Privacy Policy

Introduction

Gighrly ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website directory.gighrly.com and use our services.

Please read this privacy policy carefully. If you do not agree with the terms of this privacy policy, please do not access the site.

Information we collect

We collect information in several ways when you use our platform:

Personal Information You Provide

When you register for an account, create a business listing, or contact us, you may provide:

Name and contact details (email address, phone number)
Business name and address
Professional information (job title, qualifications, services offered)
Account credentials (username, password)
Payment information (processed securely via Stripe)
Profile photos and business images
Any other information you choose to provide

Information Automatically Collected

When you visit our website, we automatically collect:

IP address and location data
Browser type and version
Operating system
Pages visited and time spent on pages
Referring website addresses
Device information

Cookies and Tracking Technologies

We use cookies and similar technologies to collect information about your browsing activities. For detailed information, please see our Cookie Policy.

How we use your information

We use the information we collect to:

Provide and Maintain Our Services

Create and manage your account
Display your business listing in our directory
Process payments for featured listings
Enable communication between users and listed businesses

Improve Our Services

Analyse usage patterns to improve user experience
Develop new features and functionality
Monitor and prevent technical issues

Communicate With You

Send service-related notifications
Respond to your enquiries and support requests
Send renewal reminders for featured listings
Share updates about our services (with your consent)

Legal and Security Purposes

Comply with legal obligations
Protect against fraudulent or illegal activity
Enforce our terms and conditions

Legal basis for processing (GDPR)

Under the General Data Protection Regulation (GDPR), we process your personal data based on the following legal grounds:

Contract: Processing necessary to perform our contract with you (e.g., providing your business listing)
Legitimate Interests: Processing necessary for our legitimate business interests (e.g., improving our services, preventing fraud)
Consent: Where you have given explicit consent (e.g., marketing communications)
Legal Obligation: Processing necessary to comply with legal requirements

Information sharing and disclosure

We may share your information in the following circumstances:

Data retention

We retain your personal information for as long as necessary to:

Provide our services to you
Comply with legal obligations
Resolve disputes and enforce our agreements

When you delete your account or business listing, we will delete or anonymise your personal information within 30 days, unless we are required to retain it for legal purposes.

Your rights

Under data protection laws, you have the following rights:

Right to Access

Request a copy of the personal data we hold about you.

Right to Rectification

Request correction of inaccurate or incomplete data.

Right to Erasure

Request deletion of your personal data in certain circumstances.

Right to Restrict Processing

Request limitation of how we use your data.

Right to Data Portability

Receive your data in a structured, commonly used format.

Right to Object

Object to processing based on legitimate interests or for marketing.

To exercise any of these rights, please contact us using the details below. We will respond to your request within 30 days.

Data security

We implement appropriate technical and organisational measures to protect your personal information, including:

SSL/TLS encryption for data transmission
Secure password hashing (Argon2)
Regular security audits and updates
Access controls and authentication
Secure payment processing through Stripe (PCI DSS compliant)

However, no method of transmission over the internet is 100% secure. While we strive to protect your personal information, we cannot guarantee its absolute security.

International data transfers

Your information may be transferred to and processed in countries outside the UK/EEA. When this happens, we ensure appropriate safeguards are in place, such as:

Standard contractual clauses approved by the European Commission
Transfers to countries with adequate data protection laws
Certification schemes (e.g., EU-US Data Privacy Framework)

Children's privacy

Our services are not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

Third-party links

Our website may contain links to third-party websites, including those of listed businesses. We are not responsible for the privacy practices of these external sites. We encourage you to read the privacy policies of any third-party sites you visit.

Changes to this policy

We may update this Privacy Policy from time to time. When we make significant changes, we will:

Update the "Last updated" date at the top of this page
Notify registered users via email (for material changes)
Display a prominent notice on our website

We encourage you to review this policy periodically to stay informed about how we protect your information.

Contact us

If you have any questions about this Privacy Policy or our data practices, please contact us:

Data Controller: Nu Leaf Change Ltd (trading as gighrly)

Contact: Contact Us

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) if you believe your data protection rights have been violated: ico.org.uk/make-a-complaint