This Privacy Policy explains how Gigpeach collects, uses, discloses, retains, and protects personal information in connection with the Service. By using the Service, you acknowledge this Policy.
Gigpeach may collect the following categories of information:
Account information: name, email address, username, password hash, producer profile information, legal name, country, age attestation, date-of-birth attestation or date of birth where required, and PayPal payout email.
Payment information: payment transaction metadata, order history, ticket purchases, event IDs, processor identifiers, refund records, chargeback records, and related accounting data. Stripe processes payment-card information; Gigpeach does not store full card numbers.
Producer payout information: PayPal email, payout records, payout status, verification status, tax-documentation status, country, and compliance review data.
Viewer session information: IP address or IP hash, user agent, browser, device type, operating system, ticket token, session token, local storage identifier, watch time, event access records, last-seen timestamps, and simultaneous-device information.
Content and event information: event titles, descriptions, stream metadata, thumbnails, producer submissions, support communications, reports, moderation records, and legal notices.
Technical information: logs, timestamps, error reports, security events, authentication records, fraud signals, referral URLs, and analytics generated by Gigpeach.
Communications: emails sent through Amazon SES or other providers, support requests, legal notices, DMCA notices, refund requests, and reporting-form submissions.
Gigpeach uses information to provide, operate, maintain, protect, and improve the Service; authenticate accounts; validate tickets; deliver streams; process payments; process payouts; send transactional emails; provide support; prevent fraud; enforce terms; moderate Content; investigate violations; comply with law; preserve records; respond to legal process; issue tax forms; analyze platform performance; and protect Gigpeach, users, providers, and the public.
Where required by privacy law, Gigpeach processes personal information based on contract performance, legitimate interests, consent, legal obligation, fraud prevention, security, vital interests, and establishment or defense of legal claims.
Gigpeach may share information with third parties that help operate the Service, including:
Stripe for payment processing, fraud review, refunds, chargebacks, card-network compliance, and payment records.
PayPal for producer payouts, payout verification, sanctions screening, and recipient account handling.
Amazon Web Services for streaming infrastructure, hosting, storage, logging, moderation tools, and email transmission.
Hosting, email, security, analytics, professional, legal, accounting, tax, and insurance providers.
Government, law enforcement, regulators, courts, rightsholders, payment networks, and service providers when required or permitted by law or necessary to protect rights, safety, or the Service.
Gigpeach does not sell personal information for money. Gigpeach does not use third-party advertising trackers unless disclosed in an updated policy.
The Service is not intended for children under thirteen (13). Gigpeach does not knowingly collect personal information from children under thirteen (13). If Gigpeach becomes aware that a user is under thirteen (13), Gigpeach will terminate the account and delete associated personal information within a reasonable time, except where retention is required or permitted by law, fraud prevention, security, accounting, dispute resolution, legal hold, or child-safety reporting obligations. Parents or guardians may contact [privacy@gigpeach.com] to request deletion.
Viewers between thirteen (13) and seventeen (17) may use the Service only with parent or guardian permission. Producers must be at least eighteen (18).
Gigpeach generally uses an age self-attestation model appropriate for a general-audience, non-adult platform. Gigpeach does not require government ID verification at general signup unless Gigpeach determines verification is needed for legal, fraud, payout, safety, or provider reasons.
Producer payout eligibility may depend on PayPal verification, tax-documentation completion, sanctions screening, fraud review, and other compliance checks. Gigpeach may withhold payouts pending verification or compliance review.
Gigpeach uses necessary cookies, session cookies, authentication tokens, local storage, and similar technologies to keep users logged in, validate tickets, preserve viewer access for a limited period, enforce device limits, protect against fraud, and maintain security. Gigpeach does not currently use third-party advertising cookies. If analytics or marketing cookies are added, Gigpeach will update this Policy and provide any required consent controls.
Gigpeach retains information for as long as reasonably necessary to provide the Service, comply with law, resolve disputes, enforce agreements, prevent fraud, maintain security, issue tax records, and protect legal rights. Typical retention periods may include:
Account information: while the account is active and for a reasonable period afterward.
Payment, payout, refund, chargeback, and tax records: generally at least seven (7) years or as required by law.
Viewer session and ticket-validation data: generally thirty (30) days unless needed for fraud, dispute, accounting, security, or legal reasons.
Moderation, abuse, DMCA, safety, fraud, and legal records: generally at least ninety (90) days and longer when required for legal hold, investigation, repeat-offender tracking, provider compliance, litigation, or law enforcement.
Aggregated or de-identified analytics: indefinitely.
Event recordings (Producer opt-in): when a Producer enables recording for an event, the recording is stored on Amazon S3 in the United States for the retention window selected by the Producer (3, 7, 14, or 30 days). After this window the recording is automatically deleted. A safety-net storage lifecycle policy ensures all recordings are deleted no later than thirty-one (31) days after creation regardless of any application-level failure.
Gigpeach uses reasonable administrative, technical, and organizational safeguards designed to protect information, including HTTPS, password hashing, limited access controls, payment-card outsourcing to Stripe, tokenized stream access, HLS protection measures, and fraud controls. No system is perfectly secure, and Gigpeach does not guarantee absolute security.
Gigpeach operates from the United States. If you access the Service from outside the United States, your information may be transferred to, stored in, and processed in the United States or other jurisdictions where privacy laws may differ from those in your location. Where required, Gigpeach will use appropriate transfer mechanisms.
Depending on your location, you may have rights to access, correct, delete, restrict, object to, or port certain personal information; to opt out of certain sharing; and to appeal certain privacy decisions. California residents may have rights to know, delete, correct, opt out of sale or sharing, and non-discrimination. EU/UK users may have GDPR rights under Articles 15-22.
To exercise privacy rights, contact [privacy@gigpeach.com]. Gigpeach may verify your identity before responding and may deny requests where permitted by law, including where retention is required for security, legal, tax, fraud, accounting, moderation, child-safety, dispute, or free-expression reasons.
If Gigpeach determines that a security incident requires notice under applicable law, Gigpeach will provide notice to affected users and regulators as required. Where GDPR applies, Gigpeach will endeavor to notify the appropriate supervisory authority within seventy-two (72) hours when legally required.
Gigpeach may disclose information in response to subpoenas, warrants, court orders, valid legal process, emergency requests, provider investigations, child-safety obligations, threats of violence, suspected trafficking, suspected CSAM, fraud, security incidents, or to protect rights, property, safety, or the Service. Gigpeach may notify users of legal requests unless prohibited by law, unsafe, impractical, or otherwise inappropriate.
Gigpeach may update this Policy from time to time. Continued use of the Service after an updated Policy becomes effective constitutes acknowledgment of the updated Policy.
Privacy requests should be sent to [privacy@gigpeach.com] and [Gigpeach legal mailing address].