Start Gifting Now

Gratofy Privacy Policy

Last Revised: May 8 2023

Our commitment to you

This Privacy Policy describes how we at Gratofy and its subsidiaries and affiliates (“Gratofy,” “us“, “we,” “our” and/or “Company“) handles the Personal Data (meaning any information which may potentially allow your identification with reasonable means) of our users (each, a “User” or “you“) who access, download, install, register, use or engage with our website or platform (the “Website” and “Platform,” respectively) or any other service we provide or make available online or offline including through customer support channels, and in-person promotional activities (collectively, the “Service(s)“).

The purpose of this Privacy Policy is to describe to you our practices with respect to collecting, using and disclosing your Personal Data when you use the Services. We encourage you to read this Privacy Policy carefully and use it to make informed decisions. By accessing or using the Services, you agree to the terms of this Privacy Policy and your continued access or use of the Services constitutes your ongoing agreement to the Privacy Policy. This Privacy Policy may change from time to time. Your continued use or access to the Services after we make changes is deemed to be acceptance of those changes, so please check the policy periodically for updates.

With respect to the information that our enterprise customers collect from you and provide to us either directly or on their behalf (“Service Data”), we process such information only as a service provider/data processor on behalf of our customers in connection with their business. Our customers and vendors are the businesses that control the use of the Service Data and determine the purposes for which we process such information. Those customers and vendors are responsible for their own practices in collecting, using, and disclosing information they collect from you. To learn more about our customers’ and vendors’ use of your information and your rights that you may have over such information, please consult the privacy policy of the applicable company.

Grounds for data collection

When you use our Services (including, without limitation, when you sign up for an account), you consent to the collection, storage, use, disclosure and other uses of your Personal Data as described in this Privacy Policy.

We also rely on other lawful grounds for processing your Personal Data, namely: the performance of our contractual obligations towards you or whomever provides us with your information for your benefit (such as your employer, friends or family) (a “Gift Sender“), our legitimate interests in the provision of our Services including for administering our Website or Platform, for compliance with legal and regulatory obligations to which we are subject, and otherwise described herein. We may collect information that is not Personal Data (“Non-Personal Data”), including the following information: lawfully made available from federal, state, or local government records; collected by tracking technologies such as cookies; or from aggregate or de-identified information. Because Non-Personal Data does not personally identify you, we may collect, use, and disclose such information for any purpose permitted by law. In some instances, we may combine Non-Personal Data with Personal Data. If we combine any Non-Personal Data with Personal Data, the combined information will be treated by us as Personal Data.

Information we collect directly

In the course of using the Services, we may collect certain Personal Data to provide and improve the Services, to contact or identify you, to enable you to access certain parts of the Service or as otherwise indicated in this Privacy Policy.

We may collect the following Personal Data about you:

  • In order to provide our Services, you, or a Gift Sender (as described above), may be required to provide us with your contact details including your name, phone number, address, and email address. In cases where we need to, or have a third party, ship your gift, we will also process the physical address you provide for shipment. Other information we may collect directly from you may include: Account information, such as your username and password; billing information, such as credit card details and billing address; optional information you may choose to provide, such as your social handles, age, gender; and any other information you choose to provide, such as product reviews, responses to surveys or quizzes or to receive customer support.

In other cases, we may receive some or all of these contact details from a Gift Sender, who has contracted with us to provide you with our Services.

  • Our Services may include an option to register using your social media account (such as Facebook). If you choose to log in or connect to the Services using your social media account, we will process your social media account information, including your profile picture. We may also process other publicly available information on your social media account, which we believe may be necessary or relevant for the provision of the Services, as described herein. When you use your account on a social media service, to log in to our Services, you acknowledge that such third-party service provider will process your Personal Data in accordance with its own privacy policy and terms of use, as applicable, and that in no event will we be responsible for such third-party service provider’s privacy practices or otherwise.
  • We may utilise session replay software to monitor your interaction with our Website or Platform which may capture and/or record your interaction(s) with the Website or Platform, including without limitation keystrokes, mouse movements, and form field entries. We utilise this information for our compliance verification purposes and to improve our Services, and User experience.
  • We often invite eligible Users to tell a friend about our products or services. Where permitted, you may provide us with your friend’s name, email address and/or other contact information (“Referral Information”). We may use this information to automatically send your friend emails or other messages inviting them to use our Services. Your friend may opt-out of future marketing emails by clicking the “unsubscribe” link or otherwise following the opt out instructions provided within the invitation and may contact us at privacy@gratofy.com.au to request that we remove their information from our database.
  • When you send us an email or otherwise contact us, we will collect any information, including Personal Data that you choose to include in your inquiry to us.

Information we collect automatically

We, our service providers, or our third-party partners may also automatically collect information from a User when a User visits our Website, our Platform or otherwise use our Service. Such information may include:

  • Cookies and Similar Technology. We or our third-party partners may store some information on a User’s device or device hard drive as a cookie or similar type of file (such as clear gifs, web beacons, tags, and similar technologies that work on mobile devices) to collect data related to usage of the Services. “Cookies” are pieces of information that may be placed on a User’s computer by a website for the purpose of collecting data to facilitate and enhance a User’s communication and interaction with that website. Such data may include, without limitation, the address of the websites a User visited before and after a User visited the Website, the type of browser a User is using, a User’s Internet Protocol (IP) address, what pages in the Website a User visited and what links a User clicked on, the region where a User device is located, and geo-IP data. We may use cookies to customise a User’s visit to the Website and for other purposes to make a User’s visit more convenient or to enable us to enhance our Services. We may also use cookies for interestbased advertising. To learn more about how we use cookies, please read our Cookie Policy. A User can set its browser to accept all cookies, reject all cookies, or notify a User when a cookie is set. However, if a User sets its browser to disable all cookies, some features of the Services may not function properly. Please see our Cookie Policy for more information on your choices regarding cookies.
  • Clickstream Data. As you use the Internet, a trail of electronic information is left at each website a User visits. This information, which is sometimes referred to as “clickstream data,” can be collected and stored by a website’s server. Clickstream data can tell us the type of computer and browsing software a User uses and the address of the website from which a User linked to the Website. We may collect and use clickstream data as a form of aggregate information to anonymously determine how much time visitors spend on each page of a User’s Website, how visitors navigate throughout the Website and how we may tailor our web pages to better meet the needs of visitors. This information will be used to improve our Website and our Services.
  • Site and Platform Analytics. We may work with third-party service providers who use the technologies described in this section to conduct website analytics to help us track and understand how visitors use our Website. One such provider is Google Analytics, a web analytics service provided by Google, Inc. (“Google”). Google Analytics uses cookies to help analyse how users use the Website. The information generated by these cookies about a User’s use (including a User’s IP address) will be transmitted to and stored by Google on servers in the United States. Google will use this information for the purpose of evaluating a User’s use of the Website, compiling reports on activity for its staff, and providing other services relating to web page activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. A User may refuse the use of cookies by selecting the appropriate settings in your browser. By using the Website and accepting cookies, A User consents to the processing of data about it by Google in the manner and for the purposes set out above. If a User wishes to prevent its data from being used by Google Analytics, Google has developed an opt-out browser add on available here.

 

Cross-Device Matching. We may now or in the future have the ability to match a User’s devices using the data collected, making educated predictions, and, in some cases, using deterministic data (e.g., unique identifiers) or other content across devices. We may then, subject to the limitations otherwise set forth in this Privacy Policy and applicable law, display targeted advertisements to you across your devices unless it is an Opted-Out Device (as defined below) as further described in YOUR CHOICES below.

How do we use the data we collect?

  • Provision of the Service – we may use the Personal Data a User provides us for the provision and improvement of our Service, providing customer support and to respond to a User’s queries.
  • Service announcements – we may use Personal Data to communicate with a User by email and text message to keep a User informed of our latest updates to our Service and offer a service and product offers that we believe a User may have an interest in.
  • Analytics, surveys and research – from time to time, we may conduct surveys or test features, and analyse the data we have to develop, evaluate and improve these features, all in order to improve our Services and offerings (including to our business partners), and develop new and exciting features for our Users. 
  • Protecting our interests – we may use Personal Data when we believe it’s necessary or appropriate in order to take precautions against liabilities, investigate and defend ourselves against any third-party claims or allegations, investigate and protect ourselves or third parties from fraud, protect the security or integrity of our Services and protect the rights and property of the Company, its Users, partners and/or other third parties.
  • Enforcing of policies – we may use Personal Data in order to enforce our policies, including but not limited to our applicable Terms of Use referenced on our Website.
  • Compliance with legal and regulatory requirements – we may use Personal Data to investigate violations, and as required by law, regulation, rule or other governmental authority, or to comply with a subpoena or similar legal process. 
  • Marketing and advertising – we may send a User emails and text messages with promotional material concerning our Service, or our business partners’ services, which we believe might interest a User; we may also display certain adverts on our Service and/or on third-party websites and platforms, which we believe will be relevant for a User. We try to show a User only relevant ads and receive relevant communications from us, including but not limited to, by building an automated profile based on a User’s Personal Data.
  • Service Data – We may receive Personal Data from our customers in the form of Service Data. We use this information solely at the direction of these customers in order to provide them with our Services.

Data Protection

The following definitions apply in this clause:

“Agreed Purposes”: as required under this Agreement. Controller, data controller, processor, data processor, data subject, personal data, processing and appropriate technical and organisational measures: as set out in the Data Protection Legislation in force at the time. SG-110680-5-20-V1 Data Protection Legislation: Australian Data Protection Legislation and any other European Union legislation (if applicable) relating to personal data and all other legislation and regulatory requirements in force from time to time which apply to a party relating to the use of personal data (including, without limitation, the privacy of electronic communications); and the guidance and codes of practice issued by the relevant data protection or supervisory authority and applicable to a party.

“Permitted Recipients”: the parties to this Agreement, the employees of each party, any third parties engaged to perform obligations in connection with this Agreement.

“Shared Personal Data”: the personal data to be shared between the parties under this Agreement.

Shared Personal Data shall be confined to the following categories of information relevant to the following categories of data subject: customers of Products via the Retail Platform and personnel of either Party. The type of data shall relate to contact data, financial data and transaction data.

“Australian Data Protection Legislation”: all applicable data protection and privacy legislation in force from time to time in Australia including the General Data Protection Regulation ((EU) 2016/679); the Privacy Act 1988 (Cth) including the Australian Privacy Principles (apps);as amended.

Information and policy within this clause sets out the framework for the sharing of personal data between the parties as data controllers. Each party acknowledges that one party (the Data Discloser) will regularly disclose to the other party (the Data Recipient) Shared Personal Data collected by the Data Discloser for the Agreed Purposes.

Each party shall comply with all the obligations imposed on a controller under the Data Protection Legislation, and any material breach of the Data Protection Legislation by one party shall constitute a material breach of this Agreement.

Each party shall:

  • Ensure that it has all necessary consents and notices in place to enable lawful transfer of the Shared Personal Data to the Data Recipient for the Agreed Purposes;
  • Give full information to any data subject whose personal data may be processed under this Agreement of the nature such processing. This includes giving notice that, on the termination of this Agreement, personal data relating to them may be retained by or, as the case may be, transferred to one or more of the Permitted Recipients, their successors and assignees;
  • Process the Shared Personal Data only for the Agreed Purposes;
  • Not disclose or allow access to the Shared Personal Data to anyone other than the Permitted Recipients;
  • Ensure that all Permitted Recipients are subject to written contractual obligations concerning the Shared Personal Data (including obligations of confidentiality) which are no less demanding than those imposed by this Agreement;
  • Ensure that it has in place appropriate technical and organisational measures, reviewed and approved by the other party, to protect SG- 110680-5-20-V1 against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data;
  • Not transfer any personal data outside of the Territory unless the transferor:
    • Complies with the provisions of Article 26 of the General Data Protection Regulation (in the event the third party is a joint controller); and 
    • Ensures that (i) the transfer is to a country approved by the European Commission as providing adequate protection pursuant to Article 45 of the General Data Protection Regulation; (ii) there are appropriate safeguards in place pursuant to Article 46 of the General Data Protection Regulation; or (iii) one of the derogations for specific situations in Article 49 of the General Data Protection Regulation applies to the transfer.

 

Each party shall assist the other in complying with all applicable requirements of the Data Protection Legislation. In particular, each party shall:

  • Consult with the other party about any notices given to data subjects in relation to the Shared Personal Data;
  • Promptly inform the other party about the receipt of any data subject access request;
  • Provide the other party with reasonable assistance in complying with any data subject access request;
  • Not disclose or release any Shared Personal Data in response to a data subject access request without first consulting the other party wherever possible;
  • Assist the other party, at the cost of the other party, in responding to any request from a data subject and in ensuring compliance with its obligations under the Data Protection Legislation with respect to security, breach notifications, impact assessments and consultations with supervisory authorities or regulators;
  • Notify the other party without undue delay on becoming aware of any breach of the Data Protection Legislation;
  • At the written direction of the Data Discloser, delete or return Shared Personal Data and copies thereof to the Data Discloser on termination of this Agreement unless required by law to store the personal data;
  • Use compatible technology for the processing of Shared Personal Data to ensure that there is no lack of accuracy resulting from personal data transfers;
  • Maintain complete and accurate records and information to demonstrate its compliance with this clause 11 and allow for audits by the other party or the other party’s designated auditor; and
  • Provide the other party with contact details of at least one employee as point of contact and responsible manager for all issues arising out of the Data Protection Legislation, including the joint training of relevant staff, the procedures to be followed in the event of a data security breach, and the regular review of the parties’ compliance with the Data Protection Legislation.

 

Each party shall indemnify the other against all liabilities, costs, expenses, damages and losses (including but not limited to any direct, indirect or consequential losses, loss of profit, loss of reputation and all interest, penalties and legal costs SG-110680-5- 20-V1 (calculated on a full indemnity basis) and all other reasonable professional costs and expenses) suffered or incurred by the indemnified party arising out of or in connection with the breach of the Data Protection Legislation by the indemnifying party, its employees or agents, provided that the indemnified party gives to the indemnifier prompt notice of such claim, full information about the circumstances giving rise to it, reasonable assistance in dealing with the claim and sole authority to manage, defend and/or settle

With whom do we share your personal data?

  • Internal concerned parties – We share a User’s information with companies in our operating group such as affiliates and subsidiaries, as well as our employees, contractors, services providers, and other third parties we use to support our business as needed or deemed appropriate by us, to provide our Services.
  • Business partners (including retailers, consultants and vendors), independent contractors and other service providers (collectively: “Providers”) – we share a User’s information with Providers such as storage and analytics companies who help us with the operation and provision of the Services. These third parties may have access to Personal Data so that they may perform these tasks on our behalf, but they do so with the understanding that these parties will use the information for these limited purposes, and may not use Personal Data for any other purpose. The collection or receipt of your Personal Data by such third parties is subject to their own privacy policies, statements, and practices, and under no circumstances are we responsible or liable for any third party’s compliance therewith. We may also share a User’s information with our third-party partners for the purpose of interest-based advertising, as described in the section titled INTEREST-BASED ADVERTISING, below.
  • Compliance with laws and law enforcement entities – We cooperate with government and law enforcement officials and private parties to enforce and comply with laws, rules and regulations. We also may be required to disclose an individual’s Personal Data in response to a lawful request by public authorities, including in connection to meeting national security or law enforcement requirements. We will disclose any data about a User to government or law enforcement officials or private parties as we, in our sole discretion, believe necessary or appropriate to (i) respond to claims and legal process (including but not limited to subpoenas), (ii) protect our or a third party’s property and rights, (iii) protect the safety of the public or any person, or (iv) prevent or stop any activity we may consider to be, or to pose a risk of being, illegal, unethical, inappropriate or legally actionable; (v) enforce our Terms; (vi) take precautions against liability; (vii) investigate and defend ourselves against any third-party claims or allegations; and (viii) protect the security or integrity of the Services.
  • Mergers, acquisitions and other business transactions – If we enter into or become involved in a business transaction such as a merger, acquisition, reorganisation, dissolution, bankruptcy, or sale of some or all of our assets, whether as a going concern or as part of bankruptcy, we may share a User’s Personal Data in connection with such transaction or potential transaction. Any party that acquires our assets as part of such a transaction may continue to use your data in accordance with the terms of this Privacy Policy.
  • Aggregated or Non-Personal Data – We may share aggregated information or Non-Personal Data with unaffiliated third parties, such as business partners, manufacturers, distributors, and retailers, in a form in which the shared information will not contain nor be linked to any Personal Data, to improve and enhance your experience using the Website and Services, for our market research activities, and for marketing and advertising.

Interest-based advertising

We may use information we collect (alone or in combination with information provided by third parties and service providers) to deliver targeted advertising (about us or other third party products and services) to you when you visit our Website or other websites.

Information about a User may be used in this process. For example, if you are searching for information on a particular product, we may use that information to cause an advertisement to appear on other websites you view with information on that product. We may, now or in the future, have the ability to engage in “crossdevice matching” to display targeted advertisements to you across browsers and devices (as described above).

To further clarify, we partner with third parties that collect information across various channels, including offline and online, for purposes of delivering more relevant advertising to you or your business. Our partners may place or recognise a cookie on your computer, device, or directly in our emails/communications, and we may share Personal Data with them if you have submitted such information to us, such as your name, postal address, email address, or device ID. Our partners use this information to recognise you across different channels and platforms, including but not limited to, computers, mobile devices, and Smart TVs, over time for advertising, analytics, attribution, and reporting purposes.

If you would like to opt out of these interest-based advertisements or “cross-device matching,” please see the section titled “YOUR CHOICES”, below.

How we protect your information

We have implemented administrative, technical, and physical safeguards designed to help prevent unauthorised access, use, or disclosure of your Personal Data. Your data is stored on secure servers and isn’t publicly available. We limit access of your information only to those employees, Providers and other third parties described in this Privacy Policy.

While we seek to protect your information to ensure that it is kept confidential, we cannot absolutely guarantee its security. You should be aware that there is always some risk involved in transmitting information over the internet. While we strive to protect your Personal Data, we cannot ensure or warrant the security and privacy of your Personal Data or other content you transmit using the Service, and you do so at your own risk.

Retention

We will retain your Personal Data for as long as necessary to provide our Services, and as necessary to comply with our legal obligations, resolve disputes, and enforce our policies. Retention periods will be determined taking into account the type of information that is collected and the purpose for which it is collected, bearing in mind the requirements applicable to the situation and the need to destroy outdated, unused information at the earliest reasonable time. Under applicable regulations, we will keep records containing Personal Data, communications and anything else as required by applicable laws and regulations.

Your choices

We strive to offer you with choices about how information is used and shared. There are several ways in which you may opt out of the various programs and services we provide. Some of the ways in which you may opt out are described below.

Opting Out of Our Services. You may choose not to receive our promotional or marketing emails by clicking on the “unsubscribe” link in the emails that you receive from us, or by sending an unsubscribe request to us at unsubscribe@gratofy.com.au Please note that even if you unsubscribe, we may continue to send you servicerelated updates and notifications, or reply to your queries and feedback you provide us. We may also still use and share your Personal Data with third parties for non-marketing purposes (for example to fulfill your requests and orders, communicate with you and respond to your inquiries, etc.). In such cases, the companies with whom we share your Personal Data are authorised to use your Personal Data only as necessary to provide these non-marketing services.

Interest-Based Advertising Opt-Out. Third parties, such as ad networks, web analytics companies, and social networking platforms (some of whom are discussed elsewhere in this Privacy Policy), may collect information about your online activities over time and across our Website and other third-party online properties or services. These companies may use information about your visits to our Website and other sites, and general geographic information derived from your IP address, in order to provide advertisements about goods and services of interest to you. For more information about third-party advertisers and how to prevent them from using your information, please visit https://www.networkadvertising.org/choices/. This is a site offered by the Network Advertising Initiative (“NAI“) that includes information on how consumers can opt out from receiving interest-based advertising from some or all of NAI’s members. You can also visit https://www.aboutads.info/choices, which is a site offered by the Digital Advertising Alliance (“DAA“) that includes information on how consumers can opt out from receiving internet-based advertising from some or all of DAA’s participating companies. Opting out of interest-based advertising does not mean that you will no longer see any advertisements. Rather, you will still see advertisements that are general and not tailored to your specific interests and activities. Further, cookie-based opt-outs must be performed on each device and browser that you wish to have opted out. For example, if you have opted out on your computer browser, that opt-out will not necessarily be effective on your mobile device. In the event we are performing cross-device matching (as described above), once you have opted out on one device (“Opted-Out Device”), we will not use any new data from the Opted-Out Device to identify you on another device for interest-based advertising purposes and we will not use data from another device for interest-based advertising purposes on the Opted-Out Device. We enter into legal agreements ensuring an adequate level of data protection.

EU/UK/Switzerland Privacy Disclosures

EU/UK/Switzerland (collectively “EU+”) User Rights

The controller of all data collected by us through the Services is Gratofy Group Pty. Ltd. We may obtain Personal Data and other information about you through public sources and/or our third-party partners who help us provide our products and services to you. We may also obtain Personal Data from our customers in the form of Service Data. With respect to Service Data, our customers are the data controllers and we act as their data processor.

As an EU/UK/Switzerland resident, you may request to:

  1. Receive confirmation as to whether or not Personal Data concerning you is being processed, and access your stored Personal Data, together with supplementary information. 2
  2. Receive a copy of Personal Data you directly volunteer to us in a structured, commonly used and machine-readable format.
  3. Request rectification of your Personal Data that is in our control.
  4. Request erasure of your Personal Data.
  5. Object to the processing of Personal Data by us.
  6. Request to restrict processing of your Personal Data by us.
  7. Lodge a complaint with a supervisory authority.

 

Please note that these rights pertain to EU/UK/Switzerland residents only, are not absolute, and may be subject to our own legitimate interests and regulatory requirements. A list of Supervisory Authorities is available here: https://edpb.europa.eu/about-edpb/board/members_en.

Data Subject Requests

If you are an EU/UK/ Switzerland resident, you have the right to access Personal Data we hold about you and to ask that your Personal Data be corrected, updated, or erased. You may also have the right to object to, or request that we restrict, certain processing. If you would like to exercise any of these rights, you may submit a request here.

Use of your Personal Data for marketing purposes

We strive to provide you with choices regarding certain Personal Data uses, particularly around marketing and advertising:

  • Promotional offers from us: We may use your Personal Data to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you (we call this marketing). You will receive marketing communications from us if you have requested information from us or used our services and, in each case, you have consented to our use of your Personal Data for marketing purposes.

 

Users Outside the EU/UK/Switzerland – Some of the aforementioned rights are applicable in certain jurisdictions outside the EU/UK/Switzerland as well. Users residing outside the EU/UK/Switzerland are welcome to contact us for any questions or requests at the details below.

If you wish to exercise any of your rights or submit a request regarding your Personal Data processed by us, please refer to the contact information below.

Transfers of Data Outside of the EU, UK, and Switzerland

If you reside in the EU, UK, or Switzerland, please note that some data recipients may be located outside the EU, UK, or Switzerland. In such cases we will transfer your data only to such countries as approved by the European Commission and other applicable data protection authorities as providing an adequate level of data protection or enter into legal agreements ensuring an adequate level of data protection.

Our policy toward children

We understand the importance of protecting children’s privacy, especially in an online environment. Our Services are not designed for or directed at children under the age of 18 years old (“Minors”).

We do not knowingly collect Personal Data from Minors. If a parent or guardian becomes aware that his or her child has provided us with Personal Data, he or she should contact us using the details provided below.

How to contact us

If you wish to exercise any of the aforementioned rights, or receive more information, please submit a request here, or contact us at privacy@gratofy.com.au or at the following mailing address:

Mailing address:
Gratofy Group Pty Ltd
10 Canning St
Brunswick East
Victoria, Australia 3057

We will make an effort to reply within a reasonable timeframe. Please feel free to reach out to us at any time.

EU Representative

Pursuant to Article 27 of the General Data Protection Regulation (GDPR), Gratofy has appointed European Data Protection Office (EDPO) as its GDPR Representative in the European Union. You can contact EDPO regarding matters pertaining to the GDPR by (i) using EDPO’s online request form: https://edpo.com/gdpr-datarequest/ or (ii) writing to EDPO at Avenue Huart Hamoir 71, 1030 Brussels, Belgium.

UK Representative 

Pursuant to Article 27 of the UK GDPR, Gratofy has appointed EDPO UK Ltd as its UK GDPR representative in the UK. You can contact EDPO UK regarding matters pertaining to the UK GDPR by (i) using EDPO’s online request form: https://edpo.com/uk-gdpr-data-request/ or (ii) writing to EDPO UK at 8 Northumberland Avenue, London WC2N 5BY, United Kingdom.

Updates to this policy

This Privacy Policy is subject to changes from time to time, in our sole discretion. The most current version will always be posted on our Services (as reflected in the “Last Revised” heading). You are advised to check for updates regularly. All changes to this Privacy Policy are effective as of the stated “Last Revised” date, and your continued use of the Service after the Last Revised date will constitute acceptance of, and agreement to be bound by, those changes.

OUR NEWSLETTER

Sign up for our gift-guides, trends and additions to our gift collections

QUICK LINKS
FOLLOW US
Linkedin Youtube

2024 © Gratofy
Made with care by MMR

Contact Us

‘In the spirit of reconciliation Gratofy acknowledges the Traditional Custodians of country throughout Australia and their connections to land, sea and community. We pay our respect to their Elders past and present and extend that respect to all Aboriginal and Torres Strait Islander peoples today.’

Terms & Conditions | Privacy Policy | Cookie Policy