Privacy Policy

This Privacy Policy describes how GiftCardMall("we," "us") handles information when you use our gift card balance lookup service. It applies to the website at mygift-giftcardmallai.com and any subdomains we operate.

It does not cover websites or services we link out to — including the issuer pages your balance is fetched from. Each of those has its own policy.

We collect only what is needed to run the service and keep it stable. That breaks down into three buckets:

• Card details you submit. The 16-digit card number, expiration date, and security code you enter into the form. These are sent to the card issuer for the lookup and are not retained after the request finishes.
• Technical request data. Your IP address, browser user agent, and the timestamp of each request — kept in rolling access logs for up to 14 days for abuse prevention and uptime diagnostics.
• Information you send us. If you email support or use the contact form, we keep that correspondence and the email address you used to send it.

We don't run advertising trackers, fingerprinting scripts, or third-party session recorders. We don't ask for your name, phone number, postal address, or government ID to use the balance checker. We don't scrape your social profiles to enrich an internal record about you, because we don't maintain that internal record in the first place.

When you submit the balance form, your card details travel from your browser to our servers over a TLS-encrypted connection, are forwarded to the card issuer's API in the same encrypted fashion, and the response is rendered in your browser. Once the response is returned, the card details are dropped from in-memory process state and are not written to disk, logs, analytics, or any long-term store.

We do not aggregate balance data across users. We do not sell card numbers, balances, or any derived statistic to third parties.

We use a small number of strictly necessary cookies to keep the site working — for example, a CSRF token cookie that protects the form from cross-site abuse. We do not set advertising cookies, social plug-in cookies, or analytics cookies that follow you across sites.

If we ever introduce non-essential cookies (for example, anonymous-aggregate analytics), we will request your consent first via an in-page banner that defaults to opt-out.

To operate the service, we rely on a handful of vendors. Each processes data only as instructed by us, under written contracts that prohibit independent use:

• Hosting and content delivery — to serve the site and reach you with low latency.
• Card issuers — to actually fetch the balance for the card you submitted.
• Email infrastructure — to deliver replies if you contact support.

We do not share your data with marketers, data brokers, or ad-network operators.

Depending on where you live, you may have a right to access, correct, delete, or limit the processing of your personal information. That includes residents of California (under the CCPA/CPRA), the European Economic Area and the United Kingdom (under the GDPR), and a growing list of US states with comparable statutes.

To exercise any of those rights, email support@mygift-giftcardmallai.com. We'll verify your request and respond within the timeframe required by the law that applies to you (usually 30 to 45 days).

• Card details: Not retained beyond the request that uses them.
• Access logs: Up to 14 days, then automatically purged.
• Support correspondence: 24 months, after which we archive or delete based on the topic. Security disclosures are kept indefinitely for audit reasons.

We use HTTPS with TLS 1.3 across the site, encrypt data in transit to our backend services, and follow standard industry practice for access controls — least-privilege accounts, mandatory two-factor authentication for engineers, and audit logging on production resources.

No system on the public internet can be made absolutely secure. If a breach affects your data, we will notify you in line with applicable law and post a public incident summary.

GiftCardMall is not intended for use by children under 13, and we do not knowingly collect personal information from anyone under that age. If you believe a child has submitted information to us, contact support@mygift-giftcardmallai.com and we will delete it.

Our servers are operated from the United States. If you are using GiftCardMall from outside the US, you understand that your information is processed in the US, where data protection rules may differ from those in your country.

We may update this policy as the service evolves. When we do, we revise the "Last updated" date at the top, and for material changes we post a notice on the homepage for at least 30 days.

Questions, concerns, or rights requests can go to support@mygift-giftcardmallai.com or via the form at our contact page.