← GigStrip

Privacy Policy

Last updated: April 2026

GigStrip ("we," "us," or "our") operates the GigStrip platform, a gig economy service that connects workers and employers for short-term employment opportunities. This Privacy Policy describes how we collect, use, share, and protect your personal information when you use our website, mobile applications, and related services (collectively, the "Services").

By creating an account or using the Services, you agree to the practices described in this Privacy Policy. If you do not agree, please do not use the Services.

1. Information We Collect

We collect the following categories of personal information:

Account and Identity Information

  • Name — your full name as provided during registration or profile setup.
  • Email address — used for account access, notifications, and communications.
  • Phone number — optional; used for account verification and direct contact.
  • Profile photo — an image you upload to represent yourself on the platform.
  • Bio / personal statement — a short description you provide about yourself or your business.

Professional Information

  • Location text — city, region, or area you specify for job matching purposes. We do not collect GPS or precise device location.
  • Availability — days and times you indicate you are available to work.
  • Certification documents — scanned or photographed copies of professional credentials you submit for verification, including but not limited to government-issued IDs, Guard Cards, Commercial Driver's Licenses (CDL), cannabis work permits, and other occupational licenses. See Section 6 (Sensitive Data) for important disclosures about how these documents are handled.
  • Portfolio photos — images you upload to showcase your work.
  • Social media links — optional links to professional profiles.

Job Activity

  • Job applications — records of positions you have applied to, including any cover messages.
  • Messages — communications sent through the GigStrip in-app messaging system.
  • Ratings and reviews — feedback submitted by workers and employers following completed shifts.

Payment Information

  • Stripe customer and subscription identifiers — we store the identifiers assigned to you by our payment processor, Stripe, so we can manage your subscription and billing. We do not store full payment card numbers, CVV codes, or bank account details on our servers. All payment card data is handled directly and securely by Stripe.

Technical and Usage Data

  • Error and crash reports collected via Sentry (our error-monitoring service).
  • Standard server logs (IP address, browser type, pages visited, timestamps).

2. How We Use Your Information

We use the information we collect for the following purposes:

  • Account operation — creating and maintaining your account, authenticating your sessions, and providing access to the platform.
  • Worker-to-job matching — presenting relevant job listings to workers and surfacing qualified candidates to employers based on availability, location, certifications, and other profile attributes.
  • Certification verification — reviewing submitted credential documents to authenticate professional qualifications and display verified badges on worker profiles.
  • Messaging — facilitating direct communications between workers and employers through the platform's built-in messaging system.
  • Billing and subscription management — processing payments, managing subscriptions, and issuing invoices through Stripe.
  • Platform communications — sending you transactional emails (account alerts, application updates, verification status) and, where you have opted in, marketing emails and platform updates.
  • Safety and compliance — detecting and preventing fraud, abuse, and other violations of our Terms of Service.
  • Error monitoring — identifying and fixing technical issues to improve platform reliability.

3. Third-Party Service Providers

We share your information only with third-party service providers who assist us in operating the platform, under contracts that require them to protect your data and prohibit them from using it for their own purposes. These providers are:

  • Supabase — our database and file-storage infrastructure provider. All user data, profile information, messages, certifications, and uploaded files are stored on Supabase-managed servers. Supabase acts as a data processor on our behalf.
  • Stripe — our payment processing provider. When you subscribe to a plan or purchase credits, your payment information is transmitted directly to and stored by Stripe in accordance with their Privacy Policy and PCI-DSS compliance standards.
  • Resend — our transactional and marketing email delivery service. We transmit recipient email addresses and message content to Resend for the purpose of delivering emails on our behalf.
  • Sentry — our application error-monitoring service. Error reports may include technical context such as device type, browser version, and anonymized usage data. We configure Sentry to minimize the inclusion of personally identifiable information in error reports.

We do not sell your personal information to third parties. We do not share your data with advertisers or data brokers.

4. Sensitive Data — Certification Documents

Certification documents (including government-issued IDs, Guard Cards, CDLs, cannabis permits, and other occupational licenses) are treated with heightened protection:

  • Encryption at rest — documents are encrypted at rest within our storage infrastructure.
  • Restricted access — certification documents are accessible only to GigStrip's internal verification staff for the sole purpose of confirming your professional credentials.
  • Not shared with employers — employers and other platform users cannot access, view, or download your certification documents. Employers see only the verified badge on your profile.
  • Deletion on request — when you delete a certification from your profile, the associated document is permanently removed from our storage servers.

5. Data Retention

  • Active accounts — we retain your data for as long as your account remains active.
  • Account deletion — when you delete your account (via Account Settings or by contacting us), all associated profile data, application records, messages, and uploaded files are permanently deleted from our systems. Aggregate, anonymized analytics data may be retained.
  • Certification documents — deleted immediately when you remove a certification from your profile, independent of account deletion.
  • Payment records — we retain billing records for the period required by applicable tax and accounting regulations (typically seven years), even after account deletion.

6. Your Rights and Choices

Access and Correction

You may access and update most of your personal information directly within your account settings and profile pages.

Account Deletion (Self-Service)

You may permanently delete your account at any time from your Account Settings page. Deletion is immediate and irreversible — all associated data is purged from our servers as described in Section 5.

Data Portability

You may request a copy of your personal data by contacting us at privacy@gigstrip.com. We will provide your data in a machine-readable format within 30 days.

Marketing Email Opt-Out

You may opt out of marketing and promotional emails at any time by:

  • Unchecking "Receive marketing emails" in your Account Settings, or
  • Clicking the unsubscribe link in any marketing email we send you.

Transactional emails (such as application status updates and verification notices) are not affected by marketing email preferences and will continue to be sent as necessary for account operation.

7. California Residents (CCPA) and GDPR Rights

California Residents

Under the California Consumer Privacy Act (CCPA), California residents have the right to:

  • Know what personal information we have collected, used, disclosed, or sold about them.
  • Delete personal information we have collected (subject to certain exceptions).
  • Opt out of the sale of their personal information. GigStrip does not sell personal information.
  • Non-discrimination — we will not discriminate against you for exercising your privacy rights.

To exercise these rights, contact us at privacy@gigstrip.com. We will respond to verifiable requests within 45 days.

European Economic Area (GDPR)

If you are located in the EEA or the United Kingdom, you have the following rights under the General Data Protection Regulation (GDPR):

  • Right to access — request a copy of your personal data.
  • Right to rectification — request correction of inaccurate data.
  • Right to erasure ("right to be forgotten") — request deletion of your personal data.
  • Right to restriction — request that we limit how we process your data.
  • Right to data portability — receive your data in a structured, machine-readable format.
  • Right to object — object to processing based on our legitimate interests.

Our lawful bases for processing include: performance of a contract (account operation), legitimate interests (platform safety and fraud prevention), consent (marketing emails), and legal obligation (billing records).

To exercise any GDPR right, contact privacy@gigstrip.com.

8. DMCA Takedown Procedure

GigStrip respects intellectual property rights and complies with the Digital Millennium Copyright Act (DMCA). If you believe that content available on the platform infringes your copyright, you may submit a written DMCA takedown notice to our designated agent containing the following information:

  1. A physical or electronic signature of the copyright owner or authorized agent.
  2. Identification of the copyrighted work you claim has been infringed.
  3. Identification of the material on the platform that you claim is infringing, with enough detail for us to locate it (e.g., URL or profile ID).
  4. Your contact information (name, address, phone number, and email address).
  5. A statement that you have a good faith belief that the disputed use is not authorized by the copyright owner, its agent, or applicable law.
  6. A statement, made under penalty of perjury, that the information in your notice is accurate and that you are the copyright owner or are authorized to act on the copyright owner's behalf.

Send DMCA notices to: privacy@gigstrip.com

Upon receipt of a valid DMCA notice, we will act expeditiously to remove or disable access to the allegedly infringing material. Counter-notices and repeat-infringer policies are governed by the DMCA's standard procedures.

9. Data Security

We implement industry-standard technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include encrypted data transmission (TLS), encryption at rest for sensitive files, access controls, and regular security reviews.

No method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security. In the event of a data breach that affects your personal information, we will notify you as required by applicable law.

10. Children's Privacy

GigStrip is not directed at or intended for use by individuals under the age of 18. We do not knowingly collect personal information from children under 18. If you believe a minor has provided us with personal information, please contact us at privacy@gigstrip.com and we will promptly delete such information.

11. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top of this page and, for material changes, notify you by email or via a prominent notice on the platform. Your continued use of the Services after the effective date of any update constitutes your acceptance of the revised Privacy Policy.

12. Contact Us

For privacy-related questions, data access requests, deletion requests, or DMCA notices, contact:

GigStrip Privacy
privacy@gigstrip.com
Return to GigStrip