Privacy Policy

Gigtick · Last updated June 29, 2026

This privacy policy explains how the Gigtick iOS app handles your data.

What we collect

Nothing personal. Gigtick does not require an account, does not have user profiles, and does not collect any personally identifying information.

All concerts, photos, videos, and notes you add to the app are stored in the system's standard SwiftData and Photos containers on your device and — when you are signed in to iCloud — synced across your own devices through Apple's private CloudKit database (see Cloud sync below). Nothing is ever uploaded to our servers.

Photo and video access

Gigtick can read your Photos library if you grant permission, for two purposes:

  1. Smart Import — finds candidate past-concert clusters in your library by analysing photo metadata (date, location, scene) entirely on your device using Apple Vision. No images leave your device.
  2. Adding media to a concert — when you pick a photo or video for a concert, Gigtick stores a reference (localIdentifier) back to the original asset in your Photos library. The bytes stay in Photos; the app sandbox does not duplicate them.

Calendar access

If you choose to add a concert to your calendar, Gigtick asks for permission to write to your Calendar and creates a single event for that show (title, date, and venue). The app only writes the events you ask it to create. It does not read, scan, or upload your other calendar events, and nothing about your calendar leaves your device.

Apple Music

If you grant Apple Music access, Gigtick uses Apple's on-device MusicKit framework to:

  1. Search the Apple Music catalog — to help you pick the right artist when adding a concert, and to load a curator-written artist biography when one exists.
  2. Build a setlist playlist — when you ask it to, the app creates a new playlist in your Apple Music library containing the songs from a concert's setlist. This requires an active Apple Music subscription and writes only to your own library.

These requests are handled by Apple under your own Apple ID and are subject to Apple's privacy policy. Gigtick does not receive or store your Apple ID, and we do not see your library.

Network requests

To enrich the concerts you add, Gigtick looks up public music data. The only thing ever sent in these requests is the artist name, event, or setlist you are looking at — never your identity, your concert history, your photos, or a device identifier. Lookups happen two ways:

1. Through our proxy

Some sources are reached through a single backend service we host on Cloudflare Workers (https://gig1-api.qubbo.workers.dev). It is a thin, anonymous proxy: it forwards the query, holds the API keys so the app doesn't have to, and adds caching headers so the same query is served from the edge for everyone. Your device's IP is not exposed to these sources.

SourceWhat we ask forWhy
SpotifyArtist search, artist images, community playlists and tracksPicking the right artist when you add a concert, linking to a fan-made setlist playlist
Setlist.fmPast setlists, tour info, MusicBrainz artist IDsShowing the songs played at the concert you attended
TicketmasterUpcoming events and attractions for an artistSuggesting concerts when you add one to your wishlist

2. Directly from your device

A few sources are queried straight from the app, without going through our proxy. As with any direct web request, your device's IP address is visible to these services. The app sends only the artist name and a generic User-Agent identifying Gigtick; no account or device identifier is attached.

SourceWhat we ask forWhy
WikipediaPublic article summariesShort biography on the artist detail screen
DiscogsPublic artist profile textBiography fallback for artists Wikipedia doesn't cover
MusicBrainzArtist genresTagging the artist with their style

All requests are sent over HTTPS. No analytics, ad, or attribution SDKs are involved in any of them.

What is stored on our servers

Nothing user-specific. The Cloudflare Worker is stateless beyond the short-lived edge cache of the third-party responses. We do not log requests in a way that identifies individual users. No personal data, no concert history, no photos, no analytics.

Cloud sync

Gigtick syncs your data through your own private iCloud account using Apple's CloudKit. When you are signed in to iCloud, the concerts you add — along with their tickets, chosen cover photos, and your achievements — are kept in your personal iCloud private database and synced across the devices signed in to the same Apple ID, so you can pick up where you left off on another iPhone or iPad.

This data lives in your iCloud account, not on our servers. We cannot see it, and neither can anyone else — the private database is accessible only to you. If you are signed out of iCloud, or if CloudKit is unavailable, the app falls back to a local-only store on the device.

The original photos and videos you attach to a concert are not copied into iCloud by Gigtick — the app only stores a reference to them in your Photos library (see Photo and video access above). Those originals sync only if you have enabled iCloud Photos, which is Apple's own feature, separate from the app.

Tracking

Gigtick does not track you across apps or websites. No SDKs for ads, analytics, or attribution are included. The app does not request the App Tracking Transparency permission because nothing it does qualifies as tracking.

Third-party content

Setlists, tour data, artist information, and event listings shown in the app come from third-party services (Spotify, Setlist.fm, Ticketmaster, MusicBrainz, Wikipedia, Discogs, and Apple Music). The app links back to those services. Each is governed by its own terms; the app respects the published rate limits.

Children

Gigtick is not directed at children under 13. It does not collect data from any user.

Changes to this policy

If anything material changes (especially around what data leaves your device), this document will be updated and dated.

Contact

Questions? Email jakubko.babiak@gmail.com, or visit the Support page for help and FAQs.