Privacy Policy

Effective Date: March 31, 2026

This Privacy Policy describes how AllGiggs, Inc. ("AllGiggs," "we," "us," or "our") collects, uses, discloses, and protects the personal information of users ("you" or "your") of the AllGiggs mobile application and website (collectively, the "Platform"). By accessing or using the Platform, you consent to the practices described herein.

1. Information We Collect

1.1 Account Information: When you register, we collect your name, email address, password (hashed, never stored in plaintext), and user role (customer, gigger, or parent/guardian).

1.2 Gigger Profiles (Minors): For users aged 8–18, we collect date of birth (solely for age-tier classification), skills, bio text, and optionally a profile photo. We do not collect Social Security numbers, government-issued IDs, or school information.

1.3 Location Data: We collect precise geolocation data only (a) when a gigger is navigating to an active gig, or (b) when a parent has opted into arrival alerts. Location data is used transiently for navigation and geofencing and is not permanently stored, logged, or associated with user profiles in our database.

1.4 Payment Information: All payment data is collected and processed exclusively by our third-party payment processor, Stripe, Inc. AllGiggs does not receive, transmit, or store full credit card numbers, bank account numbers, or other sensitive financial data. We retain only a tokenized reference, card brand, and last four digits for display purposes.

1.5 Device & Usage Data: We may collect device type, operating system version, app version, crash logs, and anonymized usage analytics to improve the Platform. This data cannot be used to personally identify you.

1.6 Communications: Messages exchanged through the Platform's in-app messaging feature are stored to facilitate communication between users and to enable parent monitoring of minor accounts.

2. How We Use Your Information

• To create and manage your account and verify your identity.
• To match customers with available giggers based on proximity, skills, and age tier.
• To process payments, payouts, and refunds through Stripe.
• To enable parent/guardian oversight, approval workflows, and monitoring of minor accounts.
• To send transactional notifications (job applications, approvals, completions, payments).
• To enforce our Terms of Service and protect the safety of all users, particularly minors.
• To comply with applicable laws, regulations, and legal processes.

3. Information Sharing & Disclosure

3.1 We do not sell, rent, or trade your personal information to third parties.

3.2 Limited Disclosure to Other Users: Customers can see a gigger's first name, age range, skills, rating, badges, and bio. Customers cannot see a gigger's full name, date of birth, address, phone number, parent information, or financial details.

3.3 Service Providers: We share data with: (a) Stripe, Inc. for payment processing; (b) Google/Firebase for app infrastructure, authentication, and data storage; (c) Apple Inc. for push notifications. These providers are contractually bound to protect your data.

3.4 AI Content Moderation: All user-generated content — including job posts, messages, reviews, bios, and uploaded photos — is automatically scanned by AI-powered moderation systems (OpenAI Moderation API for text, Google Cloud Vision for images) to detect harmful, inappropriate, or unsafe content. This scanning is performed to protect children on the platform and enforce our Terms of Service. Flagged content is reviewed by AllGiggs staff and may be removed. Content involving child safety concerns is reported to law enforcement. By using the Platform, you consent to this automated content analysis.

3.5 Legal Requirements: We may disclose your information if required to do so by law, subpoena, court order, or other governmental request, or when we believe in good faith that disclosure is necessary to protect our rights, your safety, or the safety of others.

3.6 Business Transfers: In the event of a merger, acquisition, or sale of all or a portion of our assets, user data may be transferred as part of that transaction. We will notify users of any such change in ownership or control.

4. Children's Privacy (COPPA Compliance)

AllGiggs is designed to be used by minors aged 8–18 with parental oversight. We comply fully with the Children's Online Privacy Protection Act (COPPA). For all users under 13, we require verifiable parental consent prior to collecting any personal information. Parents may review, modify, or delete their child's data at any time. See our separate COPPA Compliance Policy for complete details.

5. Data Security

We implement industry-standard security measures including: encryption of data in transit (TLS 1.3) and at rest, Firebase Security Rules restricting database access to authorized users only, secure authentication via Apple Sign-In, Google Sign-In, and email/password with hashed credentials, rate limiting on sensitive operations, and regular security audits. However, no method of electronic transmission or storage is 100% secure, and we cannot guarantee absolute security.

6. Data Breach Notification

In the event of a confirmed data breach compromising unencrypted personal information (including name, email, phone number, payment data, or precise location), AllGiggs shall notify affected users without unreasonable delay, in no case later than 30 days after discovery. Notification shall be provided via email to the address on file, or via in-app notification if email contact is unavailable. For breaches affecting more than 500 California residents, AllGiggs shall notify the California Attorney General as required by California Civil Code §1798.82. For breaches involving children's data, AllGiggs shall also notify the FTC.

7. Data Retention

We retain your personal data for as long as your account is active or as needed to provide services. Upon account deletion, we will remove your personal data within 30 days, except where retention is required by law (e.g., financial transaction records retained for tax and regulatory purposes for up to 7 years, and anonymized review data retained for marketplace integrity).

8. Your Rights

Depending on your jurisdiction, you may have the right to: access the personal data we hold about you; request correction of inaccurate data; request deletion of your data (subject to legal retention requirements); opt out of non-essential communications; request data portability in a structured, machine-readable format; and withdraw consent at any time. To exercise these rights, contact privacy@allgiggs.com. We will verify your identity and respond within 30 days.

9. California Privacy Rights (CCPA/CPRA)

California residents have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), including the right to: (1) know what personal information is collected, used, and shared; (2) delete personal information (subject to legal retention requirements); (3) opt out of the "sale" or "sharing" of personal information for cross-context behavioral advertising; (4) correct inaccurate personal information; (5) request data portability.

AllGiggs does not sell personal information for monetary consideration. AllGiggs shares data with Stripe, Inc. and Google Firebase under documented business-purpose service agreements. These providers are contractually prohibited from using your data for their own marketing purposes.

For users under 13, parents may exercise CCPA rights on behalf of the child. To make a CCPA request, email privacy@allgiggs.com with "CCPA Request" in the subject line, along with proof of California residency. AllGiggs will verify your identity and respond within 45 days. AllGiggs will not discriminate against you for exercising your CCPA rights.

10. Third-Party Services

The Platform relies on third-party services for critical functions. AllGiggs is not liable for the privacy practices, data handling, or service interruptions of these providers:

• Stripe, Inc. — payment processing. Subject to Stripe's Privacy Policy.
• Google Firebase — app infrastructure, authentication, data storage, and push notifications. Subject to Firebase Privacy Policy.
• Apple Inc. — Sign in with Apple, push notifications (APNs). Subject to Apple's Privacy Policy.

11. International Users

The Platform is operated from the United States. If you are accessing the Platform from outside the United States, your data will be transferred to, stored, and processed in the United States. By using the Platform, you consent to this transfer.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or in-app notification at least 30 days before the changes take effect. Material amendments to child privacy protections shall not take effect for users under 13 without renewed parental consent. Continued use of the Platform after changes constitutes acceptance of the updated policy.

13. Contact

AllGiggs, Inc.
Email: privacy@allgiggs.com
Website: allgiggs.com