Effective Date: April 2025

This Data Processing Agreement (“Agreement”) forms part of the Terms of Service between Gigevate (Pty) Ltd (“Gigevate”, “we”, “us”, “our”) and the counterparty (“Client”, “Controller”, or “you”) using Gigevate’s platform or services.

This Agreement governs the processing of personal data in compliance with the General Data Protection Regulation (EU) 2016/679 (“GDPR”), the UK GDPR, and the Protection of Personal Information Act 4 of 2013 (“POPIA”).

1. DEFINITIONS

  • Data Controller means the party which determines the purposes and means of processing personal data.
  • Data Processor means the party that processes personal data on behalf of the Controller.
  • Data Subject means the individual to whom the personal data relates.
  • Personal Data means any information relating to an identified or identifiable natural person.
  • Processing means any operation or set of operations performed on personal data.
  • Sub-Processor means any third party engaged by the Processor to assist in processing personal data.
  • Applicable Law means all applicable privacy and data protection laws including GDPR, UK GDPR and POPIA.


2. ROLES AND RESPONSIBILITIES
The Client is the Data Controller, and Gigevate acts as the Data Processor, except where Gigevate processes data for its own purposes (in which case it acts as an independent Controller).


3. PROCESSING DETAILS

  • Purpose: To provide the Gigevate platform and associated services.
  • Nature of Processing: Collection, storage, transmission, deletion, and analysis of personal data.
  • Categories of Data Subjects: Artists, event organisers, fans, and users of the Gigevate platform.
  • Types of Personal Data: Names, emails, phone numbers, location, payment data, booking history, and event interaction data.
  • Duration: For the term of service and as required by law.


4. GIGEVATE’S OBLIGATIONS AS PROCESSOR
Gigevate agrees to:

4.1 Process Personal Data Only on Documented Instructions
Only act on the Controller’s written instructions unless required by law.

4.2 Confidentiality
Ensure that employees and contractors are subject to appropriate confidentiality obligations.

4.3 Security
Implement appropriate technical and organisational measures to protect data, including encryption, access controls, pseudonymisation and audit logging.

4.4 Sub-Processors
Gigevate may engage Sub-Processors. A list of current Sub-Processors is available upon request. Gigevate ensures Sub-Processors comply with data protection obligations equivalent to this Agreement.

4.5 Assistance to the Controller
Assist in responding to requests from Data Subjects, including access, correction, deletion, and objection requests.

4.6 Data Breach Notification
Notify the Controller without undue delay if Gigevate becomes aware of a personal data breach affecting the Controller’s data.

4.7 Data Protection Impact Assessments
Assist in conducting data protection impact assessments where relevant.

4.8 Return or Deletion
At the end of service provision, Gigevate will delete or return all personal data as instructed by the Controller, unless retention is required by law.


5. INTERNATIONAL DATA TRANSFERS
If personal data is transferred to a country outside the EEA, UK or South Africa, Gigevate ensures such transfers comply with applicable data transfer mechanisms (e.g. Standard Contractual Clauses, UK Addendum, or legal exemptions).


6. AUDIT RIGHTS
The Controller may request reasonable information to demonstrate compliance. Gigevate will cooperate with audits by the Controller or appointed auditor with prior notice, provided such audits do not disrupt operations.


7. LIABILITY AND INDEMNITY
Each party shall be liable for its own compliance with data protection laws. Gigevate is not liable for processing conducted under the Controller’s instructions unless such instructions violate applicable law.


8. TERMINATION
This Agreement shall terminate automatically upon termination of the underlying services agreement, unless required to survive by applicable law.


9. GOVERNING LAW

  • For users in the EU, this DPA is governed by the laws of your country of residence.
  • For users in the UK, it is governed by the laws of England and Wales.
  • For users in South Africa, it is governed by the laws of South Africa.


10. CONTACT INFORMATION
If you have any questions about this DPA, contact:

Gigevate (Pty) Ltd
Email: gigevate@gmail.com

Thank you for entrusting Gigevate with your information. We are dedicated to maintaining the privacy and security of your data as we continue to provide innovative marketing solutions for the electronic music industry.

home

Contact info

  • 061 507 0281
  • GIGEVATE@GMAIL.COM​
Instagram Facebook Linkedin Tiktok

© COPYRIGHT 2025 GIGEVATE (Pty) Ltd. ALL RIGHTS RESERVED.

GIGEVATE@GMAIL.COM​