Introduction #
Welcome to Gjirafa!
Thank you for choosing to use Gjirafa, Inc.’s websites, products, and services, to which we will be referring collectively as “Services”
When you use our Services, you may share some personal data with us. Your privacy is extraordinarily important to us. Therefore, Gjirafa is committed to respecting and protecting your privacy. This Privacy Notice describes how Gjirafa collects and processes your personal data through Services that reference this Privacy Notice.
Definition of Notions #
The notions used within this Privacy Notice have the following meanings:
“Gjirafa” - signifies Gjirafa, Inc., Kosovo Branch, which is a trading company of the United States of America (U.S.A.), which operates as a foreign branch registered in the Republic of Kosovo with the Unique ID, 810840307, with the registered address, Prishtina – Ferizaj Highway, 6th Km 10500 Graçanica, Republic of Kosovo.
“Services” - signifies all websites and/or products provided by and/or through Gjirafa (view a non-exhaustive list of Gjirafa’s websites).
“You”, or “user” - refers to the entity or individual that uses our Services
“We”, or “us”, or “our” - refers to Gjirafa.
“User” - signifies any visitor and/or user of Gjirafa’s Services, and, depending on the Services used, the term user can have different meanings. For the purposes of this Privacy Notice, the terms “user”, and “client” have the same meaning, except if otherwise presented by the context of use.
“Applicable legislation” - refers to legislation that is applicable in the Republic of Kosovo, according to the Constitution of the Republic of Kosovo, of the date April 9th, 2008, which entered into force on June 15th, 2008, together with all amendments and supplements.
“Third-Party” - signifies any physical or legal subject, other than You, and Gjirafa.
“Platform” - refers to and includes each of Gjirafa’s websites, through which Gjirafa’s Services and products are provided. The term platform is most closely defined as, and refers to, the website that You use at any given moment.
“Gjirafa AdNetwork” - refers to Gjirafa’s advanced digital advertising platform (www.gj.al/AdNetwork).
All the terms and notions defined above are general notions and, as such, are implemented throughout all of Gjirafa’s Services and websites.
All the words used in the singular shall have the same meaning in plural.
Scope and Objectives #
When You use Gjirafa’s Services and/or visit any of Gjirafa’s websites, You consent to the conditions described in this Privacy Notice. In doing so, You authorize Gjirafa to collect and process your data, according to the practices set forth in this Privacy Notice, as well as in compliance with applicable laws.
Gjirafa has updated this Privacy Notice to ensure that its policies for the regulation of the processes and security measures for the collection and processing of personal data are in compliance with the applicable law in the Republic of Kosovo, namely Law No. 06/L-082 on the Protection of Personal Data. Moreover, Gjirafa will make every effort to ensure that the personal data collected from users is treated in compliance with the applicable laws in the Republic of Kosovo.
Gjirafa also voluntarily and continuously endeavors to respect, and harmonize its practices with, the highest international standards in relation to the protection of privacy and personal data, such as the General Data Protection Regulation (GDPR) of the European Union, which entered into force on May 25th, 2018.
This Privacy Notice is implemented and applicable to any users of any websites, products, and/or Services provided by and/or through Gjirafa.
Children and Our Services #
Persons under the age of thirteen (13) years, are not permitted to create an account with Gjirafa, or provide their personal data. Users who are at least thirteen (13) years of age, but under eighteen (18) years of age, may register with Gjirafa, but only if they have the consent of their parent and/or guardian, including consent to this Privacy Notice for, and on behalf of, the minor between the age of thirteen (13) and eighteen (18) years.
In cases when the processing of data is conducted in relation to persons under the age of sixteen (16) years, Gjirafa makes continuous efforts to verify that the consent has been given, and/or authorized, by a parent, and/or legal guardian, of the minor, taking into account available technical capacities.
According to this Privacy Notice, and according to our General Conditions of Use (view the General Conditions of Use), parents and/or legal guardians hold responsibility for the provision of the necessary consent for children who have not reached adult age. Gjirafa is not, under any circumstances, responsible for the actions of a parent and/or legal guardian in relation to a minor that is under their care. We strongly advise You to carefully monitor children during the use of our Services.
Processing of Personal Data #
We can collect and process your personal data, including from different devices, when You:
- Use our Services
- Register an account with Gjirafa.
- Update or supplement the personal information on your account.
- Communicate with Gjirafa regarding its Services.
- Order, and/or purchase, from, and/or through, Gjirafa’s Services.
- Encounter other circumstances, as may be specified within this Privacy Notice.
Legality of the Processing of Personal Data #
In any case, as described above, and/or in other cases, the collection and processing of your personal data is conducted only when Gjirafa is certain of the legality of such processing, and when:
- You provide your consent for such processing.
- Processing is necessary for the fulfillment of a contract.
- Processing is necessary for compliance with a legal obligation.
- Processing is necessary for the protection of your vital interests.
- Processing is necessary for the completion of an obligation in the public interest, or exercise of official authority.
- Processing is necessary for purposes of the legitimate interests exercised by Gjirafa and/or by a third party, except when such interests are overridden by your interests or fundamental rights and freedoms, which require the protection of personal data, especially if a minor is concerned.
Please keep in mind that the processing of your data, as provided by You, is based on existing legal guidelines, and not always based on the consent provided by You. Your consent, and/or retraction of consent, does not constitute a sufficient reason to cease and/or limit the processing of your data, while other legal bases for the processing of such data exist.
Personal Data that Can be Processed by Gjirafa #
Gjirafa processes your personal data in order to improve and optimize the Services that it provides.
The types of personal data that can be processed by Gjirafa include:
- Data provided by You, or, in certain cases, a parent and/or legal guardian, in relation to Gjirafa’s Services.
- Identifying information such as your name and surname, address of residency and/or emplacement, phone number, password, email address, etc.
- In cases when You purchase different products and/or Services from Gjirafa, then You may be asked for information such as the delivery address for the purchased product, the billing address, card and/or bank account information, information relating to different methods of payment, and other data provided by You for the purchase of a product and/or Service, and with the purpose of providing the ordered product and the successful execution of the payment.
- In some other cases, when You use Gjirafa’s Services, including cases when You visit one of our websites, You may provide personal information such as age, gender, interest, education, professional experience, preferences, etc.
- In addition, Gjirafa may also collect and process additional data that is required or authorized by applicable laws for the collection and processing of data, with the purpose of proper identification and verification of the data provided by You, especially when such action is required and/or demanded by any competent public authority.
Gjirafa will not, in any case, and under any circumstance, ask that You disclose and/ or provide the personal information of children. You may use the name of a minor under your care on an account registered with Gjirafa only for the purpose of the identification of the user, and with the intent of selecting content that is suitable for their age.
Automatic Data #
Certain types of data related to your interaction with our Services are collected automatically using cookies and other technologies, when your browser or device accesses Gjirafa’s Services. When using Gjirafa’s Services, You will be presented with the option of providing your consent to this Privacy Notice, including the automatic collection of your data. Nevertheless, keep in mind that, if You choose not to consent to the conditions of this Privacy Notice, You may not be able to utilize essential features of our Services, and that the same applies to instances of the retraction of your consent.
Automatically collected data includes:
- Data on your preferences for marketing, advertising, and communication with Gjirafa, data that Gjirafa receives from devices that You utilize when You use our Services, register an account with Gjirafa, update or add information to your account, participate in online discussions or conversations, and/or when You communicate with Gjirafa regarding its Services.
Data on the ID or unique identification number of your device, the type of device, the type of operating system, or similar data.
Information of your geographic location from your IP address, or other data of your device.
Data from your devices such as website viewing statistics, circulation of and/ or from certain websites, links, URL references, IP addresses, browsing history, or your login information for our websites, or partner websites.
- Data on search terms and/or filters used.
Data from Cookies #
“Cookies” are standard files that are sent and saved on devices that You use to access Gjirafa’s Services. In this Privacy Notice, we will refer to such files with the word “cookies” according to the version written in the English language.
Gjirafa uses cookies to provide You with essential features and Services, including:
- To recognize You when You sign in to use Gjirafa’s Services
- To remember your specified preferences, which You can set by visiting https://une.gjirafa.com.
- To conduct diagnostics on the performance of our Services in order to improve their functionality.
- To improve security and prevent fraudulent activity.
- To understand your interactions with our Services in order to personalize the content that is delivered to You, including advertising.
The types of cookies that Gjirafa uses include:
- Necessary cookies: These cookies are necessary for the functioning of Gjirafa’s Services, and therefore, cannot be switched off. Such cookies do not store any personally identifiable information.
- Performance cookies: These cookies enable Gjirafa to monitor visits and traffic on its websites, and are used to measure and improve the performance of our Services.
- Marketing cookies: These cookies are used by marketing networks as well as social networks to configure the advertisements that You see, so that they present content that is relevant to You.
Most browsers allow You to customize notifications and consent for the use of cookies. You can manage the use of cookies through your internet browser settings and/or by visiting
https://une.gjirafa.com. However, if You choose to block or otherwise reject the use of cookies, You may not be able to take advantage of some essential features of our Services.
Data from Other Sources #
Gjirafa can supplement your personal data with data that is collected from thirdparties, by adding them to the existing data of your account. For example, Gjirafa may collect and use demographic data that is available in the public domain, as permitted by applicable laws.
Data from Third-Party Websites #
We use the data referred to in this Privacy Notice to assist in the showcasing of advertisements that are more relevant to You, to assess their effectiveness, and to recognize your devices in order to provide you with such advertisements. When You visit third-party websites that are part of the Gjirafa AdNetwork platform, Gjirafa may receive usage data.
Data for the Processing of Payments #
Gjirafa does not collect, save, or process banking card information that can be used to complete payments. In cases when the processing of payments is completed by third-parties, Gjirafa may share the payment information provided by You with the third-parties that provide the respective payment processing services. In such cases, the conditions and policies for the processing of personal data of those respective third-parties are applicable.
Personalization of Different Devices #
When You access Gjirafa’s Services from your browser and/or device, Gjirafa associates that browser and/or device with your account for login, security, and personalization purposes. For example, if You visit a page that contains sportsrelated content on your laptop, Gjirafa can show You advertisements related to sports on your mobile device.
Reason for the Processing of Personal Data #
Gjirafa collects and processes the data provided by You for the following purposes:
- Identification for secure access to our Services.
- Provision of personalized and relevant Services.
- Improvement of our Services to You.
- To contact You in relation to your account, e.g., to send You messages by email or SMS to verify your account.
- To respond to You, when You contact us.
- Personalization of advertisements and communications for marketing purposes.
- Prevention, detection, reduction, and investigation of fraudulent and/or illegal activities.
- To fulfill technical requirements for the provision of our Services, testing of algorithms, and improvement of your experience.
- Whenever Gjirafa is required to, by the legislation in force or directly by a competent public authority.
Storage of Personal Data #
Gjirafa stores your personal data for as long as it is necessary or important for the provision of our Services, in compliance with the relevant laws in force. In addition, Gjirafa may store your personal data even after the closing of your account to prevent fraud, collect any unpaid debt, resolve disputes, implement agreements and/or contracts, for purposes specified by tax legislation, to help any investigation, and to undertake other actions that are permitted and/or required by applicable laws.
In cases when it is no longer necessary for Gjirafa, when legal obligations for the retention of your personal data cease, or when the purpose for which your personal data has been collected and/or stored is extinguished, Gjirafa executes the destruction of the aforementioned data in a safe manner, as well as in compliance with applicable laws for privacy and the protection of personal data, and with Gjirafa’s internal policies.
Data that Gjirafa Shares and Displays #
Gjirafa does not, under any circumstances, sell your data. Gjirafa uses the data submitted by You according to your consent to this Privacy Notice, only when a legal basis specified by the applicable law for the protection of personal data exists, in order to provide better Services and display more relevant direct advertisements to You.
Gjirafa does not collect copies of personal identification documents or any other documents from potential clients. Gjirafa may ask the users for personal identification documents only in cases when Gjirafa provides paid services, and has reason to doubt the credibility of an order or the information provided by users. The aforementioned documents will be promptly deleted from Gjirafa's database as soon as the intended verification is completed.
Service Providers #
Gjirafa uses service providers to complete functions and offer services in our areas of operation. For example, Gjirafa uses different third-party services, such as Google Analytics or Hojtar, to assist in the provision of its Services, such as the hosting of Gjirafa’s servers or applications, or to help us understand the use of our Services.
Gjirafa shares payment information with service providers to process payments, stop, detect, or inspect fraud or other prohibited activities, to help with the resolution of disputes, such as the return of means or delayed collection, as well as other matters related to the acceptability of credit and/or debit cards.
In cases when You use services provided by service providers, which are thirdparties, Gjirafa makes every effort to ensure that, when the third-party makes contact with personal data that has been collected or stored by Gjirafa, the thirdparty agrees to treat the aforementioned data in compliance with the conditions of this Privacy Notice, and the applicable laws for the protection of privacy and personal data.
Third-Party Privacy Practices #
This Privacy Notice addresses and regulates only the processing, use, disclosure, and retention of personal data that Gjirafa collects from You. If You disclose your personal data to others, or if You are redirected to a third-party website, then keep in mind that the policies, practices, and privacy notices of the respective thirdparty will be applicable. Gjirafa expressly denies responsibility, and cannot be held liable for any misuse and/or damage that may be caused to You by third-parties, when You share your data with such parties.
Gjirafa encourages You to carefully evaluate the privacy and security policies of third-parties before You enter into any transaction with them and/or disclose your personal data to them.
Rejection of Responsibility for Third-Parties #
Gjirafa’s Services may contain various links that redirect users to other websites which are operated by third-parties. Direction to such websites occurs only after users click the respective links and choose to visit third-party websites.
Gjirafa will not, under any circumstance, be responsible for the conditions that regulate the collection, processing, and protection of personal data which are applicable to such third-party websites. The aforementioned websites do not belong, are not owned, and/or operated by Gjirafa. Therefore, Gjirafa expressly rejects responsibility for the actions and/or damages that may be caused by thirdparty websites which users choose to visit.
Access to and Update of Personal Data #
If You have registered an account with Gjirafa, we offer You the login option of SSO (Single Sign-On) to access, correct, delete, or modify the personal information that You have provided and that is related to your account.
Gjirafa also undertakes the necessary steps to ensure and guarantee that the personal data collected from You by Gjiirafa is accurate and updated, and to ensure that You can access and correct such data.
We ask You to update your personal information whenever any changes occur or if the information is inaccurate. Gjirafa expressly denies and does not assume responsibility for the compensation of any damages that may be caused to You as a result of incorrect or outdated information.
Checking the Data You Have Shared With Gjirafa #
You can check the data that You share with Gjirafa at any time by visiting
https://une.gjirafa.com., where all the personal data that You have shared with Gjirafa is available. You have the option to limit, delete, or correct this data, provide your consent, retract prior consents, or request the deactivation of your account. Gjirafa also facilitates the easy transfer of your data by enabling You to download it or contact us directly with any requests, by using the contact information published on our corporate website (view contact information).
Retraction of Consent #
When You are logged into your account with Gjirafa, You can manage the privacy configurations and SSO functions of your account at any time. In cases when your data is collected based on your consent, You have the right to retract your consent for the collection, use, processing, transfer, or disclosure of your personal data for the purposes specified in this Privacy Notice.
The retraction of your consent will result in the termination of the processing of your data only if the processing is based solely on your consent and has no other legal basis. In such cases, after confirming that the only legal basis for the processing of your personal data is your consent, Gjirafa will address the case and act in accordance with your request.
The retraction of your consent does not retroactively affect the legality of the processing of your personal data. In addition, keep in mind that if You revoke your consent for the processing of your data, You may not have access to all of Gjirafa’s Services, and we may not be able to provide You with all the Services and support that are provided to other users.
The Right to be Forgotten / The Right to Erasure #
In compliance with Law Nr.06/L-082 for the Protection of Personal Data of the Republic of Kosovo, and in harmony with the General Data Protection Regulation (GDPR) of the European Union, You have the right to ask Gjirafa for the right “to be forgotten”, which involves the deletion of your personal data.
In such cases, Gjirafa will take action to complete your request within optimal deadlines. However, keep in mind that such requests will be completed by Gjirafa in compliance with legal conditions, and only when Gjirafa is assured that it does not have any legal and/or contractual obligation to continue to store your data. Please keep in mind that your request to be forgotten is not always automatically granted, and that Gjirafa will act in accordance with your request to delete your personal data only when it does not have further obligations to store such data.
Preferences of Communication #
You have the option of choosing how Gjirafa can use your personal information to communicate with You, including the manner that notifications and personalized advertisements are sent to You.
You can control the preferred methods of communication through which Gjirafa may contact You regarding your account, your purchases, and/or your other activities in relation to its Services, by visiting
https://une.gjirafa.com.Notifications #
If You do not wish to accept notifications from Gjirafa, You have the option of unsubscribing, when applicable, and/or making a direct request to Gjirafa for the deactivation of notifications, by using the contact information published on our corporate website (view contact information).
Security #
Gjirafa protects your data by utilizing high-tech, physical, and administrative security measures for the purpose of reducing the risk of any loss, misuse, unauthorized access, discovery, or alteration of data. Some of the security measures that Gjirafa uses are firewalls, data encryption, high levels of control, and authorization criteria for access to your personal data. If You have reason to believe that your account has been compromised in any manner, please immediately contact us by using the contact information published on our corporate website (view contact information).
Change of Ownership #
In case of merger, acquisition, and/or sale by, and/or to another company, Gjirafa may share your personal data with the new combined subject, in compliance with the applicable law for the protection of personal data, and Gjirafa’s standards, as set forth in this Privacy Notice. If such an event occurs, Gjirafa will notify You in time, and will request that the new combined subject abides by the applicable law, and this Privacy Notice, in relation to the protection of your personal data.
Applicable Laws and Public Interest #
Without prejudice to the conditions and rights that are described in this Privacy Notice, or the control competencies that may have been provided to You, Gjirafa stores, uses, and/or displays your personal data, if it believes that such actions are reasonably necessary in order to:
- Comply with any applicable law, regulative process, or request of competent public authorities.
- Protect the safety of any person, and/or the security and integrity of its platforms, including assistance with the prevention of misuse, abuse, or other actions that are not allowed within its Services.
- Explain why it has removed account content from its Services.
- Address fraud, matters of security, and/or technical issues.
- Protect its assets and rights, or the property of those who use its Services.
However, no element of this Privacy Notice has the intention of limiting You with regard to legal protections or claims that You may have against third-parties, including requests from competent public authorities for the disclosure of personal data.
Suggestions and Complaints #
If You have any questions, complaints, or suggestions regarding this Privacy Notice, or your right to privacy and the protection of your personal data, You may contact us directly by using the contact information published on our corporate website (view contact information).
Supplements, Changes, and Severability of the Privacy Notice #
Gjirafa may modify and/or supplement this Privacy Notice at any time, by updating and publishing the modifications and/or supplementations on this website. The latest version of this Privacy Notice will be published on our corporate website, and will regulate the processing of your personal data.
Should we make any fundamental changes to this Privacy Notice, You will be promptly notified through pop-up alerts, email, social media posts, and/or any of the methods of communication set forth in this Privacy Notice or the General Conditions of Use (view the General Conditions of Use). All the aforementioned methods of notification are considered official. By continuing to access and/or use Gjirafa’s Services after any modifications and/or supplementations of the Privacy Notice enter into force, You agree with such updates.
Please keep in mind that, in case that the modifications and/or supplementations of this Privacy Notice are of a fundamental nature, your refusal to consent to such updates may lead to the severance of your relationship with Gjirafa, respectively the cessation of the provision of our Services to You. As such, should You chose not to share certain data with Gjirafa, You might not be able to utilize certain Services provided by Gjirafa.
In case any part, paragraph, and/or subsection of this Privacy Notice is considered and/or found invalid by any competent authority for any reason, then the other parts of this Privacy Notice remain in force, and retain full legal effect without being affected by the part that is considered invalid.