Privacy Notice
Last updated: July 3, 2026
1. Who we are
Purrfect Wishes ("we", "us") operates PostCat. We are the data controller responsible for the personal data described in this notice. Contact us any time at support@catgifgrams.com.
2. Personal data we collect
- Account data — email address, password hash, sign-in provider (e.g. Google).
- Send data — recipient name and email, sender name, greeting message, chosen cat.
- Order data — the products/credits you purchased, order IDs, purchase amount. Payment card details are collected directly by Stripe, our payment processor — we never see or store them.
- Support messages — anything you send us at our support address.
- Technical data — IP address, device and browser information, and usage logs used to keep the Service secure and reliable.
3. How and why we use it
- Create and secure your account, and let you sign in — performance of contract.
- Deliver the greeting you paid for to the recipient you specified — performance of contract.
- Process purchases and grant credits — performance of contract.
- Prevent fraud and abuse, and keep the Service secure — legitimate interests.
- Improve the Service and fix bugs — legitimate interests.
- Reply to your support requests — legitimate interests / performance of contract.
- Comply with legal, tax, and accounting obligations — legal obligation.
4. Who we share it with
- Stripe — our payment processor. Stripe handles card processing, fraud prevention, and (where enabled) tax calculation on our behalf.
- Hosting and infrastructure providers — used to run the Service and store data (application hosting, database, authentication, email delivery).
- Professional advisers — accountants and legal advisers where necessary.
- Authorities — when required by law or to protect our rights.
We do not sell your personal data.
5. Retention
We keep account and send data for as long as your account is active. Order records are retained for as long as needed to comply with tax and accounting obligations (typically up to 7 years). Technical logs are kept for a shorter period, then deleted or anonymised.
6. International transfers
Some of our providers (including Stripe and our hosting provider) may process data outside your country of residence. Where transfers leave the UK/EEA, we rely on appropriate safeguards such as the European Commission's Standard Contractual Clauses or adequacy decisions.
7. Your rights
Depending on where you live, you may have the right to:
- access the personal data we hold about you;
- correct inaccurate data;
- ask us to delete your data;
- restrict or object to certain processing;
- receive your data in a portable format;
- withdraw consent (where processing is based on consent);
- lodge a complaint with your local data protection authority.
To exercise any right, email support@catgifgrams.com. We aim to respond within one month.
8. Security
We apply appropriate technical and organisational measures — including encryption in transit, access controls, and least-privilege database policies — to protect personal data. No system is perfectly secure; if you suspect an issue, please tell us immediately.
9. Cookies
PostCat uses only essential cookies and similar storage needed to keep you signed in and secure the checkout. We do not use advertising or cross-site tracking cookies. You can control cookies through your browser settings, though disabling essential cookies will break sign-in.
10. Changes
We'll update this notice as our practices evolve. Material changes will be reflected by updating the "Last updated" date above.
See also our Terms & Conditions and Refund Policy.