Privacy Policy

1. Introduction

NSD Events Paris ("Company", "we", "us", or "our") operates the GigRig platform ("Platform"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our Platform at nsdeventsparis.com and all associated services. Please read this Privacy Policy carefully. By using the Platform, you consent to the data practices described in this policy.

2. Information We Collect

2.1 Personal Information You Provide

We collect information that you voluntarily provide when you:

• Register an account: Full name, email address, phone number, password, and role selection (ticket buyer, event organizer, artist, or promoter).
• Purchase tickets: Full name, email address, phone number, and billing information (processed by Stripe).
• Register as an Artist: Stage name, artist type, biography, contact details, genres, social media links, and website.
• Create events: Event details, venue information, ticket pricing, and organization details.
• Contact us: Any information you include in correspondence with us.

2.2 Information Collected Automatically

When you access the Platform, we may automatically collect:

• Device information: Browser type, operating system, device type, and unique device identifiers.
• Usage data: Pages visited, time spent on pages, links clicked, and navigation patterns.
• Log data: IP address, access times, and referring URLs.
• Cookies and similar technologies: Session cookies, authentication tokens, and preference settings. See Section 7 for more details.

3. How We Use Your Information

We use the information we collect for the following purposes:

• Provide our services: Process ticket purchases, deliver digital tickets, manage event listings, and facilitate artist bookings.
• Account management: Create and manage your account, authenticate your identity, and maintain security.
• Communications: Send order confirmations, ticket deliveries, event updates, and important service notifications.
• Improve our Platform: Analyse usage patterns, diagnose technical issues, and enhance user experience.
• Legal compliance: Comply with applicable laws, regulations, and legal processes.
• Fraud prevention: Detect, prevent, and address fraudulent transactions and abuse of the Platform.

4. How We Share Your Information

We do not sell your personal information. We may share your information in the following circumstances:

• Event Organizers: When you purchase tickets, we share your name and email with the Event Organizer for event management purposes (e.g., attendee lists, check-in).
• Payment processors: We share necessary payment information with Stripe to process transactions securely. Stripe's privacy policy governs their use of your data.
• Service providers: We may share information with trusted third-party service providers who assist us in operating the Platform (e.g., email delivery, hosting, analytics).
• Legal requirements: We may disclose information when required by law, court order, or governmental regulation.
• Business transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.

5. Data Retention

We retain your personal information for as long as necessary to fulfil the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. When we no longer need your information, we will securely delete or anonymise it.

• Account data: Retained for as long as your account is active, plus a reasonable period after account deletion for legal and business purposes.
• Transaction data: Retained for a minimum of 5 years as required by applicable financial regulations.
• Usage data: Retained in aggregated, anonymised form for analytics purposes.

6. Data Security

We implement appropriate technical and organisational security measures to protect your personal information, including:

• Encryption of data in transit (HTTPS/TLS) and at rest.
• Secure password hashing using industry-standard algorithms.
• Regular security assessments and vulnerability monitoring.
• Access controls limiting employee access to personal data on a need-to-know basis.
• Payment information is processed exclusively by Stripe and is never stored on our servers.

While we strive to use commercially acceptable means to protect your personal information, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security.

7. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience on the Platform:

• Essential cookies: Required for Platform functionality, including authentication and session management.
• Preference cookies: Remember your settings such as theme preferences (light/dark mode).
• Analytics cookies: Help us understand how users interact with the Platform to improve our services.

You can control cookie settings through your browser preferences. Disabling certain cookies may limit functionality on the Platform.

8. Your Rights (GDPR & EU Users)

If you are a resident of the European Economic Area (EEA), you have certain data protection rights under the General Data Protection Regulation (GDPR). These include the right to:

• Access: Request a copy of the personal data we hold about you.
• Rectification: Request correction of any inaccurate or incomplete personal data.
• Erasure: Request deletion of your personal data, subject to legal retention obligations.
• Restriction: Request that we restrict the processing of your personal data.
• Data portability: Request a machine-readable copy of your personal data.
• Objection: Object to the processing of your personal data for certain purposes.
• Withdraw consent: Where processing is based on consent, you may withdraw it at any time.

To exercise any of these rights, please contact us using the details provided in Section 12. We will respond to your request within 30 days.

9. Third-Party Services

Our Platform may contain links to third-party websites or integrate with third-party services. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies. Key third-party services we use include:

• Stripe: Payment processing.
• Amazon Web Services (AWS): Cloud storage and hosting.
• Email service providers: For transactional emails such as ticket delivery and order confirmations.

10. Children's Privacy

The Platform is not intended for children under the age of 16. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal data from a child under 16, we will take steps to delete that information promptly. If you believe a child under 16 has provided us with personal information, please contact us.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on the Platform and updating the "Last updated" date. We encourage you to review this Privacy Policy periodically. Your continued use of the Platform after any changes constitutes your acceptance of the updated policy.

12. Contact Us

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us:

If you are unsatisfied with our response, you have the right to lodge a complaint with your local data protection authority (e.g., CNIL in France).