Privacy Policy
Alfreð ehf. (hereinafter also referred to as “Alfreð” or “we”) operates Giggó, which through its website and app is intended to connect people with projects.
Users of Giggó can advertise temporary projects, which we call gigs, and giggsters can take them on for a fee. Alfreð ehf. places great emphasis on the privacy of Giggó users and on ensuring that the processing of personal data complies with the law.
Personal data means information relating to an identified or identifiable individual, where the latter means that a person can be identified, directly or indirectly, on the basis of certain information.
This Privacy Policy for Giggó explains, among other things, who is responsible for processing personal data, what personal data is collected and for what purpose, how it is used, how its security is ensured, and what rights data protection legislation grants to users.
The Privacy Policy for Giggó applies to all users of the app (hereinafter also referred to as “you”). Users may be advertisers, giggsters, or those who download the app only to look at it.
1. Definitions
The Giggó website and app (also referred to as Giggó) is a system that users can download to their phone and use to advertise or take on so-called “gigs.”
A gig is a defined, temporary project that advertisers want to have carried out for them for a fee.
Users are giggsters, advertisers, and those who download the app only to look at it.
A Giggó profile is an area in the app that contains information about users who log into the app to be advertisers and giggsters. Users must fill in minimum information, such as full name and email address. Users who want both to advertise gigs and to be giggsters do so with the same profile.
Giggsters are users of the Giggó app who log into the app with an email address and fill in minimum information in order to be giggsters and take on gigs for advertisers.
Advertisers are users of the Giggó app who log into the app with an email address and fill in minimum information in order to be able to advertise gigs. Advertisers can also register a gig on Giggó’s website.
Mailbox is a chat area in the Giggó app that advertisers and giggsters use to communicate with each other about a specific gig, i.e. between one advertiser and one giggster. A new chat area opens for each gig, even if the advertiser and giggster have previously communicated about another gig.
2. Data Controller
The personal data that a user registers in Giggó is stored electronically in the app. Alfreð ehf. is the controller of the processing of the personal data that users register in Giggó.
Users who process other users’ personal data, for example in connection with contracts, where they themselves determine the implementation, purpose, and method of the processing, are independent controllers of such processing and bear the legal obligations arising from it. Alfreð ehf. is not responsible for such processing, nor for the users’ decision to provide additional personal data to other users beyond what is foreseen in the system.
3. How we collect and process personal data
Alfreð processes the personal data of Giggó users, which they register themselves and which are necessary to connect advertisers and giggsters. Advertisers and giggsters may provide, for example, the following information:
Profile information: Full name, email address, description of yourself as a giggster, description of a gig, photos or links to previous projects, profile picture, location, tags, etc.
Communication data: Information about communications in your mailbox with Alfreð ehf. and with other users of the app.
Website data: Email address and IP address.
Feedback data: Information that advertisers register about giggsters by giving stars and reviews after a gig. The content of reviews must comply with the Giggó app’s Terms of Use.
3.1. Users also provide the following data that is processed in the Giggó app:
Information about the use of Giggó, user activities or attitudes towards the service, such as how often a particular gig or giggster is clicked, and star ratings given by advertisers. We also process information when a giggster is offered a gig and when an advertiser has found a giggster.
Technical data about your device and usage in the app. If we receive a notification of a technical error or a request for support when you use the app, we obtain information about the version of the app you are using, your device, including operating system and hardware, as well as other information necessary to fix software errors and improve our products and services.
In addition, Alfreð may process other information about you that is necessary for the company to provide its services or protect legitimate interests. The above is therefore not exhaustive.
Electronic ID: Users of Giggó may use electronic IDs for authentication. If users choose to do so, they provide Alfreð ehf. with, for example, name, national ID number, and phone number. Giggsters that subscribe to Giggó must use electronic authentication.
3.2. Use of artificial intelligence (AI) in Giggó
In certain cases, Giggó uses artificial intelligence (AI) to improve user experience, e.g., by assigning appropriate tags to new gigs posted by advertisers. The AI does not access users’ personal data or any information that can be linked to an identified individual. In this process, only gig descriptions and other gig-related content are used in a way that does not allow users to be identified.
4. Purpose of processing
The purpose of Alfreð’s processing of personal data is to provide services to users in the app. Processing includes, among other things:
Identifying users when logging into the Giggó app.
Collecting relevant information that users enter in their Giggó profiles, so giggsters can share important information about themselves to get the gigs they want, and advertisers can choose the giggster they find most suitable.
Enabling communication between users and with Alfreð.
Improve search and matching between gigs and giggsters through AI-assisted tagging of gigs.
Developing our products and services.
Carrying out marketing and promotional activities for Giggó, e.g. newsletters, notifications of planned changes or improvements.
Performing statistical analysis, e.g. when adding new services or improving existing ones.
Protecting our legitimate interests and fulfilling legal obligations.
5. Legal basis
Personal data in Giggó is processed on the basis of user consent and for the performance of a contract. Data may also be processed in order to meet legal obligations and protect our or our customers’ legitimate interests, such as:
improving and developing our services;
correcting errors that arise when using our services;
ensuring backups and data recovery when systems fail;
defending legal claims of Alfreð or its customers;
assessing service quality;
contacting you regarding the business relationship, including direct marketing;
ensuring users comply with the Terms of Use.
6. How we ensure accuracy, reliability, and security of personal data
Alfreð ehf. places emphasis on the security of personal data through organizational and technical measures. Giggó is designed with security and privacy in mind.
When logging in, users must register their name and email address, but they may also choose to use an electronic ID. If users authenticate with an electronic ID, their full name, as registered in the National Registry, will be displayed in the app and visible to other users. Otherwise, no intermediary is involved in registering personal data in profiles, which increases reliability and accuracy.
Users can also log into the system at any time and delete or modify the information in their profile, as described in the Giggó Terms of Use.
We ensure that third-party software we use meets the requirements of data protection laws. We also conduct risk assessments of information security related to personal data and implement measures when needed. In addition, we maintain a business continuity policy and a security policy, covering access control, data processing agreements, cybersecurity solutions, building access, staff confidentiality, and training.
If a security breach occurs, we follow set procedures, including notifying the Data Protection Authority and, if the breach poses a high risk to your rights and freedoms, notifying you as well.
If you believe your personal data is at risk, or if someone has accessed your login information (email and code) or other details, please contact us at giggo@giggo.is.
7. Who we share your personal data with
Users of Giggó may be giggsters, advertisers, or both.
Ads for gigs and the information in advertisers’ profiles are visible and therefore disclosed to all users of Giggó as soon as a gig is registered.
Giggsters without a subscription disclose the information in their profiles to advertisers when they apply for a gig through the mailbox in the app.
Giggsters with a subscription disclose the information in their profiles to advertisers we recommend them to.
Advertisers’ feedback is displayed in giggsters’ profiles and therefore disclosed in the same way as other profile information.
In addition, users disclose information to each other in the mailbox when negotiating a gig. They must ensure this is done in line with the Giggó Terms of Use.
Employees of Alfreð have access to users’ personal data as needed to perform their work.
To develop and support our services, we may also transfer your personal data to Giggó’s developers under a data processing agreement. This includes Alfreð Jobs s.r.o., located in Prague, Czech Republic.
We may also transfer your personal data to cloud service providers, IT support providers, our legal advisors (for contracts or dispute resolution), and external auditors or tax advisors. In such cases, we take appropriate measures to ensure the security of the data, including contracts.
We may disclose your personal data to authorities or others where required by law or contract. We will seek to notify you unless prohibited by law.
We aim to ensure that your personal data is processed within the EEA or in countries providing adequate protection. Transfers outside these areas will only occur where permitted by law.
8. Retention of personal data
Alfreð processes your personal data as long as it is necessary and relevant to achieve the purpose of the processing, to fulfill our agreement under the Giggó Terms of Use, to meet legal obligations, or where our legitimate interests require it.
Advertisers and giggsters can log into the app at any time and modify or delete their personal data. Advertisers must close gigs before deleting their profiles, and users cannot delete communications they have had with others in their mailbox. However, the name of a deleted profile will appear as “inactive user” in other users’ mailboxes. If both parties delete their profiles, the communication will also be deleted.
After deletion, we keep the data in our database for an additional 90 days to help you recover it if deleted by mistake or if you change your mind. After 90 days, the data is permanently erased and cannot be restored.
Alfreð will erase your personal data if (i) it is no longer needed for the purposes collected, (ii) the processing is unlawful, (iii) you object to the processing and there are no overriding legitimate grounds, (iv) required by law, or (v) you withdraw your consent.
In some cases, we may need to retain some data longer, particularly to protect our legitimate interests or due to legal obligations. In those cases, we will only keep the minimum necessary data and delete it as soon as possible.
9. Your rights under data protection law
Data protection law grants individuals various rights, including access to and information about whether and how we process your personal data in Giggó. These rights may be subject to limitations arising from law, others’ interests, or Alfreð’s legitimate interests.
If no such limitations apply, Alfreð will respond to requests regarding these rights free of charge, unless the request is unfounded, excessive, or if multiple copies of personal data are requested. In such cases, Alfreð may charge a reasonable fee or refuse the request. Proof of identity is required when exercising your rights.
9.1. Right of access and data portability
You have the right to know whether we process personal data about you and to access such data. You are also entitled to minimum information about the processing, which is provided in this policy.
Where data is processed on the basis of consent or contract, you have the right to receive the data you provided and to request that it be transferred directly to another controller, if technically feasible.
9.2. Right to rectification and erasure
In most cases, users can correct or delete their personal data in Giggó themselves. Where this is not possible, you may request correction of inaccurate or unreliable information. In some cases, you also have the right to request deletion of certain personal data.
Reviews and star ratings are descriptions of users’ experiences of working together on a gig. They will not be removed unless they clearly violate the Giggó Terms of Use.
9.3. Right to object or restrict processing
You have the right to object to the processing of your personal data due to your particular circumstances when it is based on our legitimate interests or those of third parties. You also have the right to object to processing for direct marketing, in which case the processing will stop.
In certain circumstances, e.g. if there is a dispute about the accuracy of data, you may request a restriction on processing.
10. Contact information
If you have questions or comments regarding the processing of personal data in Giggó, you can email us at giggo@giggo.is. You also have the right to lodge a complaint with the Icelandic Data Protection Authority if you disagree with how your data is handled. However, we encourage you to contact us first so we can assist you. The Icelandic DPA can be reached at postur@personuvernd.is.
11. Review of Privacy Policy
Alfreð reserves the right to review and amend this Privacy Policy as needed to reflect current processing of personal data. Changes to the Giggó Privacy Policy will be notified in the app.
This Privacy Policy is effective as of 14.10.2025.