Last updated: 15th April 2026

Privacy Policy

This Privacy Policy explains how SoloFlo (“we”, “us”, “our”) collects, uses, and protects personal data when you use our platform. We are committed to handling your data responsibly and in accordance with the UK General Data Protection Regulation (UK GDPR), the General Data Protection Regulation (EU GDPR) where applicable, and the Data Protection Act 2018.

1. Who we are

SoloFlo Ltd is the data controller for personal data collected through this platform. Company number: 17092626.

2. What data we collect

—Name, artist name, and email address
—Booking information, event details, fees and contract terms
—Calendar availability and regional availability settings
—Guestlist data entered for bookings
—Payment and billing information (processed securely by Stripe — we do not store card details)
—Technical data: IP address, browser type, device information, and usage data

From promoters and bookers

From promoters and bookers (third parties named in bookings): name and email address as entered when creating a booking, event details and booking correspondence, payment status related to deposit and invoice transactions, and invoicing details (business name, address, VAT number) submitted via the deposit payment flow. Where a promoter has previously submitted invoicing details through SoloFlo, these may be pre-filled automatically in future bookings associated with the same email address to reduce friction in the payment process.

If you are a promoter who has interacted with SoloFlo — whether by submitting a booking request, completing a deposit payment, or having a booking created on your behalf — you may contact us at privacy@soloflo.co to exercise your data rights, including requesting deletion of your invoicing details.

3. How we use your data

We use your data to:

—Facilitate bookings, contracts, deposit requests and invoices between DJs/agencies and promoters. Lawful basis: performance of a contract (Article 6(1)(b)).
—Send transactional emails related to your bookings (contracts, deposit requests, invoices, booking confirmations). Lawful basis: performance of a contract.
—Process payments via Stripe. Lawful basis: performance of a contract.
—Operate and improve the SoloFlo platform. Lawful basis: legitimate interests — specifically, maintaining and improving a reliable service for our users.
—Comply with legal obligations. Lawful basis: legal obligation (Article 6(1)(c)).
—Pre-fill invoicing details for returning promoters based on previously submitted booking information, to reduce friction in the payment process. Lawful basis: legitimate interests — specifically the legitimate interest of all parties in a smooth and efficient booking and payment experience.

4. Email open tracking

When SoloFlo sends transactional emails on behalf of our users — including deposit requests, invoices and booking contracts — these emails may contain a standard tracking pixel.

This allows the sender (your DJ or agency) to see when the email has been opened.

We use this data solely to help artists and agencies manage their bookings professionally — for example, knowing whether an invoice has been viewed helps them follow up appropriately.

This tracking is limited to transactional emails related to a booking you have entered into. We do not use this data for marketing profiling or share it with third parties.

Our lawful basis for this processing is legitimate interests — specifically the legitimate interest of the DJ or agency in knowing whether an important financial document has been received and viewed.

If you would prefer your emails not to be tracked, you can disable image loading in your email client, or contact us at privacy@soloflo.co to request a tracking opt-out.

5. Sharing your data

We only share your data:

If you are based in the EU and have questions about how your data is handled, contact privacy@soloflo.co.

—Between booking parties — DJ/agency and promoter details are shared as part of the booking process
—With payment processors — Stripe processes payment data securely on our behalf
—With service providers: Stripe (payment processing), Supabase (database and authentication), DocuSeal (contract e-signature), Zeptomail by Zoho (transactional email), Vercel (platform hosting), Tally (forms)
—If required by law — we will disclose data if legally obliged to do so

6. Data retention

We retain your data for as long as your account is active and for a reasonable period afterwards to comply with legal and financial record-keeping obligations.

—Account data — retained for the duration of your account plus 2 years after closure
—Booking and contract records — retained for 7 years to comply with financial record-keeping requirements
—Promoter data (entered by DJs/agencies) — retained for the same period as the associated booking record (7 years) or until the promoter requests deletion, whichever is sooner
—Email tracking data — retained for 12 months
—Technical/log data — retained for 90 days

7. International data transfers

Some of our service providers (including Supabase on AWS and Vercel) may process data outside the UK or EEA. Where this occurs, we ensure appropriate safeguards are in place in accordance with UK GDPR requirements, including Standard Contractual Clauses where applicable.

8. Cookies and tracking

We use cookies on our platform to:

We do not currently use any third-party analytics or tracking cookies. If this changes, we will update this policy and implement a cookie consent mechanism for non-essential cookies.

—Keep you logged in during your session
—Remember your preferences

9. Your rights

Under UK GDPR and EU GDPR (where applicable) you have the right to:

You also have the right to lodge a complaint with the Information Commissioner’s Office (ico.org.uk) or, if you are based in the EU, your local data protection authority.

—Access your personal data
—Correct inaccurate data
—Delete your data (right to erasure)
—Restrict how we process your data
—Object to processing based on legitimate interests
—Data portability — receive your data in a portable format

10. Security

We use industry-standard security measures including encryption in transit (TLS) and secure database hosting via Supabase. Payment data is handled entirely by Stripe and is never stored on our servers.

While we take all reasonable steps to protect your data, no method of transmission over the internet is 100% secure.

In the event of a personal data breach that poses a risk to your rights, we will notify the relevant supervisory authority within 72 hours and inform affected individuals without undue delay, in accordance with applicable data protection law.

11. Changes to this Policy

We may update this Privacy Policy from time to time. The latest version will always be available at soloflo.co/privacy. We will notify active users of significant changes by email.

12. Data Protection Complaints

If you believe we have not handled your personal data in accordance with applicable data protection law, you have the right to raise a complaint directly with us before contacting the Information Commission (formerly the ICO).

To raise a complaint, please email us at support@soloflo.co with the subject line "Data Protection Complaint". We will acknowledge your complaint within 30 days and take appropriate steps to investigate and respond.

You also retain the right to lodge a complaint with the Information Commission at any time: ico.org.uk/make-a-complaint

13. Contact

For any privacy-related questions or requests:

Email: privacy@soloflo.co

SoloFlo Ltd, United Kingdom

Home Terms & Conditions Help Log in