Privacy Policy

Giantticket.world

Last updated: 11/08/25

1. Introduction

Welcome to Giantticket.world. 

This Privacy Policy explains how we collect, use, share, and protect your personal information when you access or use our platform, whether as a buyer, a freelancer (seller), or a visitor. By using our platform, you acknowledge that you have read and understood this Privacy Policy.

We operate a global online marketplace that connects buyers with freelancers offering digital services. This policy applies to all users worldwide and addresses the requirements of applicable data protection legislation, including the UK General Data Protection Regulation (UK GDPR), the EU General Data Protection Regulation (EU GDPR), the California Consumer Privacy Act (CCPA), and other relevant laws.

We may update this Privacy Policy from time to time. Where we make material changes, we will notify you by email or through a prominent notice on the platform at least thirty days before the changes take effect. Your continued use of the platform after that date constitutes acceptance of the updated policy.

2. Information We Collect

We collect information that you provide directly, information generated through your use of the platform, and information obtained from third parties.

Information you provide: When you register an account, you provide your name, email address, username, and password. Depending on whether you register as a buyer or freelancer, you may also provide a profile photo, a description of your services, portfolio samples, skills, languages spoken, country of residence, and business or tax identification details.

Payment and billing information: When you make or receive payments through the platform, we collect billing details, payment method information, and invoicing data. Full payment card details (card number, CVV) are never stored on our servers. These are processed exclusively by our PCI-DSS-certified payment service providers.

Communications: We collect the content of messages exchanged between buyers and freelancers through our internal messaging system, files shared in connection with orders, and any correspondence you have with our support team.

Information collected automatically: When you use the platform, we automatically collect technical data including your IP address, browser type and version, operating system, device identifiers, pages visited, time spent on pages, referring and exit URLs, clickstream data, and cookie identifiers.

Information from third parties: If you choose to register or sign in using a third-party service such as Google, Facebook, or Apple, we receive your name, email address, and profile information as permitted by that service. We may also receive transaction confirmation data from our payment service providers.

3. How We Use Your Information

We use the information we collect for the following purposes:

To operate and maintain the platform, including creating and managing your account, facilitating transactions between buyers and freelancers, processing payments and refunds, and operating our escrow system whereby funds are held until the buyer approves delivery.

To enable communication between buyers and freelancers in connection with orders, and to provide customer support.

To manage disputes between buyers and freelancers, including mediation, investigation, and resolution of claims and refund requests.

To protect the safety and security of the platform, including detecting and preventing fraud, abuse, and unauthorised access.

To comply with our legal and regulatory obligations, including tax reporting, anti-money laundering requirements, and responses to lawful requests from authorities.

To send you transactional notifications about your account, orders, and deliveries.

To send you marketing communications where you have given your consent or where we have a legitimate basis to do so. You can opt out of marketing communications at any time by using the unsubscribe link in any email or updating your notification preferences in your account settings.

To analyse usage trends, measure the effectiveness of our platform, and improve our services through aggregated and anonymised data.

4. Information Shared Between Buyers and Freelancers

The platform facilitates interaction between users. In this context, certain information is made visible to the other party.

What buyers can see about freelancers: Username, profile photo, service descriptions, portfolio, ratings and reviews, country of residence, and average response time. A freelancer's email address, full legal name, and financial information are never disclosed to buyers.

What freelancers can see about buyers: Username, order details, project requirements, and messages exchanged within the order. A buyer's email address, personal contact details, and payment information are never disclosed to freelancers.

Information accessible during disputes: If a dispute arises, our resolution team may review messages exchanged between the parties, shared files, order history, and relevant payment information in order to reach a fair outcome.

5. Payments and Financial Data

Payments on the platform are processed by our third-party payment service provider, which is PCI-DSS certified. We do not store your full card details. We retain only a transaction reference, the amount, the date, and the last four digits of your payment card for record-keeping purposes.

When a buyer places an order, funds are held in escrow by the platform. Funds are released to the freelancer only after the buyer approves the delivery, or after the review period expires without a dispute being raised. In the event of a dispute, funds remain in escrow until the matter is resolved.

Billing and invoicing records are retained for the period required by applicable tax and commercial legislation in the relevant jurisdiction.

6. Cookies and Similar Technologies

We use cookies and similar tracking technologies to operate the platform, remember your preferences, and analyse how our services are used. We categorise cookies as follows:

Strictly necessary cookies: Required for the platform to function, including authentication, security, and session management. These do not require your consent.

Analytical cookies: Used to measure traffic, usage patterns, and the effectiveness of our platform. These are placed only with your consent.

Advertising and personalisation cookies: Used to deliver content and promotions relevant to your interests. These are placed only with your consent.

You can manage your cookie preferences at any time through the cookie settings link in the footer of the platform. You can also configure your browser to refuse some or all cookies. Note that disabling certain cookies may affect the functionality of the platform.

7. Who We Share Your Information With

We share your information only with the categories of recipients necessary to operate the platform and fulfil our obligations.

Payment service providers, for the processing of financial transactions. Hosting and infrastructure providers, for the secure storage and processing of data. Fraud prevention and spam detection services, for the safety and integrity of the platform. Analytics providers, for the measurement and improvement of our services (subject to your cookie consent where applicable). Professional advisers, including lawyers, auditors, and insurers, where necessary for the operation of our business. Law enforcement and regulatory authorities, where required by law, court order, or in connection with legal proceedings.

We do not sell your personal information to third parties for marketing or advertising purposes.

8. International Data Transfers

Our servers are located in the United States. If you are located outside the United States, your information will be transferred to and processed in the United States and potentially other jurisdictions where our service providers operate. Where your information is transferred outside of the UK, the EU, or the EEA, we ensure that appropriate safeguards are in place, including standard contractual clauses approved by the European Commission or the UK Information Commissioner's Office, or reliance on an adequacy decision, as applicable.

9. How Long We Keep Your Information

Active accounts: Your information is retained for as long as your account remains active.

Inactive accounts: If your account has been inactive for three years, we will notify you by email before taking steps to delete your personal information, unless we are legally required to retain it.

Deleted accounts: Following account deletion, your personal information is erased within thirty days, except for data we are required to retain under applicable law. Billing and invoicing records are retained for the period mandated by tax and commercial legislation in the relevant jurisdiction. Connection and access logs are retained for one year.

Order-related messages and files: Retained for the duration of the account and deleted within thirty days of account deletion, unless a dispute is ongoing.

Dispute records: Retained for five years from the date of resolution.

Cookie data: Session cookies are deleted when you close your browser. Persistent cookies are retained for a maximum of twenty-four months.

10. Your Rights

Depending on where you are located, you may have some or all of the following rights in relation to your personal information.

Right of access: You may request confirmation of whether we process your personal information and obtain a copy of it.

Right to rectification: You may request correction of inaccurate or incomplete personal information.

Right to erasure: You may request deletion of your personal information, subject to our legal retention obligations.

Right to restrict processing: You may request that we limit the processing of your personal information in certain circumstances.

Right to data portability: You may request your personal information in a structured, commonly used, and machine-readable format, and have it transmitted to another controller.

Right to object: You may object to the processing of your personal information where that processing is based on our legitimate interests, including profiling.

Right to withdraw consent: Where processing is based on your consent, you may withdraw it at any time without affecting the lawfulness of processing carried out before withdrawal.

To exercise any of these rights, contact us using the details in Section 15 below. We will respond within one month. If we are unable to comply with your request, we will inform you of the reasons.

For users in the European Union and the United Kingdom: You have the right to lodge a complaint with your local supervisory authority. In the UK, this is the Information Commissioner's Office (ico.org.uk). In the EU, you may contact the data protection authority in your member state.

For users in California: Under the CCPA, you have the right to know what personal information we collect, the right to request deletion, the right to opt out of the sale of personal information (we do not sell personal information), and the right to non-discrimination for exercising your privacy rights.

For users in Brazil: Under the LGPD, you have the right to access, correct, anonymise, block, or delete your personal data, and the right to data portability. You may contact the ANPD (Autoridade Nacional de Proteção de Dados) with any complaints.

For users in Canada: Under PIPEDA, you have the right to access your personal information held by us, to challenge its accuracy, and to withdraw consent for certain processing. You may file a complaint with the Office of the Privacy Commissioner of Canada.

11. Security

We implement the following technical and organisational measures to protect your information:

SSL/TLS encryption across the entire platform. Secure password hashing. Access to personal data restricted to authorised personnel bound by confidentiality obligations. Regular backups and redundant storage. Continuous monitoring for intrusion detection and suspicious activity. Periodic security testing and audits.

No system is completely secure. While we take all reasonable steps to protect your information, we cannot guarantee absolute security.

12. Data Breach Procedures

In the event of a personal data breach that poses a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours of becoming aware of the breach, as required by applicable law.

Where the breach is likely to result in a high risk to your rights and freedoms, we will notify you without undue delay by email and/or notification on the platform, describing the nature of the breach, the likely consequences, the measures taken to address it, and recommendations for protecting your information.

13. Children

The platform is not intended for anyone under the age of 18. We do not knowingly collect personal information from minors. If we become aware that we have collected information from a person under 18, we will delete that information promptly.

14. Third-Party Services

The platform may contain links to or integrations with third-party websites, applications, and services that are not owned or controlled by us. We are not responsible for the privacy practices of those third parties. We encourage you to review the privacy policies of any third-party service you interact with through or in connection with the platform.

15. Contact Us

If you have any questions about this Privacy Policy, wish to exercise your rights, or need to report a concern, you can reach us through the contact form on our website or by writing to us at the address listed on our contact page.