Privacy Policy

Last updated: May 18, 2026

Introduction

Welcome to GigBook. We respect your privacy and are committed to protecting your personal data. This privacy policy explains how we collect, use, store, and protect your information when you use our app.

Information We Collect

Account Information

When you create an account, we collect:

  • Email address
  • Display name
  • Legal business name (optional)
  • Phone number (optional)
  • Business address (optional)
  • VAT number (optional)

Business Data

To provide our services, we store:

  • Gig information (dates, venues, fees, payment status)
  • Company and client contacts
  • Invoice data and line items
  • Payment methods including bank account details and IBAN (stored encrypted)
  • Expenses
  • App preferences and settings

Automatically Collected Information

  • Device type and operating system
  • App version
  • Crash reports and error logs

Voice Input (Optional)

If you use the voice gig-entry feature, GigBook accesses your microphone while you are actively recording. On the mobile app, your speech is transcribed to text on your device. On the web app, the audio is sent to the transcription provider you have chosen (see AI-Powered Features below). The audio is used only to produce a transcript — GigBook does not keep voice recordings.

How We Use Your Information

We use your information to:

  • Provide and maintain the GigBook service
  • Authenticate your account and keep it secure
  • Generate invoices and manage your gigs
  • Sync your data across devices
  • Send you important service updates (only when necessary)
  • Improve our app and fix bugs
  • Comply with legal obligations

We do NOT: Sell your data, share it for advertising, or use it for marketing purposes.

AI Features and Third-Party AI Providers

GigBook offers optional AI-assisted features: importing your gig history from files, creating gigs by voice or typed description, parsing gigs from screenshots, and extracting expenses from receipt photos. These features only run when you actively use them, and only after you have given explicit permission inside the app (revocable at any time in Settings → AI).

What is sent: only the content you submit for a specific action — a voice recording you make, a file, screenshot or receipt photo you choose, or a gig description you type. We never send your account data in the background, and we never use your data to train AI models.

Who it is sent to: the AI provider whose API key you added yourself — one of OpenAI, Anthropic, Google, DeepSeek or Mistral — under your own account with that provider and subject to their privacy policy. GigBook's server relays the content to the provider and stores only the structured result you review and approve (e.g. the gig or expense that was created). Your API keys are stored encrypted (AES-256-GCM) and are never shown again after you save them.

Your control: AI features do nothing until you grant permission, every send is triggered by your explicit action, and revoking permission in Settings → AI turns the features off without affecting anything else.

Data Storage and Security

Where Your Data is Stored

  • Database: Neon PostgreSQL (cloud-hosted, encrypted at rest)
  • Authentication: Clerk (industry-standard authentication service)
  • Hosting: Vercel (serverless infrastructure)

Security Measures

  • All data transmitted over HTTPS (encrypted in transit)
  • Database encryption at rest (Neon)
  • Field-level encryption for sensitive financial data (IBAN, bank account details) using AES-256-GCM
  • Secure authentication via Clerk (OAuth supported)
  • Strict user data isolation — no user can access another user's data
  • Regular security updates and patches

Third-Party Services

We use the following third-party services:

Clerk (Authentication)

Handles user authentication and account security. Read their privacy policy: clerk.com/privacy

Neon (Database)

Stores your app data securely. Read their privacy policy: neon.tech/privacy-policy

Vercel (Hosting)

Hosts the app infrastructure. Read their privacy policy: vercel.com/legal/privacy-policy

AI-Powered Features (Optional)

GigBook offers optional AI-assisted features — importing past gig data from files or text, and adding gigs by voice. These features only operate when you choose to use them, and the core app works fully without them.

To use them, you provide your own API key for a third-party AI provider (such as OpenAI, Anthropic, or Google). When you save an API key, it is encrypted (AES-256-GCM) before storage and is never shared or shown back to you in full.

When you run an AI feature, the content you provide for that run — uploaded files, pasted text, or voice transcripts — is sent to the AI provider you selected so it can extract structured gig details. That data is then handled under that provider's own privacy policy and terms, which we encourage you to review. GigBook itself does not use this data to train any AI models.

Data Retention

  • Your data is stored as long as your account is active
  • When you delete your account, all your data is permanently deleted immediately
  • Database backups are retained for up to 30 days for disaster recovery, then permanently deleted
  • We retain minimal logs for security purposes (90 days)

Your Rights

Under GDPR and other privacy laws, you have the right to:

  • Access: Request a copy of your data
  • Correction: Update or correct your information in Settings
  • Deletion: Delete your account and all associated data directly from Settings → Profile → Delete Account
  • Export: Download all your data as a JSON file from Settings → Profile → Export My Data
  • Object: Object to certain data processing activities
  • Withdraw Consent: Withdraw consent at any time by deleting your account

To exercise any of these rights or for questions, contact us at privacy@gigbook.xyz

Children's Privacy

GigBook is not intended for users under 18 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

International Users

Your data may be processed in countries outside your own. We ensure adequate safeguards are in place to protect your data in compliance with GDPR and other applicable privacy laws.

Changes to This Policy

We may update this privacy policy from time to time. We will notify you of any significant changes by email or through the app. Your continued use of GigBook after changes means you accept the updated policy.

Contact Us

If you have questions about this privacy policy or your data, contact us:

This privacy policy applies to the GigBook mobile app and web application. By using GigBook, you agree to the collection and use of information in accordance with this policy.