Privacy Policy
Last Updated: 10 January 2026
Gighammer ("the Platform") is committed to protecting the privacy and security of the musical, sporting, and dramatic groups we serve. This policy explains how we handle personal data in accordance with the UK Data Protection Act 2018 and UK GDPR.
Gighammer follows "Security by Design" principles to ensure that group management is both efficient and legally compliant for UK-based organisations.
1. About Us
Gighammer is operated by Ian Dobie, acting as the Data Controller.
- Registered Address: 6 Well Street, Todmorden, UK
- Contact: privacy [at] gighammer.com
2. The Data We Collect
We collect information necessary to provide management services to your group:
- Member Information: Names, email addresses, phone numbers, and group-specific roles (e.g., "Soprano," "Goalkeeper," or "Lead Guitar").
- Financial Data: Payment history for subs and merchandise. Full card details are processed securely via Stripe and are never stored on Gighammer servers.
- Usage Data: IP addresses and device types to ensure site security and performance.
3. Lawful Basis for Processing
Under UK GDPR, we process your data under the following legal bases:
- Contractual Necessity: To provide the management tools you have signed up for.
- Legitimate Interests: To improve our platform, prevent fraud, and facilitate communication within your group.
- Legal Obligation: Where we are required to keep financial records for HMRC compliance.
4. How We Share Your Information
We do not sell your data. We only share information with "Sub-Processors" essential to our service:
- Stripe: For secure payment processing.
- Microsoft: For secure UK-based data storage.
5. Data Security
We take the protection of your group's data seriously:
- Encryption: All data is encrypted in transit and at rest using 256-bit SSL/TLS encryption.
- Access Control: Group members only see the data allowed by their specific permissions.
- Location: All primary data is stored on secure servers located within the United Kingdom.
6. Your Rights
As a UK resident, you have the following rights under the Data Protection Act:
- The right to access a copy of the data we hold on you.
- The right to request account deletion (The "Right to be Forgotten").
- The right to data portability.
- The right to complain to the Information Commissioner’s Office (ICO) if you are unhappy with our data practices.
7. Use of Cookies
We use Essential Cookies only. These are required for security and to keep you logged into the Platform. We do not use third-party tracking or advertising cookies.
8. Contact
If you have any questions regarding this policy or wish to exercise your data rights, please contact our Data Protection Lead at privacy [at] gighammer.com.
