent and cannot be undone.

8.4 Opt-Out

You can opt out of analytics tracking by enabling Do Not Track in your browser or using privacy-focused browser extensions.

8.5 GDPR Rights (EU/EEA Residents)

If you are located in the European Union or European Economic Area, you have additional rights under the General Data Protection Regulation (GDPR):

  • Right to access your personal data
  • Right to rectification of inaccurate data
  • Right to erasure ("right to be forgotten")
  • Right to restrict processing
  • Right to data portability
  • Right to object to processing
  • Right to withdraw consent
  • Right to lodge a complaint with a supervisory authority

8.6 CCPA Rights (California Residents)

If you are a California resident, you have rights under the California Consumer Privacy Act (CCPA):

  • Right to know what personal information is collected
  • Right to know if personal information is sold or disclosed
  • Right to opt-out of the sale of personal information (we do not sell your data)
  • Right to deletion of personal information
  • Right to non-discrimination for exercising your rights

9. Cookies and Tracking Technologies

We use minimal cookies and tracking technologies:

  • Essential cookies: Required for authentication and security (session management)
  • Analytics cookies: Privacy-friendly analytics through Plausible (no personal data collected, GDPR compliant)

We do not use advertising cookies or third-party tracking cookies. You can control cookie preferences through your browser settings.

10. Children's Privacy

The Service is not intended for children under 18 years of age. We do not knowingly collect personal information from children under 18. If you believe we have collected information from a child under 18, please contact us immediately and we will delete such information.

11. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that are different from the laws of your country.

When we transfer personal data from the EU/EEA to other countries, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission.

12. Third-Party Links

The Service may contain links to third-party websites or services (such as social media links on user profiles). We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party sites you visit.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated Privacy Policy on this page and updating the "Last updated" date. Your continued use of the Service after changes become effective constitutes acceptance of the updated Privacy Policy.

14. Contact Information

If you have questions about this Privacy Policy or wish to exercise your privacy rights, please contact us at julien@gib.page

← Back to home