Back to GigComs

Privacybeleid

Last updated: 2026-03-31

1.Inleiding

Gigcoms ("wij", "ons", "onze") beheert gigcoms.com. Dit Privacybeleid legt uit hoe wij uw persoonsgegevens verzamelen, gebruiken en beschermen wanneer u ons platform gebruikt voor het beheren van live muziekboekingen en communicatie.

Data Controller: GigComs ApS, Copenhagen, Denmark. Registered under Danish law. Contact: privacy@gigcoms.com

2.Informatie die we verzamelen

  • Account data: Accountinformatie: e-mailadres, naam en authenticatiegegevens bij registratie
  • Profile data: Profielgegevens: artiest/booker-profiel, gebruikersnaam, bio, avatar, tijdzone en taalvoorkeuren
  • Booking data: Boekingsgegevens: evenementdetails, data, gages, contracten, facturen en gerelateerde documenten
  • Messages: Berichten: gesprekken via ons platform, inclusief berichten via verbonden kanalen (WhatsApp, e-mail)
  • Usage data: Gebruiksgegevens: bezochte pagina's, gebruikte functies en verwerkte AI-opdrachten
  • Payment data: When you process payments through Stripe, we store transaction references and amounts. We never store card numbers — Stripe handles all sensitive payment data.
  • Device data: IP address, browser type, operating system, and device identifiers for security and analytics.

3.Hoe we uw informatie gebruiken

PurposeLegal Basis (GDPR Art. 6)
Het leveren en onderhouden van onze boekingsbeheerdienstContract performance (Art. 6(1)(b))
Communicatie faciliteren tussen artiesten, bookers en klanten via verbonden kanalenContract performance (Art. 6(1)(b))
Uw verzoeken verwerken via onze AI-assistent om boekingen, contracten te maken en uw agenda te beherenContract performance (Art. 6(1)(b))
Send transactional emails (booking confirmations, contract notifications, invoice reminders)Contract performance (Art. 6(1)(b))
Analytics & product improvementConsent (Art. 6(1)(a))
Marketing emails & newslettersConsent (Art. 6(1)(a))
Prevent fraud, abuse, and unauthorized accessLegitimate interest (Art. 6(1)(f))
Tax record retention (7 years)Legal obligation (Art. 6(1)(c))

4.Informatie delen

Wij verkopen uw persoonsgegevens niet. Wij delen informatie alleen in deze gevallen:

  • Met dienstverleners die ons helpen opereren (hosting, e-mailbezorging, AI-verwerking)
  • Wanneer wettelijk vereist of ter bescherming van onze rechten
  • Met uw uitdrukkelijke toestemming (bijv. bij het verbinden van WhatsApp of e-mail)
  • With the other party in a booking (artist ↔ booker) to facilitate the booking process

5.Diensten van derden

Wij gebruiken de volgende diensten om Gigcoms te bedienen:

ServicePurposeDataRegion
SupabaseDatabase, authenticatie en bestandsopslag (EU-regio)All account & booking dataEU (Frankfurt)
Anthropic (Claude)AI-verwerking voor chatassistent en automatische antwoordenChat messages, booking contextUS (with EU DPA)
VercelHosting en content deliveryRequest logs, analyticsGlobal CDN (EU primary)
StripePayment processing for deposits and invoicesTransaction amounts, customer emailEU / US
ResendTransactionele e-mailbezorgingEmail addresses, notification contentUS (with EU DPA)
WhatsApp / MetaBerichtenintegratie bij het verbinden van uw WhatsApp Business-accountMessages via connected accountsEU / US

6.Cookies & Analytics

GigComs uses minimal cookies and analytics:

  • Essential cookies: Authentication session cookies (Supabase Auth). Required for the service to function.
  • Analytics: Vercel Analytics and Google Analytics (anonymized) to understand usage patterns and improve the product.
  • No advertising cookies: We do not use tracking cookies for advertising or retargeting.

You can disable non-essential cookies in your browser settings. Disabling essential cookies will prevent you from using the service.

7.Gegevensretentie

Wij bewaren uw gegevens zolang uw account actief is. U kunt op elk moment verzoeken om verwijdering van uw account en bijbehorende gegevens. Boekingsgegevens kunnen worden bewaard voor juridische en fiscale doeleinden.

  • Active accounts: Data retained for the lifetime of your account.
  • Deleted accounts: Personal data removed within 30 days. Booking records retained for 7 years for tax/legal compliance.
  • Chat history: AI conversation logs retained for 90 days, then anonymized.

8.Uw rechten

Under GDPR, you have the right to access, correct, delete, and export your data at any time. Email privacy@gigcoms.com or use the settings page to manage your data.
  • Access: Toegang tot uw persoonsgegevens
  • Rectification: Onjuiste gegevens corrigeren
  • Erasure: Verwijdering van uw gegevens verzoeken
  • Portability: Uw gegevens exporteren in een draagbaar formaat
  • Withdraw consent: Toestemming voor gegevensverwerking op elk moment intrekken
  • Object: You may object to processing based on legitimate interests.
  • Restriction: You may request we restrict processing while a dispute is resolved.

9.International Data Transfers

Some of our processors are located outside the EU/EEA. We ensure appropriate safeguards are in place:

  • EU Standard Contractual Clauses (SCCs) with US-based processors
  • EU-US Data Privacy Framework certification where applicable
  • Data Processing Agreements (DPAs) with all sub-processors

10.Children's Privacy

GigComs is not intended for users under 16 years of age. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will promptly delete it.

11.AI & Automated Decision-Making

GigComs uses AI (powered by Anthropic Claude) to assist with booking management:

  • AI chat assistant: Processes your natural language requests to create bookings, contracts, and manage your calendar.
  • Auto-negotiation: If enabled, AI may respond to booking inquiries based on your configured rules. You can review and approve all AI responses before they are sent.
  • No profiling: We do not use AI to make automated decisions that produce legal effects or significantly affect you.

You can disable AI auto-responses in your agent settings at any time.

12.Beveiliging

Wij gebruiken industriestandaard beveiligingsmaatregelen, waaronder versleuteling tijdens transport (TLS), versleutelde databaseverbindingen, row-level security-beleid en gehashte API-sleutels om uw gegevens te beschermen.

  • TLS encryption for all data in transit
  • Encrypted database connections with row-level security
  • Hashed API keys and secure session management
  • Regular security reviews and dependency updates

13.Data Breach Notification

In the event of a data breach that poses a risk to your rights, we will:

  • Notify the Danish Data Protection Agency (Datatilsynet) within 72 hours
  • Notify affected users without undue delay via email
  • Document the breach, its effects, and remedial actions taken

14.Complaints

If you are unsatisfied with how we handle your data, you have the right to lodge a complaint with:

Datatilsynet (Danish Data Protection Agency)
Carl Jacobsens Vej 35, 2500 Valby, Denmark
dt@datatilsynet.dk · +45 33 19 32 00

Questions? Contact us at privacy@gigcoms.com

Privacy Policy — GigComs | GigComs