Privacy Policy

Giget.ai ("we", "us", "our") operates the Giget.ai freelance marketplace, accessible at giget.ai and giget.pages.dev. This Privacy Policy explains how we collect, use, and protect your personal information when you use our Platform.

If you have questions, contact us via our support portal.

Information you provide directly:

• Account details: name, email address, username, password (stored as a secure hash)
• Profile information: bio, location, profile photo, skills
• Service listings: titles, descriptions, pricing, portfolio images
• Messages exchanged with other users through the platform
• Reviews and ratings you submit
• Support requests and communications with Giget.ai

Information collected automatically:

• Browser fingerprint (hashed, used for fraud prevention only — never shared)
• IP address (used for security and abuse prevention)
• Page visit counts and general usage patterns (aggregated, non-identifying)
• Device type and browser type (for platform compatibility)

Payment information: We do not collect or store your credit card, debit card, or bank account details. All payment data is collected and stored directly by Stripe, Inc. under their privacy policy. We receive only transaction metadata (amount, status, Stripe transaction ID).

We use your information to:

• Create and manage your account
• Facilitate transactions between buyers and sellers
• Process payments and payouts via Stripe
• Send transactional emails (order confirmations, payment receipts, dispute notifications)
• Provide customer support
• Detect and prevent fraud, spam, and abuse
• Improve platform features and performance
• Comply with legal obligations (including tax reporting requirements)

We do not use your information for advertising, sell it to data brokers, or share it with third parties for marketing purposes.

With other users: Your public profile (display name, username, bio, location, skills, reviews, and listings) is visible to all users of the Platform. Your email address is never shown publicly.

With Stripe: When you connect a Stripe account as a Seller, we share necessary identity and business information with Stripe as required by their Connected Account onboarding process. Stripe processes this data under their own privacy policy.

With service providers: We use a small number of trusted providers to operate the Platform:

Legal requirements: We may disclose your information if required by law, court order, or to protect the rights and safety of users or the public.

Your data is stored on Cloudflare's global edge network using Cloudflare D1 (SQLite-based). Cloudflare maintains SOC 2 Type II compliance and employs industry-standard security practices.

We protect your data with:

• Password hashing using bcrypt (passwords are never stored in plain text)
• Session tokens with 30-day expiry and secure header transmission
• HTTPS/TLS encryption for all data in transit
• Device fingerprinting for fraud and abuse detection
• Rate limiting and IP-based abuse controls

No system is completely secure. If you believe your account has been compromised, contact support immediately.

Giget.ai does not use third-party tracking cookies or advertising cookies. We use browser localStorage for:

• gg_session — your encrypted session token (keeps you logged in)
• gg_user — cached profile info (name, username) to avoid repeated API calls
• gg_lang — your language preference

Cloudflare may set a __cf_bm cookie for bot protection. See our full Cookie Policy.

Depending on your location, you may have the following rights regarding your personal data:

• Right to Access: Request a copy of the personal data we hold about you.
• Right to Correction: Request that we correct inaccurate or incomplete data.
• Right to Erasure: Request deletion of your account and associated personal data. Note: transaction records required for tax and legal compliance may be retained.
• Right to Portability: Request an export of your data in a machine-readable format.
• Right to Object: Object to processing of your data that is not strictly necessary for platform operation.
• Right to Withdraw Consent: Where processing is based on consent, you may withdraw it at any time without affecting prior processing.

To exercise any of these rights, contact our support team. We will respond within 30 days.

We retain your personal data for as long as your account is active or as needed to provide services. Specifically:

• Account data: Retained until account deletion is requested
• Transaction records: Retained for 7 years for tax and legal compliance
• Messages: Retained for 2 years after the related order closes
• Security logs: Retained for 90 days

Giget.ai is not directed at children under the age of 18. We do not knowingly collect personal information from anyone under 18. If you believe a minor has created an account, contact us immediately and we will remove the account and associated data promptly.

We may update this Privacy Policy from time to time. We will post the revised version here with an updated "Last updated" date. For material changes, we will notify registered users by email at least 7 days before the changes take effect. Continued use of the Platform after that date constitutes acceptance of the updated policy.