SmartGig privacy policy

Last updated 1 July 2026

1. Who we are

SmartGig is a software platform for event organisers, operated by Positive Climb LTD ("we", "us", or "our"). This privacy policy explains how we collect, use, share, retain, and protect personal information when you use smartgig.co.uk, the SmartGig platform, and the SmartGig Scanner mobile app.

  • For account, billing, support, website, security, and product usage information, Positive Climb LTD is the data controller.
  • When an organiser uses SmartGig to manage event participants, applications, compliance documents, payments, messages, or check-ins, the organiser is usually the data controller and we process that data on their behalf.
  • If your information was collected for a specific event, you can contact the organiser directly. We will also help organisers respond to privacy requests where we act as their processor.

2. What information we collect

We collect information you provide directly, information entered by organisers and team members, and information created when SmartGig is used to manage events.

  • Account and organisation information: your name, email address, organisation name, role, permissions, and login details when you register or join a workspace.
  • Billing information: payment method details processed securely via Stripe (we do not store card numbers).
  • Event and participant data: information entered about events, applications, attendees, traders, suppliers, compliance documents, invoices, payments, messages, tickets, site plans, stage schedules, transport plans, and related details.
  • Scanner app information: scanner names, app labels, selected events, and the signed-in user or scanner code used to access the app.
  • Check-in information: the event, participant pass, scan time, check-in result, duplicate status, manual check-in or override status, and the scanner or user who completed the action.
  • Service and security information: device, browser, IP address, log, diagnostic, and usage information needed to keep the website, platform, and app secure and working properly.
  • Communications: messages sent through the platform, contact forms, support channels, or email.

3. Where information comes from

We may receive personal information from you, from the organisation or event team that invited you to SmartGig, from event participants who submit forms or portal updates, and from service providers such as payment, email, hosting, storage, and security providers.

4. How we use your information

We use personal information to provide SmartGig, keep the service secure, and help organisers run their events.

  • To create and manage your account and organisation.
  • To deliver the features requested by organisers, including applications, ticketing, compliance, payments, communications, site plans, transport planning, stage schedules, and event-day check-ins.
  • To process payments, subscriptions, invoices, receipts, and refunds.
  • To send service messages such as application confirmations, payment reminders, compliance alerts, security messages, and account notifications.
  • To allow authorised staff to use the Scanner app at events.
  • To validate participant passes, mark attendance, and help prevent duplicate check-ins.
  • To support manual check-ins or organiser-approved overrides where needed.
  • To keep an audit history of event-day actions for organiser accountability.
  • To provide customer support.
  • To monitor, troubleshoot, improve, and develop the service.
  • To comply with legal obligations.

5. Lawful basis

Where Positive Climb LTD acts as data controller, we rely on the lawful basis that fits the reason for processing.

  • Contract: to provide SmartGig, manage accounts, deliver support, and process subscriptions or service payments.
  • Legitimate interests: to keep the service secure, prevent misuse, improve the platform, maintain records, and communicate with business users about the service.
  • Legal obligation: to keep accounting, tax, security, and compliance records where required by law.
  • Consent: where we specifically ask for consent, such as optional marketing preferences. You can withdraw consent at any time.

6. Data sharing

We do not sell personal data. We share personal data only where needed to provide SmartGig, support an organiser, protect the service, or comply with the law.

  • Organisers and authorised workspace users can access the event and participant data they are permitted to manage.
  • Trusted service providers help us operate SmartGig, including Stripe for payments, Cloudflare for security and delivery, Google Analytics for aggregate website measurement, hosting and storage providers, email or messaging providers, and app distribution platforms where needed for the mobile app.
  • Professional advisers, regulators, courts, law enforcement, or public authorities may receive information where required or permitted by law.
  • We do not use the Scanner app for advertising tracking.
  • Service providers must protect personal data and process it only for agreed purposes.

7. International transfers

Some providers that support SmartGig may process personal data outside the UK. Where this happens, we use appropriate safeguards such as UK adequacy regulations, the UK International Data Transfer Agreement, the UK Addendum to EU standard contractual clauses, or another lawful transfer mechanism.

8. SmartGig Scanner mobile app

SmartGig Scanner is used by authorised event staff to check participants in at events. It is an event operations tool and is not used for advertising or general device monitoring.

  • The app uses the device camera only to read QR codes. We do not upload or store camera images or video.
  • We do not access phone contacts, photo libraries, precise device location, advertising identifiers, or background tracking data through the Scanner app.
  • The app sends check-in information to SmartGig so organisers can see who has arrived, spot duplicate scans, and review manual check-ins or overrides.
  • Manual searches are used only to help event staff find the right participant for check-in.
  • The app may store sign-in details, the selected event, scanner label, and display preferences on the device so it can stay signed in and reopen the correct event.
  • If a scanner code is revoked or a user loses access, the app will no longer be able to use that session.

9. Data retention

We keep personal data only for as long as it is needed for the purposes described in this policy, unless a longer period is required for legal, accounting, security, backup, or dispute-resolution reasons.

  • Account and organisation data is kept while the account is active.
  • Event, participant, and check-in data is retained as operational event history for the organiser, including attendance, duplicate scan, manual check-in, and override history.
  • If an account is closed, we will delete or anonymise personal data within 90 days unless we need to retain it for legal, accounting, security, backup, or dispute-resolution reasons.
  • Event and participant data can be exported before account closure, subject to account permissions.
  • Scanner app sessions can expire or be revoked. Local app sign-in data is cleared when a user signs out or when access is rejected.

10. Your rights

Under UK GDPR, you may have the right to access, correct, delete, restrict, object to, or receive a portable copy of your personal data. You may also have the right to withdraw consent where processing is based on consent.

  • To exercise your rights for SmartGig account, billing, support, website, or security data, contact us at [email protected].
  • For event-specific data controlled by an organiser, contact the organiser first. We will support the organiser where we process that data on their behalf.
  • You also have the right to complain to the Information Commissioner's Office if you are unhappy with how a data protection concern is handled.
  • Some rights depend on the reason we process the data and may be limited by law.

11. Cookies and app storage

We use essential cookies on the website to keep you logged in, maintain your session, and protect sign-in. We also use Google Analytics to understand which pages help event teams find the right SmartGig module, using aggregate website measurement. We do not use advertising cookies or remarketing pixels.

You can control browser cookies through your browser settings. The SmartGig Scanner app uses local device storage, including secure storage where supported, to keep the app signed in and remember settings such as selected event, scanner label, and theme preference. You can clear app data by signing out or removing the app from your device.

12. Security

We take the security of your data seriously. Data is encrypted in transit and protected using access controls, two-factor authentication options, scanner-code revocation, audit logs, rate limiting, and regular security reviews. Revoked scanner codes and deactivated user accounts cannot continue using the Scanner app.

13. Automated decision-making

SmartGig is not used by Positive Climb LTD to make solely automated decisions about individuals that have legal or similarly significant effects. The platform may show operational statuses, alerts, calculations, or duplicate check-in warnings to help organisers manage events, but organisers remain responsible for decisions about their participants and events.

14. Changes to this policy

We may update this privacy policy from time to time. We will update the date on this page and, where changes are significant, notify affected users by email or through the platform before the changes take effect.

15. Contact

If you have any questions about this privacy policy or how we handle personal data, contact Positive Climb LTD at [email protected].

Questions about this policy? Email [email protected] .