Privacy Policy

1. INTRODUCTION AND OVERVIEW

2. PERSONAL DATA WE COLLECT

2.1 Account Information

When you register for our Services, we collect personal data necessary for account creation and service provision. This information includes your first name, last name, email address, date of birth, location data, and preferred event radius. We also collect information about your music preferences, either directly or through connected streaming services such as Spotify or Apple Music. Your profile may include a photo or avatar, and we maintain records of your account credentials and authentication details.

2.2 Content Creation Data

Through your use of our Services as a content creator, we collect and store the videos and photos you create at events, along with all associated metadata. This metadata includes, but is not limited to, time and location information, event details, and technical specifications of the content. We also maintain records of content performance metrics and all information necessary for rights management and commercial exploitation of the content.

2.3 Location Information

We collect and process location data in several contexts. This includes your specified primary location, your indicated event catchment area preferences, and data necessary to verify your attendance at specific events. This location processing is essential to the core functionality of our service in matching users with appropriate event opportunities.

2.4 Payment Information

For processing payments to content creators, we collect and maintain necessary financial information including bank account details, payment history, and transaction records. Where required by law, we also collect tax-related information. This financial data is processed securely through our payment processor, Stripe, in accordance with applicable financial regulations.

2.5 Automatically Collected Technical Data

When you use our Services, we automatically collect certain technical information about your device and usage patterns. This includes your device's operating system type and version, manufacturer and model, login information, time zone settings, and browser specifications. We also collect information about your device's RAM and disk size, CPU usage, device type, IP address, unique identifiers (including those used for advertising purposes), language settings, mobile device carrier, and network information such as WiFi and mobile data connectivity status.

2.6 Usage and Analytics Data

We maintain detailed records of how you interact with our Services, including comprehensive information about your platform visits and usage patterns. This encompasses the full URL clickstream to, through, and from our platform, products viewed or searched for, page response times, download errors, length of visits to specific pages, page interaction information such as scrolling, clicks, and mouse-overs, and methods used to browse away from pages. This information helps us maintain and improve our Services.

3. HOW WE USE YOUR PERSONAL DATA

3.1 Service Provision and Account Management

We process your personal data to operate and maintain our Services, including facilitating your registration as a content creator, enabling event attendance, processing and storing your video content, and managing payments. This processing is necessary for the performance of our contract with you and to fulfil our obligations under our Terms of Service. We also use this information to communicate with you about your account, respond to your inquiries, and provide customer support.

3.2 Content Rights Management and Commercial Operations

Your personal data is processed to manage the rights transfer of content you create, facilitate its distribution to artists, labels, and management teams, and enable its commercial exploitation. This includes tracking content usage, managing licensing arrangements, and processing related payments. This processing is based on our legitimate interests in operating our business and the performance of our contract with you regarding content creation and rights transfer.

3.3 Platform Enhancement and Analytics

We analyse usage patterns and platform performance to improve our Services and enhance user experience. This includes conducting data analysis, identifying usage trends, determining the effectiveness of our features, and evaluating user engagement. This processing is based on our legitimate interests in maintaining and improving our Services and developing new features to better serve our users.

3.4 Marketing and Communications

Where you have provided consent or where permitted by law, we use your personal data to send you marketing communications about upcoming events, content creation opportunities, and platform updates. We may also use this information to personalise your experience and provide targeted recommendations. You may opt out of marketing communications at any time while continuing to receive essential service-related communications.

4. DATA SHARING AND RECIPIENTS

4.1 Service Providers

We share your personal data with carefully selected third-party service providers who assist us in delivering our Services. This includes our payment processor, Stripe, which handles all financial transactions; cloud storage providers who securely store content and associated data; analytics services that help us understand platform usage; and authentication services that verify user identity. These service providers are bound by strict contractual obligations to protect your personal data and may only use it for specified purposes.

4.2 Content Partners and Rights Holders

In accordance with our Terms of Service and the nature of our platform, we share user-generated content and associated metadata with artists, performers, their management teams, record labels, and social media marketing teams. This sharing is essential to the commercial exploitation of content created through our platform. The scope and nature of this sharing is governed by our agreements with these partners and your acceptance of our Terms of Service.

4.3 Legal and Regulatory Requirements

We may disclose your personal data when required by law, regulation, or legal process. This includes responses to court orders, subpoenas, or other legal demands, as well as cooperation with law enforcement investigations or regulatory requirements. We may also share information to protect our legal rights or defend against legal claims.

4.4 Business Transfers

In the event of a merger, acquisition, reorganisation, bankruptcy, or other similar event, your personal data may be transferred as part of our business assets. We will take reasonable steps to ensure that any successor entity treats your personal data in accordance with this Privacy Policy.

5. INTERNATIONAL DATA TRANSFERS

5.1 Transfer Mechanisms

As a global platform, we transfer personal data internationally. When transferring data outside the UK or European Economic Area, we implement appropriate safeguards through Standard Contractual Clauses, adequacy decisions, or other legally recognised transfer mechanisms. We regularly assess the privacy protections and data security measures of recipients to ensure compliance with applicable data protection laws.

5.2 Third Country Transfers

Where we transfer your personal data to countries that may not provide the same level of data protection as your home country, we implement additional safeguards. These may include supplementary technical measures, contractual commitments, and regular audits of recipients' data protection practices. We maintain records of all international transfers and the safeguards applied.

5.3 Data Protection Standards

Regardless of where your data is processed or stored, we maintain consistent data protection standards across our operations. This includes implementing appropriate technical and organizational measures to protect your personal data during transfer and storage, and ensuring that all recipients of your data maintain similarly high standards of protection.

6. DATA SECURITY

6.1 Technical and Organisational Measures

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include encryption of data in transit and at rest, access controls, secure development practices, and regular security assessments. We maintain internal policies and procedures designed to ensure the ongoing security of your personal data.

6.2 Security Procedures

Our security procedures include, but are not limited to, firewalls, encryption protocols, intrusion detection systems, and security monitoring. We regularly review and update these measures to respond to evolving security threats and technological developments. Access to personal data is restricted to authorised personnel who require such access to perform their duties.

6.3 Data Breach Response

In the event of a personal data breach, we maintain comprehensive incident response procedures. We will notify affected individuals and relevant supervisory authorities as required by applicable law, providing appropriate information about the breach and our remediation efforts.

7. DATA RETENTION

7.1 Retention Periods

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected and processed. This includes retaining account information while your account remains active, video content indefinitely for commercial purposes, and payment information until updated or account deletion. We maintain specific retention schedules for different categories of data based on legal requirements and business needs.

7.2 Retention Criteria

To determine appropriate retention periods, we consider several factors including the amount, nature, and sensitivity of the personal data; the potential risk of harm from unauthorised use or disclosure; the purposes for which we process the data and whether these purposes can be achieved through other means; and applicable legal, regulatory, and contractual requirements.

7.3 Data Deletion

When personal data is no longer necessary for the purposes for which it was collected, we securely delete or anonymise it. Where complete deletion is not possible due to technical limitations, we implement measures to ensure that the data is not used for any purpose and is kept secure until deletion is possible.

8. YOUR RIGHTS

8.1 Data Subject Rights

Under applicable data protection laws, you have various rights regarding your personal data. These include the right to access your personal data; correct inaccurate data; request deletion of your data; object to or restrict processing; request data portability; and withdraw consent for processing based on consent. We provide mechanisms to exercise these rights through our platform or by contacting us directly.

8.2 Exercise of Rights

To exercise your rights, you may contact us using the details provided in the Contact Information section. We will respond to all legitimate requests within the timeframes required by applicable law, typically within one month for GDPR requests. We may require verification of your identity before proceeding with your request.

8.3 Complaints

You have the right to lodge complaints with supervisory authorities regarding our processing of your personal data. For UK residents, this is the Information Commissioner's Office (ICO). We encourage you to contact us first with any concerns so we may address them directly.

9. CHILDREN'S PRIVACY

9.1 Age Restrictions

Our Services are not directed at individuals below the age required to attend venues independently. We implement age verification procedures during registration and for specific events. We do not knowingly collect personal data from individuals under applicable minimum ages.

9.2 Parental Consent

Where we become aware that we have collected personal data from an individual under the applicable minimum age without appropriate parental consent, we will take steps to delete such information. Parents or guardians who believe we may have collected information about their child should contact us immediately.

10. UPDATES TO THIS POLICY

10.1 Policy Changes

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, and other factors. Material changes will be notified to users through the Platform or by email. Your continued use of our Services after such changes constitutes acceptance of the updated Policy.

10.2 Change Documentation

We maintain records of all changes to this Privacy Policy and make previous versions available upon request. The date at the top of this Policy indicates when it was last updated.

11. CONTACT INFORMATION

For any questions about this Privacy Policy or our data practices, please contact us at:

Something Something Consultancy Ltd
First Floor, 280 Mare Street
London, E8 1HE
United Kingdom

Email: contact@guesty.me

For users in the European Union, our EU Representative can be contacted at [DETAILS].

12. REGULATORY INFORMATION

For California residents, please see our supplemental California Privacy Notice for additional disclosures and rights. For users in other jurisdictions, additional privacy rights may apply under local law. Please contact us for more information about your specific rights under applicable local privacy laws.

End of Privacy Policy.