Personal data means any information relating to an identified or identifiable natural person (also referred to as Data Subject); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. This includes here in particular also date of birth or place of birth, e-mail address, telephone number, place of residence, network identifier (cookies), identity card number and driver's license number, copy of these IDs, data about accounts on social networks, chat content, Google ID, online and offline data and their combination, data about activities on Website including cluster analysis, data about goods purchased to date and services provided by the responsible person to date, etc. In summary, this is any information that, in itself or in combination with other data, could identify a specific natural person.

Data processing means any operation or set of operations on personal data or on sets of personal data performed with the aid of automatic procedures or without such procedures on personal data; e.g. collection, gathering, use, classification, combination, arrangement, structuring, regrouping or linking, storage, adaptation or modification, search, consultation, annotation, exploitation, dissemination, making available by transmission or any other making available, restriction, erasure or destruction of personal data.

In accordance with the Law No. 06/L-082 on Personal Data Protection, the controller (Gjirafa) may process personal data only for specific legal reasons, namely on a contractual basis and on a legal basis (including on the basis of a legal obligation). In this regard, the data processing in the particular case must be in the public interest, serve to protect the interests of the Data Subject or another natural person, be necessary due to legitimate interests of the controller or a third party, or be carried out with the express consent of the Data Subject. The scope of the data to be processed depends on the purpose or the legal ground of the respective processing.

In some cases, the data controller uses the services of third parties in connection with its business activities. Among other things, these also process the personal data collected by the controller. These third parties are then to be regarded as commissioned data processors. These are, for example, IT systems and website administrators, accountants, tax advisors, lawyers, auditors, marketing agencies, etc. Within the framework of the fulfillment of its legal obligations, the data controller shall also transmit personal data to public authorities (e.g. courts, law enforcement agencies, administrative authorities, etc.) to an indispensable extent.

When you visit, use, or navigate our Services, we may process personal information depending on how you interact with us and the Services, the choices you make, and the products and features you use. Learn more about personal information you disclose to us, below.

We do not process sensitive personal information, unless it is deemed necessary and we have your written consent in advance.

We may collect information from public databases, marketing partners, social media platforms, and other outside sources. Learn more about information collected from other sources, below.

We process your information to provide, improve, and administer our Services, communicate with you, for security and fraud prevention, and to comply with law. We may also process your information for other purposes with your consent. We process your information only when we have a valid legal reason to do so. Learn more about how we process your information, below.

We may share information in specific situations and with specific third parties. Learn more about when and with whom we share your personal information, below.

The applicable law on privacy in Kosovo, namely the Law No. 06/L-082 on Protection of Personal Data, ascertains you have certain rights regarding your personal information. Gjirafa has updated this Privacy Policy to ensure that its policies for regulating processes and security measures for the collection and processing of personal data are in accordance with the law. Furthermore, Gjirafa will make every effort to ensure that personal data collected from users will be treated in accordance with the applicable laws in the Republic of Kosovo.

Gjirafa also voluntarily and constantly aims to comply with and harmonize its practices with the highest international standards regarding the protection of privacy and personal data, such as the General Data Protection Regulation, (GDPR) of the European Union, which entered into force on May 25, 2018. This Privacy Policy applies to and is applicable to any user of any of the websites, products and/or Services offered by and/or through Gjirafa. Learn more about your privacy rights, below.

The easiest way to exercise your rights is by visiting www.travel.gjirafa.com or by contacting us. We will consider and act upon any request in accordance with applicable data protection laws.

Want to learn more about what we do with any information we collect?

Review the Privacy Privacy in full.

In Short: We collect personal information that you provide to us.

We collect personal information that you voluntarily provide to us when you register on the Platform and/or Services, or, in certain cases, data provided by a parent and/or legal guardian, in relation to Gjirafa’s Services. We collect the information when you update or complete personal data in your account, express an interest in obtaining information about us or our products and Services, when you participate in activities on the Services, when you order, and/or purchase, from, and/or through our Services, when you encounter other circumstances, as may be specified within this Privacy Policy or otherwise when you contact us.

Personal Information Provided by YouThe personal information that we collect depends on the context of your interactions with us and the Services, the choices you make, and the products and features you use. The personal information we collect may include the following, but are not limited to:

• Name and surname
• Phone numbers
• Email addresses
• Residential addresses
• Contact or authentication data
• Billing addresses
• Identification card (ID)
• Date of birth
• Password
• Other relevant information in accordance with the purpose and/or legal basis.

Other types of personal information we may collect, include but are not limited to:

• When you purchase different products and/or Services from us, then you may be asked for information such as the delivery address for the purchased product, billing address, card and/or bank account data, data related to the various means of payment, and other information provided by you for the purchase of any product and/or Service, and for the purpose of providing the ordered product and successfully completing the payment.
• When you use our Services, including when you visit any of our websites, you may provide personal information such as age, gender, interests, education, professional experience, preferences, etc.
• We can also collect and process other additional information that is required or authorized by the applicable laws for the collection and processing of data, in order to identify and verify the information provided to you, especially when such actions are required and/or ordered by any competent public authority.

In no case, and under no circumstances, we will ask you to disclose and/or provide children's personal data. You may enter the name of a minor under your care in the account registered with Gjirafa only for the purpose of identifying the user, and for the purpose of selecting content that is appropriate for their age.

All personal information that you provide to us must be true, complete, and accurate, and you must notify us of any changes to such personal information.

Sensitive InformationWe do not process sensitive information, unless it is deemed necessary and we have your written consent in advance.

Payment DataWe do not collect, store, or process bank card if you make purchases. In cases where payment processing is performed by third parties, we may share the payment data provided by You with third parties that provide the relevant payment processing services. All payment data is stored by the relevant third party. In such cases, the terms and policies for the processing of personal data of the relevant third parties are applicable. Please be advised to read their privacy policy.

Information automatically collectedIn Short: Some information — such as your Internet Protocol (IP) address and/or browser and device characteristics — is collected automatically when you visit our Services.

We automatically collect certain information when you visit, use, or navigate the Services. This information may reveal your specific identity (like your name, contact information, or ID number) and may also include device and usage information, such as your IP address, browser and device characteristics, operating system, language preferences, referring URLs, device name, country, location, information about how and when you use our Services, data on your marketing, advertising and communication preferences with us, which data we receive from the devices you use when you use our Services, register an account with us, update or add information to your account, participate in discussions or online chats, and/or when you communicate with us regarding our Services, data from your devices such as page view statistics, traffic to and/or from certain websites, widgets, URL referrals, browsing history, or your login data on our websites or those of our partners, data on search terms and/or filters used and other technical information. This information is primarily needed to maintain the security and operation of our Services, and for our internal analytics and reporting purposes.

The information we collect includes:

• Log and Usage Data. Log and usage data is service-related, diagnostic, usage, and performance information our servers automatically collect when you access or use our Services and which we record in log files. Depending on how you interact with us, this log data may include your IP address, device information, browser type, and settings and information about your activity in the Services (such as the date/time stamps associated with your usage, pages and files viewed, searches, and other actions you take such as which features you use), device event information (such as system activity, error reports (sometimes called "crash dumps"), and hardware settings).
• Device Data. We collect device data such as information about your computer, phone, tablet, or other device you use to access the Services. Depending on the device used, this device data may include information such as your IP address (or proxy server), device and application identification numbers, location, browser type, hardware model, Internet service provider and/or mobile carrier, operating system, and system configuration information.
• Location Data. We collect location data such as information about your device's location, which can be either precise or imprecise. How much information we collect depends on the type and settings of the device you use to access the Services. For example, we may use GPS and other technologies to collect geolocation data that tells us your current location (based on your IP address). You can opt out of allowing us to collect this information either by refusing access to the information or by disabling your Location setting on your device. However, if you choose to opt out, you may not be able to use certain aspects of the Services.

Like many businesses, we also collect information through cookies and similar technologies. When navigating on our website www.travel.gjirafa.com small text files are stored in your browser, so-called cookies. The storage of cookies requires your consent in the so-called "opt-in" procedure.

Cookies are small text files containing a negligible amount of information (letters and numbers) that are stored on your computer when visiting the Website and navigating through the Platform and that enable the Website to recognize your browser or device.

In this Privacy Policy, we will refer to such files with the word "cookies" according to the original version written in the English language. In terms of our legitimate interest, such cookies are essential for the operation of the Website (the Platform) and for the internet services of GjirafaTravel.

We use cookies to provide you with features and Services, including:

• Recognizing you when you log in to use our services;
• Remembering your specified preferences;
• Conducting diagnostics on the performance of our Services in order to improve their functionality;
• Improving security and preventing fraudulent activities;
• Understanding your interactions with our Services in order to personalize the content provided to you, including advertising.

Types of cookies we use:

• Necessary cookies: These cookies are necessary for the operation of Gjirafa Services, and therefore, cannot be turned off. Such cookies do not store any personally identifiable data.
• Performance cookies: These cookies enable us to monitor visits and traffic to our websites and are used to measure and improve the performance of our Services. These cookies are also necessary for us to distinguish individual Data Subjects when viewing web pages and to display information relevant only to these Data Subjects according to their prior preferences;
• Marketing cookies: These cookies are used by advertising networks and social networks to configure the ads you see so that they present content that is relevant to you.

If you do not wish to save cookies files regularly and systematically in your browser or desire the removal of all saved cookies files from the browser, you may specify this in the settings of the browser. However, the rejection or blocking of cookies files may impact the usage of the website and you may not be able to take advantage of some essential features of our Services.

Google APIOur use of information received from Google APIs will adhere to Google API Services User Data Policy, including the Limited Use requirements.

In Short: We may collect limited data from public databases, marketing partners, social media platforms, and other outside sources.

In order to enhance our ability to provide relevant marketing, offers, and services to you and update our records, we may obtain information about you from other sources, such as public databases, joint marketing partners, affiliate programs, data providers, social media platforms, and from other third parties. This information includes mailing addresses, job titles, email addresses, phone numbers, intent data (or user behavior data), Internet Protocol (IP) addresses, social media profiles, social media URLs, and custom profiles, for purposes of targeted advertising and event promotion.

We also use service providers to perform functions and provide services in the areas where we operate. For example, we use various third-party services, i.e., Google Analytics, Hotjar, etc., to help provide its Services, such as hosting our servers or applications, or to help us understand the use of our Services.

If you interact with us on a social media platform using your social media account (e.g., Facebook), we receive personal information about you from such platforms such as your name, email address, and gender. Any personal information that we collect from your social media account depends on your social media account's privacy settings. Please note that their own use of your information is not governed by this privacy policy.

Information collected from Third-Party WebsitesWe use the data referred to in this Privacy Policy to assist in the showcasing of advertisements that are more relevant to You, to assess their effectiveness, and to recognize your devices in order to provide you with such advertisements. When You visit third-party websites that are part of the Gjirafa AdNetwork platform, Gjirafa may receive usage data.

Personalization of Different DevicesWhen You access Gjirafa’s Services from your browser and/or device, Gjirafa associates that browser and/or device with your account for login, security, and personalization purposes. For example, if You visit a page that contains sports-related content on your laptop, Gjirafa can show You advertisements related to sports on your mobile device.

In Short: We process your information to provide, improve, and administer our Services, communicate with you, for security and fraud prevention, and to comply with law. We may also process your information for other purposes with your consent.

In Short: We only process your personal information when we believe it is necessary and we have a valid legal reason (i.e., legal basis) to do so under applicable law, like with your consent, to comply with laws, to provide you with services to enter into or fulfill our contractual obligations, to protect your rights, or to fulfill our legitimate business interests.

The Law No. 06/L –082 on Protection of Personal Data require us to explain the valid legal bases we rely on in order to process your personal information. As such, we may rely on the following legal bases to process your personal information:

• Consent. We may process your information if you have given us permission (i.e., consent) to use your personal information for a specific purpose. You can withdraw your consent at any time. Learn more about withdrawing your consent, below.
• Performance of a Contract. We may process your personal information when we believe it is necessary to fulfill our contractual obligations to you, including providing our Services or at your request prior to entering into a contract with you.
• Legal Obligations. We may process your information where we believe it is necessary for compliance with our legal obligations, such as to cooperate with a law enforcement body or regulatory agency, exercise or defend our legal rights, or disclose your information as evidence in litigation in which we are involved.
• Legitimate Interests. We may process your information when we believe it is reasonably necessary to achieve our legitimate business interests and those interests do not outweigh your interests and fundamental rights and freedoms. For example, we may process your personal information for some of the purposes described in order to:- Send users information about special offers and discounts on our products and services- Develop and display personalized and relevant advertising content for our users- Analyze how our Services are used so we can improve them to engage and retain users- Support our marketing activities- Diagnose problems and/or prevent fraudulent activities- Understand how our users use our products and services so we can improve user experience- In order to create a safe and secure environment when using our website- In order to understand better our customers and their preferences, thus offering them customized services.- In order to provide better and up-to-date services to our customers
• Vital Interests. We may process your information where we believe it is necessary to protect your vital interests or the vital interests of a third party, such as situations involving potential threats to the safety of any person.
• Public Interest. We may process your information if the processing is necessary for the performance of a task of public interest or for the exercise of official authority given to us.

In Short: We may share information in specific situations described in this section and/or with the following third parties.

We may need to share your personal information in the following situations:

• Business Transfers. We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.
• Affiliates. We may share your information with our affiliates, in which case we will require those affiliates to honor this Privacy Policy. Affiliates include our parent company and any subsidiaries, joint venture partners, or other companies that we control or that are under common control with us.
• Business Partners. We may share your information with our business partners to offer you certain products, services, or promotions.
• Vendors, Consultants, and Other Third-Party Service Providers. We may share your data with third-party vendors, service providers, contractors, or agents ("third parties") who perform services for us or on our behalf and require access to such information to do that work. The third parties we may share personal information are, but not limited to: (i) financial Service Providers/Banks, with whom we may share information in order to help our customers contact a reasonable financial institution, with regard to providing financial aid for purchased goods or additional services; (ii) use of services of a payment service provider, (i.e. payment gateway), in order to provide a service through which the purchase price can be paid.
• We may share payment information with service providers to process payments, prevent, detect, or investigate fraud or other prohibited activities, to help resolve disputes, such as refunds or subsequent collection, as well as other related issues with the acceptance of debit and/or credit cards.

In cases where you use services provided by third-party service providers, we make every effort to ensure that, when the third party has contact with personal data collected or stored by us, the third party agrees to handle the above-mentioned data in accordance with the terms of this Privacy Policy, and according to the applicable laws for the protection of privacy and personal data.

Gjirafa does not, under any circumstances, sell your data. Gjirafa uses the data submitted by You according to your consent to this Privacy Policy, only when a legal basis specified by the applicable law for the protection of personal data exists, in order to provide better Services and display more relevant direct advertisements to You.

Gjirafa does not collect copies of personal identification documents or any other documents from potential clients. Gjirafa may ask the users for personal identification documents only in cases when Gjirafa provides paid services, and has reason to doubt the credibility of an order or the information provided by users. The aforementioned documents will be promptly deleted from Gjirafa's database as soon as the intended verification is completed.

In Short: We are not responsible for the safety of any information that you share with third parties that we may link to or who advertise on our Services, but are not affiliated with, our Services.

The Services may link to third-party websites, online services, or mobile applications and/or contain advertisements from third parties that are not affiliated with us and which may link to other websites, services, or applications. Accordingly, we do not make any guarantee regarding any such third parties, and we will not be liable for any loss or damage caused by the use of such third-party websites, services, or applications. The inclusion of a link towards a third-party website, service, or application does not imply an endorsement by us. We cannot guarantee the safety and privacy of data you provide to any third parties. Any data collected by third parties is not covered by this privacy policy. We are not responsible for the content or privacy and security practices and policies of any third parties, including other websites, services, or applications that may be linked to or from the Services. Gjirafa will not, under any circumstance, be responsible for the conditions that regulate the collection, processing, and protection of personal data which are applicable to such third-party websites. The aforementioned websites do not belong, are not owned, and/or operated by Gjirafa. Therefore, Gjirafa expressly rejects responsibility and cannot be held liable for the actions and/or damages that may be caused by thirdparty websites which users choose to visit. You should review the policies of such third parties and contact them directly to respond to your questions, before you enter into any transaction with them and/or disclose your personal data to them.

In Short: We may use cookies and other tracking technologies to collect and store your information.

We may use cookies and similar tracking technologies (like web beacons and pixels) to gather information when you interact with our Services. Some online tracking technologies help us maintain the security of our Services, prevent crashes, fix bugs, save your preferences, and assist with basic site functions.

We also permit third parties and service providers to use online tracking technologies on our Services for analytics and advertising, including to help manage and display advertisements, to tailor advertisements to your interests, or to send abandoned shopping cart reminders (depending on your communication preferences). The third parties and service providers use their technology to provide advertising about products and services tailored to your interests which may appear either on our Services or on other websites.

Specific information about how we use such technologies and how you can refuse certain cookies is specified above. Learn more about the Information collected from “Cookies”, above.

We may share your information with Google Analytics to track and analyze the use of the Services. To opt out of being tracked by Google Analytics across the Services, visit tools.google.com/dlpage/gaoptout. For more information on the privacy practices of Google, please visit the Google Privacy & Terms page.

In Short: If you choose to register or log in to our Services using a social media account, we may have access to certain information about you.

Our Services offer you the ability to register and log in using your third-party social media account details (like your Facebook, Google or Apple). Where you choose to do this, we will receive certain profile information about you from your social media provider. The profile information we receive may vary depending on the social media provider concerned, but will often include your name, email address, friends list, and profile picture, as well as other information you choose to make public on such a social media platform.

We will use the information we receive only for the purposes that are described in this Privacy Policy or that are otherwise made clear to you on the relevant Services. Please note that we do not control, and are not responsible for, other uses of your personal information by your third-party social media provider. We recommend that you review their privacy policy to understand how they collect, use, and share your personal information, and how you can set your privacy preferences on their sites and apps.

In Short: We may transfer, store, and process your information in countries other than your own.

Our servers are located in Kosovo. If you are accessing our Services from outside, please be aware that your information may be transferred to, stored by, and processed by us in our facilities and in the facilities of the third parties with whom we may share your personal information (see "WHEN AND WITH WHOM DO WE SHARE YOUR PERSONAL INFORMATION?" above), in and other countries.

We will take all necessary measures to protect your personal information in accordance with this Privacy Privacy and applicable law.

In Short: We keep your information for as long as necessary to fulfill the purposes outlined in this Privacy Policy unless otherwise required by law.

We will only keep your personal information for as long as it is necessary for the purposes set out in this Privacy Policy, unless a longer retention period is required or permitted by law (such as tax, accounting, or other legal requirements). We may keep your personal data after closing your account to prevent fraud, collect any outstanding debt, resolve disputes, enforce agreements and/or contracts, for purposes defined by tax legislation, to help any investigation, and to take other actions permitted and/or required by applicable laws. When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize such information, or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible. In cases where it is no longer necessary for us, or when the legal obligations to store your personal data end, or when the purpose for which your personal data was collected and/or stored ceases, we destroy the above-mentioned data in secure manner, as well as in accordance with the applicable law on privacy and protection of personal data, and in accordance with our internal policies.

In Short: We aim to protect your personal information through a system of organizational and technical security measures.

We protect your data using high technological, physical, and administrative security measures in order to minimize the risk of any loss, misuse, unauthorized access, disclosure, or alteration of data. Some of the protective measures that we use are "firewalls", data encryption, high levels of control and authorization criteria for access to your personal data. If you have reason to believe that your account has been compromised in any way, please contact us immediately at [email protected]. We have implemented appropriate and reasonable technical and organizational security measures designed to protect the security of any personal information we process. However, despite our safeguards and efforts to secure your information, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure, so we cannot promise or guarantee that hackers, cybercriminals, or other unauthorized third parties will not be able to defeat our security and improperly collect, access, steal, or modify your information. Although we will do our best to protect your personal information, transmission of personal information to and from our Services is at your own risk. You should only access the Services within a secure environment.

In Short: We do not knowingly collect data from or market to children under 13 years of age.

We do not knowingly collect, solicit data from, or market to children under 13 years of age. Persons under the age of thirteen (13) are not allowed to register an account with us, or provide their personal information. Users who are at least thirteen (13) years old but under eighteen (18) years of age may register with us, but only if they have the consent of their parent and/or legal guardian, including consent to this Privacy Policy for, and on behalf of, minors between the ages of thirteen (13) and eighteen (18).

In cases where data processing is carried out in relation to persons under the age of eighteen (18), we make continuous efforts to verify that consent has been given and/or authorized by a parent and/or legal guardian of minors, taking into account available technical capacities.

According to this Privacy Policy, and according to our General Conditions of Use (check the General Conditions of Use), parents and/or legal guardians are responsible for providing the necessary consents for children who have not reached the age of majority. Gjirafa is under no circumstances responsible for the actions of a parent and/or legal guardian in relation to a minor in their care. We strongly advise you to carefully supervise and monitor children during the use of our Services. If we learn that personal information from users less than 13 years of age has been collected, we will deactivate the account and take reasonable measures to promptly delete such data from our records. If you become aware of any data we may have collected from children under age 13, please contact us at [email protected].

By using the Services, you represent that you are at least 18 years old or that you are the parent or guardian of a minor and consent to such minor dependent’s use of the Services.

In Short: In some regions in Europe but also in the Republic of Kosovo you have rights that allow you greater access to and control over your personal information. You may review, change, or terminate your account at any time.

According to the Law No. 06/L –082 on Protection of Personal Data, you have certain rights. These may include:

• the right to request access and obtain a copy of your personal information,
• the right to request rectification or erasure (right to be forgotten);
• the right to restrict the processing of your personal information;
• if applicable, the right to data portability; and
• the right not to be subject to automated decision-making.

If you have any questions, complaints, or suggestions regarding this Privacy Policy, or your right to privacy and protection of your personal data, you can contact us directly at [email protected].

We will consider and act upon any request in accordance with applicable data protection laws.

If you are located in the Republic of Kosovo and you believe we are unlawfully processing your personal information, you also have the right to complain at the Information and Privacy Agency.

The right to be forgotten: You have the right to ask Gjirafa for the right “to be forgotten”, which involves the deletion of your personal data. In such cases, Gjirafa will take action to complete your request within optimal deadlines. However, keep in mind that such requests will be completed by Gjirafa in compliance with legal conditions, and only when Gjirafa is assured that it does not have any legal and/or contractual obligation to continue to store your data. Please keep in mind that your request to be forgotten is not always automatically granted, and that Gjirafa will act in accordance with your request to delete your personal data only when it does not have further obligations to store such data.

Withdrawing your consent: When You are logged into your account with Gjirafa, You can manage the privacy configurations and SSO functions of your account at any time. If we are relying on your consent to process your personal information, you have the right to withdraw your consent at any time. You can withdraw your consent at any time by contacting us by using the contact details provided in the section "HOW CAN YOU CONTACT US ABOUT THIS POLICY?" below or updating your preferences.

However, please note that this will not affect the lawfulness of the processing before its withdrawal nor, when applicable law allows, will it affect the processing of your personal information conducted in reliance on lawful processing grounds other than consent. In addition, please be aware that if You revoke your consent for the processing of your data, You may not have access to all of Gjirafa’s Services, and we may not be able to provide You with all the Services and support that are provided to other users.

Opting out of marketing and promotional communications: You can unsubscribe from our marketing and promotional communications at any time by clicking on the unsubscribe link in the emails that we send, or by contacting us using the details provided in the section "HOW CAN YOU CONTACT US ABOUT THIS POLICY?" below. You will then be removed from the marketing lists. However, we may still communicate with you — for example, to send you service-related messages that are necessary for the administration and use of your account, to respond to service requests, or for other non-marketing purposes.

Account Information

Upon your request to terminate your account, we will deactivate or delete your account and information from our active databases. However, we may retain some information in our files to prevent fraud, troubleshoot problems, assist with any investigations, enforce our legal terms and/or comply with applicable legal requirements.

If You have registered an account with Gjirafa, we offer You the login option of SSO (Single Sign-On) to access, correct, delete, or modify the personal information that You have provided and that is related to your account. Gjirafa also undertakes the necessary steps to ensure and guarantee that the personal data collected from You by Gjiirafa is accurate and updated, and to ensure that You can access and correct such data. We ask You to update your personal information whenever any changes occur or if the information is inaccurate. Gjirafa expressly denies and does not assume responsibility for the compensation of any damages that may be caused to You as a result of incorrect or outdated information.

Cookies and similar technologies: Most Web browsers are set to accept cookies by default. If you prefer, you can usually choose to set your browser to remove cookies and to reject cookies. If you choose to remove cookies or reject cookies, this could affect certain features or services of our Services.

Most web browsers and some mobile operating systems and mobile applications include a Do-Not-Track ("DNT") feature or setting you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected. At this stage, no uniform technology standard for recognizing and implementing DNT signals has been finalized. As such, we do not currently respond to DNT browser signals or any other mechanism that automatically communicates your choice not to be tracked online. If a standard for online tracking is adopted that we must follow in the future, we will inform you about that practice in a revised version of this Privacy Policy.

In Short: Yes, we will update this Policy as necessary to stay compliant with relevant laws.

We may update this Privacy Policy from time to time. The updated version will be indicated by an updated "Revised" date at the top of this Privacy Policy and the updated version will be effective as soon as it is accessible. If we make material changes to this Privacy Policy, we may notify you through pop-up alerts, prominently posting a notice of such changes, by directly sending you a notification or email, social media posts, and/or any of the methods of communication set forth in this Privacy Policy or the General Conditions of Use (check the General Conditions of Use). All the aforementioned methods of notification are considered official. By continuing to access and/or use Gjirafa’s Services after any modifications and/or supplementations of the Privacy Policy enter into force, you agree with such updates. We encourage you to review this Privacy Policy frequently to be informed of how we are protecting your information.

Please note that if the modifications and/or additions to this Privacy Policy are of a substantial nature, your refusal to agree to such updates may lead to the termination of your relationship with us, i.e. the termination of the provision of our Services to you. Therefore, if you choose not to share with us certain data, you may not be able to use certain Services.

In the event that any part, paragraph and/or subheading of this Privacy Policy is deemed and/or found to be invalid by any competent authority for any reason, the other parts of this Privacy Policy remain in force and retain full legal effect, without being affected by the part considered invalid.

If you have questions, complaints or comments about this Policy, you may contact us by email at [email protected] or contact us by post at:Gjirafa Inc., - Kosovo Branch, Magjistralja Prishtinë – Ferizaj, Km 6,Graçanicë, 10500,Republic of KosovoTel: +383 38 61 61 61 Mobile: +383 49 939 015Email: [email protected]

If you do not wish to accept notifications from Gjirafa, You have the option of unsubscribing, when applicable, and/or making a direct request to Gjirafa for the deactivation of notifications, by using the contact information above.

Based on the Law No. 06/L –082 on Protection of Personal Data, you may have the right to request access to the personal information we collect from you, change that information, delete it, give your consent, withdraw prior consents, or request the deactivation of your account. You have also the option to the portability of your data by enabling you to download it. To request to review, update, or delete your personal information or any queries, please visit or contact us directly at [email protected].