Fast Delivery Lead Times
Create Your Own Unique Products
Proven Compliance
400+ New Products Per Year
Unbeatable Stock Levels
Gifts GulfInternational Gifting

Privacy Policy

Last updated: 19 April 2026

This policy explains what data we collect, why, and how we safeguard it. It applies to all visitors, customers, and business partners of Gifts Gulf.

1. Who we are

Gifts Gulf ("we", "us", "Gifts Gulf") is a corporate gifting and promotional products company headquartered in Doha, Qatar, serving customers across the GCC and internationally. This policy applies to giftsgulf.com and any service we operate under the Gifts Gulf brand.

2. Information we collect

We collect the following categories of information:

  • Account information β€” name, email address, phone number, company name, and business registration / tax ID when you create an account or place an order.
  • Order & billing information β€” shipping and billing address, items ordered, customization details, payment method, and transaction reference numbers (we never store full card numbers; card processing is handled by Razorpay).
  • Uploaded files β€” artwork, logos, and brand guidelines you share with us for customization. Stored securely on Cloudinary CDN.
  • Communications β€” inquiries, quote requests, customer-service messages, and email correspondence.
  • Automatically collected data β€” IP address, browser type, pages viewed, referring URL, and device identifiers. Captured via Google Analytics (G-VQTE15YTP9) and server logs.
  • Cookies β€” essential cookies (cart state, session), analytics cookies (Google Analytics), and authentication cookies (Clerk).

3. How we use your information

  • To process orders and deliver products, including sharing shipping information with third-party couriers.
  • To issue invoices, calculate and remit applicable taxes (including GCC VAT, India GST, EU VAT), and comply with e-invoicing regulations (ZATCA in Saudi Arabia, FTA in UAE).
  • To communicate about orders, quotes, shipping, returns, and account matters.
  • To send marketing emails β€” only when you've subscribed β€” which you can opt out of at any time via the unsubscribe link in every email.
  • To detect and prevent fraud, abuse, and unauthorized access.
  • To improve our products, pricing, and user experience (via aggregated analytics).

4. Legal basis

Where you are located in a jurisdiction that requires it (such as EU/UK under GDPR), we process your personal data under the following legal bases:

  • Contract performance β€” processing necessary to fulfil orders you place with us.
  • Legal obligation β€” tax, accounting, and e-invoicing laws in the jurisdictions where we sell.
  • Legitimate interest β€” preventing fraud, improving our service, and maintaining operational security.
  • Consent β€” newsletter subscription, non-essential cookies, and any other opt-in feature.

5. Sharing with third parties

We do not sell personal data. We share it only with:

  • Payment processors β€” Razorpay (card/UPI/netbanking) for payment capture and refunds.
  • Shipping partners β€” names and addresses passed to the carrier fulfilling your order.
  • Tax authorities β€” invoices submitted to ZATCA (Saudi Arabia) and UAE FTA via accredited providers, as required by law.
  • Infrastructure providers β€” Vercel (hosting), Neon (database), Clerk (authentication), Cloudinary (file storage), Resend (transactional email), Google Analytics. All bound by their respective data processing agreements.
  • VIES (EU VAT validation) β€” VAT numbers you provide at checkout are validated against the European Commission's VIES service for cross-border B2B compliance.
  • Legal authorities β€” when required by a valid court order or regulatory request.

6. International transfers

Your data may be transferred to and processed in countries outside your own (typically the United States for hosting, India and the EU for certain operational functions). Where required, we rely on Standard Contractual Clauses or equivalent safeguards recognised by your local data-protection authority.

7. Retention

  • Account records: retained while your account is active, plus 7 years after closure for tax and accounting compliance.
  • Invoices and order records: 10 years (Saudi ZATCA), 7 years (Qatar, UAE), 8 years (India GST), or the maximum required by your jurisdiction.
  • Newsletter subscriptions: until you unsubscribe.
  • VIES validation cache: 90 days, per EU Commission guidance.
  • Analytics data: as configured in Google Analytics (default 14 months).

8. Your rights

Subject to your jurisdiction, you may have the right to:

  • Access the personal data we hold about you.
  • Correct inaccurate information.
  • Request deletion (subject to our legal retention obligations for tax records).
  • Object to or restrict certain processing.
  • Data portability β€” receive your data in a machine-readable format.
  • Withdraw consent (e.g. unsubscribe from marketing).
  • Lodge a complaint with your local data-protection authority.

To exercise any of these rights, email privacy@giftsgulf.com. We respond within 30 days.

9. Security

We use industry-standard safeguards: TLS/HTTPS for all traffic, encryption at rest for the database, signed direct-to-cloud uploads (no file passes through our servers unencrypted), HMAC-signed payment verification, and strict least-privilege access controls for staff. Despite these measures, no system is perfectly secure; we encourage strong unique passwords and will notify you promptly of any breach affecting your data.

10. Children

Gifts Gulf is a B2B/corporate gifting service. We do not knowingly collect personal data from anyone under 18. If you believe we have received data from a minor, contact us and we will delete it.

11. Changes to this policy

We'll update this page whenever our practices change. The "last updated" date at the top shows when. Material changes will be announced via email or an account notice before taking effect.

Questions about this policy? Contact us at info@giftsgulf.com