Privacy Policy

Last updated: April 23, 2026

Table of Contents

Introduction

ThankYou ("we," "us," "our," or "Company") is committed to protecting your privacy. This Privacy Policy explains what information we collect, how we use it, and your rights regarding your personal data.

This Privacy Policy applies to our website, mobile application, and all services provided through ThankYou. By accessing or using our Service, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with our privacy practices, please do not use our Service.

Data We Collect

We collect information in various ways to provide and improve our Service. The types of information we collect include:

Information You Provide Directly

When you create an account, send a gift, or interact with our Service, we collect information such as:

  • Full name and email address
  • Phone number (optional)
  • Profile information and photographs
  • Messages and content in thank-you cards
  • Recipient information (name, email, phone)
  • Payment information (processed securely through Stripe)

Payment Information

When you send a monetary gift, we collect payment information to process your transaction. However, we do not directly store your complete payment card details. Instead, payment information is encrypted and processed by Stripe Connect, our payment processor. We only store a reference token that allows us to identify your payment method for future transactions and billing purposes.

Automatically Collected Information

We automatically collect certain information when you use our Service:

  • IP addresses and device identifiers
  • Browser type and operating system
  • Pages visited and actions taken on our Service
  • Referral sources and date/time of access
  • Device type and mobile operating system information
  • Location data (general, not precise GPS location)

Usage Data

We collect analytics data about how you interact with our Service, including features you use, gifts sent, cards created, and engagement metrics. This helps us understand user behavior and improve the platform.

Information from Third Parties

We may receive information about you from third-party services, including Stripe (for payment verification) and analytics providers. We only share data with third parties as described in this Privacy Policy.

How We Use Your Data

We use the information we collect for various purposes:

  • To create and maintain your account
  • To process payments and send monetary gifts
  • To deliver thank-you cards and notifications to recipients
  • To communicate with you about your account and transactions
  • To provide customer support and respond to inquiries
  • To improve and optimize our Service
  • To conduct analytics and understand user behavior
  • To detect and prevent fraud, abuse, and illegal activity
  • To comply with legal obligations and law enforcement requests
  • To send promotional emails and marketing communications (with your consent)
  • To personalize your experience on our platform

Data Sharing

We are committed to protecting your privacy and do not sell your personal data to third parties. However, we do share information in limited circumstances:

Stripe Connect

We share payment information with Stripe Connect to process monetary gifts. This includes the transaction amount, recipient information, and payment method details. Stripe is PCI DSS compliant and handles payment data according to their own privacy policy.

Service Providers

We may share information with third-party service providers who help us operate our Service, such as cloud hosting providers, analytics services, and customer support tools. These providers are contractually obligated to protect your information and use it only for the purposes we specify.

Legal Requirements

We may disclose your information if required by law, such as in response to a subpoena, court order, or government request. We will provide notice of legal requests whenever legally permitted to do so.

Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change and provide you with choices regarding your personal data.

No Sale of Data

We do not sell, rent, or lease your personal data to advertisers or third-party marketers. We will never share your information for commercial purposes without your explicit consent.

Cookies and Tracking

We use cookies and similar tracking technologies to enhance your experience and analyze how you use our Service. Cookies are small files stored on your device that help us recognize you and remember your preferences.

Types of Cookies

  • Essential Cookies: Required for the Service to function (authentication, security)
  • Preference Cookies: Remember your choices and settings
  • Analytics Cookies: Help us understand how users interact with our platform
  • Marketing Cookies: Used to display relevant advertisements and measure campaign effectiveness

Cookie Control

You can control cookies through your browser settings. Most browsers allow you to refuse cookies or alert you when cookies are being sent. Please note that disabling certain cookies may affect the functionality of our Service.

Data Retention

We retain your personal data for as long as necessary to provide our Service and fulfill the purposes outlined in this Privacy Policy. Retention periods vary based on the type of data and the context:

  • Account Information: Retained while your account is active and for a reasonable period afterward for record-keeping and legal compliance
  • Transaction Data: Retained for at least 7 years for tax and financial reporting purposes
  • Analytics Data: Retained for up to 2 years
  • Marketing Communications: Retained until you unsubscribe

When data is no longer needed, we securely delete or anonymize it. You may request deletion of your personal data at any time, subject to legal and contractual retention obligations.

Your Rights

Depending on your location, you have certain rights regarding your personal data under applicable privacy laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA):

Right to Access

You have the right to request a copy of the personal data we hold about you.

Right to Correction

You can request that we correct inaccurate or incomplete information.

Right to Deletion

You may request deletion of your personal data, subject to certain legal and business exceptions.

Right to Data Portability

You have the right to receive your data in a portable format and transmit it to another service provider.

Right to Object

You can object to processing of your personal data for marketing and analytics purposes.

Right to Withdraw Consent

If we process your data based on consent, you can withdraw that consent at any time.

To exercise any of these rights, please contact us using the information provided in the Contact Us section below.

Children's Privacy

ThankYou is not intended for children under the age of 13. We do not knowingly collect personal data from children under 13. If we become aware that we have collected personal data from a child under 13, we will delete such information and terminate the child's account immediately.

Parents or guardians who believe their child has provided personal data to ThankYou should contact us immediately. For users between 13 and 18, additional parental consent or notification may be required in some jurisdictions.

Data Security

We implement industry-standard security measures to protect your personal data from unauthorized access, disclosure, and alteration. These measures include:

  • Encryption of data in transit using SSL/TLS protocols
  • Secure storage of sensitive information
  • Regular security audits and vulnerability assessments
  • Access controls and authentication mechanisms
  • Compliance with payment card industry standards

While we employ comprehensive security measures, no system is completely secure. We cannot guarantee absolute security of your information. You are responsible for maintaining the confidentiality of your account credentials.

Contact Us

If you have questions about this Privacy Policy, wish to exercise your rights, or have concerns about how we handle your data, please contact us:

Email: privacy@thankyou.app
Support Email: support@thankyou.app
Contact Form: Available on our contact page

We will respond to your request within 30 days or as required by applicable law.

Policy Updates

We may update this Privacy Policy periodically to reflect changes in our practices or applicable laws. We will notify you of material changes by updating the "Last updated" date at the top of this page and, if required, by providing additional notice.

Your continued use of ThankYou after any modifications constitutes your acceptance of the updated Privacy Policy.

← Back to HomeRead our Terms of Service →