Privacy Policy for Gighead Users
This policy was last updated on 18 May 2026
This privacy policy explains how RUNEBYTE LTD ("Gighead", "we", "us" or "our") collects, uses, discloses and protects personal information when you use the Gighead mobile software application (the "App"), our website, and related services (together, the "Gighead Platform").
Gighead is a social app for live music fans. This means some information you add, such as your profile, gig activity, friend connections, comments, photos, and privacy choices, may be used to provide social features and may be visible to other users depending on your settings and the feature you use.
This policy is intended to cover users in the United Kingdom, the European Economic Area, Switzerland, the United States, Canada, and other markets where the Gighead Platform is available. Some rights and notices vary by region and are described below. If you have any questions, contact us atsupport@gighead.com.
1. ABOUT US
1.1 RUNEBYTE LTD is a company registered in England and Wales. When we mention Gighead, we, us or our in this policy, we are referring to RUNEBYTE LTD.
1.2 For UK and European data protection laws, Gighead is normally the controller of personal data we process about users of the Gighead Platform. For Canadian privacy laws, Gighead is responsible for personal information under our control.
1.3 We provide tools for viewing, entering, sharing, and managing content about live music events ("gigs"), artists, venues, festivals, friends, attendance, photos, and related activity. We do not sell tickets or facilitate ticket transactions.
2. INFORMATION WE COLLECT
2.1 We collect information you provide directly, information generated through your use of the Gighead Platform, and information from selected third parties where you choose to use an integration.
| Category | Examples |
|---|---|
| Account and contact information | Name, username, email address, phone number, authentication details, date of birth, country or region, and account settings. |
| Profile and social information | Profile photo, bio or display details, friend requests, friend connections, blocked users, invite activity, and privacy settings. |
| Gig and music activity | Gigs, festivals, artists, venues, attendance status, interest levels, setlists, wristband designs, saved or followed content, and content you create or edit. |
| User content | Photos, captions, reports, feedback, support messages, comments, and other content you upload or submit. |
| Location information | Approximate location from IP address and, where you permit it, precise device location used to suggest nearby gigs, venues, festivals, and relevant content. |
| Device and usage information | Device identifiers, operating system, browser type, app version, IP address, pages or screens viewed, links clicked, crash logs, diagnostics, and feature usage. |
| Communications and preferences | Email, SMS, push notification tokens, notification preferences, website cookie preferences, and consent records. |
| Safety and moderation information | Reports, moderation decisions, suspected misuse, fraud prevention signals, and records needed to enforce our Terms of Service. |
2.2 We may collect sensitive personal information where needed to provide requested features, such as precise location if you enable it, account security information, and photos or user content that may reveal information about you or others. We use sensitive information only for permitted purposes, such as providing the requested feature, maintaining safety, preventing misuse, and complying with law.
2.3 We do not intentionally collect information from children. The Gighead Platform is intended for users who are at least 18 years old, as described in our Terms of Service.
3. HOW WE USE INFORMATION
3.1 We use personal information to:
- provide, maintain, secure, and improve the Gighead Platform;
- create and manage accounts, authentication, onboarding, settings, and support;
- show gig, artist, venue, festival, attendance, and friend-related information;
- operate social features, including friend requests, invites, shared attendance, profile visibility, and photo visibility controls;
- personalise recommendations, search results, notifications, feeds, and discovery features;
- send service messages, security alerts, support replies, and product updates;
- process reports, moderate content, investigate misuse, protect users, and enforce our Terms of Service;
- debug, analyse, measure, and improve performance, reliability, usability, and feature adoption;
- comply with legal obligations, respond to lawful requests, and establish, exercise, or defend legal claims; and
- create aggregated or de-identified information that cannot reasonably identify you.
3.2 We do not use your private content or private friend-only activity for third-party targeted advertising. We also do not sell your personal information.
4. LEGAL BASES
4.1 If UK, EU, EEA or Swiss data protection law applies, we rely on the following legal bases:
- Contract: to provide the Gighead Platform and perform our Terms of Service.
- Legitimate interests: to improve the service, recommend relevant content, prevent fraud and abuse, secure the platform, understand usage, and operate ordinary business activities, where those interests are not overridden by your rights.
- Consent: for optional permissions such as precise location, push notifications, website cookie preferences, and other cases where we ask for consent.
- Legal obligation: where processing is necessary to comply with applicable law.
- Legal claims and vital interests: where necessary to protect rights, safety, and security.
4.2 If Canadian law applies, we collect, use, and disclose personal information with consent where required, including implied consent for information needed to provide requested services and express consent where required for more sensitive or optional processing. You may withdraw consent at any time, subject to legal or contractual restrictions and reasonable notice.
5. SOCIAL FEATURES AND VISIBILITY
5.1 Gighead includes social features. Your username, profile photo, public profile information, public gig activity, public photos, and public contributions may be visible to other users and, in some cases, people outside the Gighead Platform through public links or previews.
5.2 Friend-only activity and photos are intended to be visible only to users you have connected with as friends, subject to your settings and the design of the relevant feature. Private activity and photos are intended to be visible only to you and to Gighead personnel or service providers where needed to provide, secure, support, or moderate the service.
5.3 You are responsible for the personal information you choose to share through public or friend-based features. You can change privacy settings for supported features in the App. Changes normally apply going forward, but other users may have already seen, saved, or shared information that was visible to them before the change.
6. COOKIES AND SIMILAR TECHNOLOGIES
6.1 The Gighead website may use cookies and local storage to run the site, remember preferences, keep accounts secure, measure usage, diagnose issues, and improve the Gighead Platform. The App does not use browser cookies; it uses secure local storage and software development kits for authentication, preferences, security, diagnostics, and core app functionality.
6.2 These technologies may include:
- Strictly necessary website cookies and app storage needed for login, security, routing, consent records, and core service functionality.
- Analytics and performance technologies used to understand usage, measure reliability, and improve the service where permitted by law or consent settings.
- Preference technologies used to remember settings, region, display choices, and similar preferences.
6.3 Where required, we ask for consent before using non-essential website cookies or optional app analytics. You can update website cookie choices through our cookie controls and can manage mobile permissions through your device settings and in-App settings where available.
7. NOTIFICATIONS
7.1 We may send service communications about your account, security, support, transactions, policy changes, and important product updates. These messages may be necessary to provide the Gighead Platform.
7.2 You can adjust notification settings in the App or change push notification permissions in your device settings.
8. HOW WE DISCLOSE INFORMATION
8.1 We disclose personal information only as needed for the purposes described in this policy:
| Recipient category | Purpose |
|---|---|
| Other Gighead users | To provide social features according to the feature design and your privacy settings, such as profiles, friends, gig activity, invites, and photos. |
| Cloud hosting, storage, and infrastructure providers | To host the Gighead Platform, store account data and content, deliver media, backup data, and maintain reliability. |
| Authentication, messaging, and communication providers | To support login, verification, email, SMS, push notifications, and user support. |
| Analytics, diagnostics, and security providers | To measure usage, detect crashes, monitor performance, prevent fraud, and secure the service. |
| Search, maps, and content service providers | To provide search, discovery, location, venue, artist, festival, and gig-related features. |
| Professional advisers and authorities | To obtain legal, accounting, compliance, security, or insurance advice, respond to lawful requests, and protect rights and safety. |
| Business transfer parties | To evaluate or complete a merger, acquisition, financing, restructuring, sale of assets, or similar transaction. |
8.2 We require service providers to process personal information only as instructed by us or as otherwise permitted by law, and to use appropriate confidentiality and security measures.
8.3 We may publish, disclose, or use aggregated or de-identified information that does not reasonably identify you.
9. U.S. STATE PRIVACY NOTICE
9.1 This section applies to residents of U.S. states with comprehensive privacy laws, including California where applicable. Some rights apply only if Gighead is legally subject to the relevant state law, but you may still contact us with privacy requests atsupport@gighead.com.
9.2 During the last 12 months, we may have collected the categories of personal information described in Section 2 and disclosed them to the recipient categories described in Section 8 for business and operational purposes. We do not sell personal information for money. We do not knowingly sell or share personal information of users under 18.
9.3 We do not use sensitive personal information to infer characteristics about you. We use sensitive personal information only for permitted purposes, such as providing requested services, security, safety, fraud prevention, support, and legal compliance.
9.4 Depending on your state, you may have rights to:
- know, access, or confirm whether we process your personal information;
- receive a portable copy of personal information you provided to us;
- correct inaccurate personal information;
- delete personal information, subject to exceptions;
- opt out of sale, sharing, or targeted advertising where applicable;
- limit certain uses of sensitive personal information where applicable;
- appeal a refusal to act on a request where your state provides that right; and
- not be discriminated against for exercising privacy rights.
9.5 Gighead does not currently sell personal information or share it for cross-context behavioural advertising. If we introduce activities that require an opt-out, we will provide a clear method to opt out, and where legally required we will honour browser-based opt-out preference signals such as Global Privacy Control.
10. CANADIAN PRIVACY NOTICE
10.1 If you are in Canada, we handle personal information in line with applicable Canadian privacy laws, including the Personal Information Protection and Electronic Documents Act and substantially similar provincial privacy laws where they apply.
10.2 We are accountable for personal information under our control, identify purposes for collection, limit collection, use, disclosure, and retention to what is reasonably necessary, use safeguards appropriate to the sensitivity of the information, and provide access and correction rights as required.
10.3 You may request access to, or correction of, your personal information. You may also withdraw consent, subject to legal or contractual limits and reasonable notice. If you withdraw consent for information needed to provide a feature, we may no longer be able to provide that feature.
11. INTERNATIONAL TRANSFERS
11.1 We are based in the United Kingdom and use service providers that may process personal information in the United Kingdom, the European Economic Area, the United States, Canada, and other countries. Privacy laws in those countries may differ from the laws where you live.
11.2 Where required, we use appropriate safeguards for international transfers, such as adequacy regulations, standard contractual clauses, the UK International Data Transfer Agreement or Addendum, transfer risk assessments, contractual protections, and technical and organisational security measures.
12. SECURITY
12.1 We use technical, organisational, and administrative safeguards designed to protect personal information from unauthorised access, loss, misuse, alteration, and disclosure. These measures include access controls, encryption where appropriate, monitoring, backups, and internal controls.
12.2 No online service can guarantee perfect security. You should use a strong password or secure login method, keep your device secure, and contact us promptly if you believe your account has been compromised.
13. DATA RETENTION
13.1 We keep personal information for as long as reasonably necessary for the purposes described in this policy, including to provide the Gighead Platform, maintain records, resolve disputes, enforce terms, comply with law, and protect rights and safety.
13.2 Retention periods vary depending on the type of information, sensitivity, user expectations, legal requirements, security needs, and whether the information is needed for an active account or feature. We may retain some records after account deletion where required or permitted by law, including records needed for legal claims, security, fraud prevention, moderation, backups, and compliance.
13.3 When personal information is no longer needed, we delete, anonymise, or otherwise securely handle it according to our retention practices. Backup copies may persist for a limited period before they are overwritten or deleted.
14. YOUR PRIVACY RIGHTS
14.1 Depending on where you live, you may have rights to access, receive a copy of, correct, delete, restrict, object to, or port your personal information. You may also have the right to withdraw consent, opt out of certain processing, or complain to a regulator.
14.2 UK, EU, EEA and Swiss users may have rights of access, rectification, erasure, restriction, objection, portability, withdrawal of consent, and complaint to a supervisory authority. UK users can contact the Information Commissioner's Office. EU, EEA, and Swiss users may contact their local data protection authority.
14.3 U.S. users may have the state privacy rights described in Section 9. Canadian users may have the rights described in Section 10 and may contact the Office of the Privacy Commissioner of Canada or a provincial privacy regulator where applicable.
14.4 To exercise a privacy right, contact us atsupport@gighead.com. We may need to verify your identity and request information needed to process the request. You may also use in-App settings to update certain profile, privacy, notification, and account choices.
14.5 We will respond within the time required by applicable law. If we deny a request, we will explain the reason where required and tell you how to appeal if an appeal right applies.
15. INFORMATION ABOUT OTHER PEOPLE
15.1 If you upload, submit, or share information about another person, you must have the right to do so and should consider whether that person would expect the information to be shared on Gighead. This is especially important for photos, tags, invites, friend-based sharing, and reports.
15.2 If someone has shared information about you on Gighead and you want to raise a concern, contact us at support@gighead.com or use available in-App reporting tools.
16. CHANGES TO THIS POLICY
16.1 We may update this policy from time to time. If we make material changes, we will provide notice through the Gighead Platform, by email, or by another appropriate method. The "last updated" date shows when this policy was most recently changed.
17. CONTACT AND COMPLAINTS
For questions, requests, or complaints about privacy, contact us atsupport@gighead.com.
If you are not satisfied with our response, you may have the right to complain to your local data protection or privacy regulator, including the UK Information Commissioner's Office, an EU or EEA supervisory authority, a Swiss data protection authority, a U.S. state privacy regulator where applicable, or the Office of the Privacy Commissioner of Canada.