Privacy Policy

Last Update: September 11, 2024

1. Introduction

This Privacy Policy explains how Stefan Humm, the owner of Weddy ("we," "our," or "us"), collects, uses, and discloses information through Weddy (the "App") and the associated website (the "Website").

By using the App or the Website, you consent to the practices described in this Privacy Policy. This page serves to inform visitors of our policies regarding the collection, use, and disclosure of personal information for those who choose to use our service.

If you choose to use our service, you agree to the collection and use of information in accordance with this policy. The personal information we collect is used to provide and improve the service. We will not use or share your information with anyone except as described in this Privacy Policy.

2. What Information do we collect?


2.1 Personal Information you disclose to us

In Short: We collect personal information that you or people contributing to your wedding plan provide to us.

We collect personal information that you voluntarily provide to us when you register on the Services, express an interest in obtaining information about us or our products and Services, when you participate in activities on the Services, or otherwise when you contact us. This includes, but is not limited to:

  • Your fullname
  • Gender
  • E-Mail address
  • Profile image
  • Payment Information
  • User content, for example, relationship information you submit publicly, photographs you upload (which can include Personal Data if you include Personal Data in such content)
  • All event data you upload to the Services (which can include Personal Data if you include Personal Data in such content), such as information about your events, attendees, customers, vendors contacts, fees and venues
  • All wedding plan data / information


In addition, users have the ability to create guest profiles or invited guests can add themselves by providing personal information including, but not limited to:

  • Fullname
  • Gender
  • E-Mail address
  • Phone number
  • Generation (Child, Adult, Senior)
  • Address


Sensitive Information. We may collect and process sensitive personal information, which includes, but is not limited to:

  • Allergies
  • Disabilities


Payment Information. In the case of in-app payments, payment is made via RevenueCat Inc., 300 Euclid Avenue San Francisco, CA 94118, USA. to whom we pass on the information you provided during the ordering process together with the information about your order. Your data will be passed on in accordance with Article 6 Paragraph 1 Letter b GDPR exclusively for the purpose of payment processing and only to the extent that it is necessary for this. We have concluded an order processing contract with RevenueCat Inc., with which we oblige the provider to protect the data of the app users and not to pass it on to third parties. Further information on data protection by RevenueCat can be found here: https://www.revenuecat.com/privacy


All personal information that you provide to us must be true, complete, and accurate, and you must notify us of any changes to such personal information.


2.2 Information automatically collected

In Short: Some information — such as your Internet Protocol (IP) address and/or browser and device characteristics — is collected automatically when you visit our Services.

We automatically collect certain information when you visit, use, or navigate the Services. This information does not reveal your specific identity (like your name or contact information) but may include device and usage information, such as your IP address, browser and device characteristics, operating system, language preferences, referring URLs, device name, country, location, information about how and when you use our Services, and other technical information. This information is primarily needed to maintain the security and operation of our Services, and for our internal analytics and reporting purposes. Like many businesses, we also collect information through cookies and similar technologies.

Examples of the information we collect include:

  • IP address
  • Web browser information
  • Page view statistics
  • Language
  • Transaction information (e.g. transaction amount, date and time such transaction occurred)
  • Cookies (e.g. for session tracking and ad serving)
  • Location information (e.g. IP address, gsp coordinates, zip codes)
  • Log data (e.g. access times, user agent, IP Address, API calls)


2.3 Information we receive from third party sources

In Short: We receive Personal Data about you from third parties such as service providers, vendors, and advertising partners, including information from your public profiles on third-party services, data you provide to vendors, and marketing-related information.

Some third parties such as service providers and vendors and business that use the Services, provide us with Personal Data about you, such as the following:

  • Account information for third party services: If you interact with a third party service when using our Services, such as if you use a third party service to log-in to our Services (e.g., Google), or if you share content from our Services through a third party social media service, the third party service will send us information about you, such as information from your public profile, if the third party service and your account settings allow such sharing. The information we receive will depend on the policies and your account settings with the third party service.
  • Information from vendors using the Services: If you provide your information to vendors or businesses using the Services, we will receive and store that information for use with that vendor and the events and services offered by such vendor or business.
  • Information from our advertising partners: We receive information about you from some of our service providers who assist us with marketing or promotional services related to how you interact with our websites, applications, products, services, advertisements or communications.

3. Where do we store your information?

We use a third-party service called Supabase as our database provider and its additional features to store your information. For further details on Supabase's privacy policy, please refer to the following links:

4. How do we use your information?

We process the collected data to operate, improve, understand and personalize our Services. For example, we use the data to:

  • To manage user accounts and provide our services.
  • To allow users to create guest profiles or allow guests to add themselves using our RSVP feature.
  • To enhance the user experience and improve our services.
  • To communicate with you, including sending necessary emails.
  • To personalize content and recommendations.
  • To manage budgeting and financial planning for events.
  • To coordinate with vendors and track vendor performance.
  • To manage task lists and timelines
  • To ensure the security of our users by detecting and preventing fraud or unauthorized activities.
  • To gather analytics and insights to optimize our app.
  • To comply with applicable laws and regulations.
  • To provide customer support and address user inquiries.
  • To enable social sharing and interactions among guests.
  • To offer promotions or discounts and inform users about special offers.
  • To store and manage event photos, videos, and other media.

5. When and with whom do we share your personal information?


In Short: We may share information in specific situations described in this section and/or with the following third

We may need to share your personal information in the following situations:

  • Business Transfers. We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.
  • Affiliates. We may share your information with our affiliates, in which case we will require those affiliates to honor this Privacy Notice. Affiliates include our parent company and any subsidiaries, joint venture partners, or other companies that we control or that are under common control with us.
  • Business Partners. We may share your information with our business partners to offer you certain products, services, or promotions.
  • AI Features. Our application incorporates advanced AI-powered features ("AI Features") to enhance your experience and provide sophisticated functionalities, such as
    • analyzing guest information
    • drafting personalized guest communications
    . These AI Features are powered by technology from OpenAI, L.L.C. ("OpenAI") via their Application Programming Interface (API).

    How Your Information is Used with AI Features:

    To enable the functionality of our AI Features, we process information in the following ways:

    1. Your Input:

      When you interact with an AI Feature, the text, prompts, queries, or other content you directly input into the feature ("User Input") is sent to OpenAI for processing to generate a response or perform the requested task. We recommend you avoid including any sensitive personal data in your User Input that is not strictly necessary for the feature's operation.

    2. Information We Provide to the AI from Our Systems:

      To ensure the AI Features can provide relevant, contextual, and personalized outputs, we may also send certain personally identifiable information (PII) that is already stored in our system about you or your guests alongside your User Input to OpenAI. This information may include, but is not limited to:

      • Guest names
      • Guest phone numbers
      • Guest addresses
      • Guest email addresses

      This stored PII is provided to OpenAI solely for the purpose of enabling the AI Feature to perform its designated task for you (e.g., Using AI features to provide personalized wedding content, etc.). We only send the minimum PII necessary for the AI Feature to function effectively.

    OpenAI's Role and Data Handling:

    • OpenAI acts as a data processor on our behalf for the data submitted through their API for these AI Features.
    • Important Note on OpenAI's Data Use: In accordance with OpenAI's API data usage policies, data submitted by us to the OpenAI API is not used by OpenAI to train or improve their AI models or services.
    • Your interaction with these AI Features and the data processed by OpenAI are also subject to OpenAI's policies. We encourage you to review OpenAI's Privacy Policy (https://openai.com/privacy) and their API Data Usage Policies for a complete understanding of their practices.

    Your Consent:

    Your privacy and trust are paramount.

    • By choosing to use our AI Features, you explicitly acknowledge and consent to the practices described in this section.
    • Specifically, you consent to:
      • The transmission of your User Input to OpenAI.
      • The transmission of the specified categories of stored PII (as listed above) from our systems to OpenAI, for the purposes of enabling the functionality of the AI Features you choose to use.
    • We will seek your explicit consent before you first use any AI Feature that involves the transmission of your stored PII to OpenAI. This consent will be separate from your general acceptance of our overall Privacy Policy and Terms of Service. You will have the option not to use these AI Features if you do not wish for your data to be processed in this manner.

    Data Security:

    We implement reasonable technical and organizational measures to protect your data, including data transmitted to and from OpenAI. OpenAI also maintains its own security measures to protect data processed through its API.

    Your Choices:

    You can choose not to use our AI Features if you do not agree with these data processing practices. If you have previously consented and wish to withdraw your consent for future processing by AI Features, please disable these features in your account settings. Please note that withdrawing consent may limit your ability to use certain AI-powered functionalities within our application.

6. Is your information transferred internationally?


In Short: We may transfer, store, and process your information in countries other than your own.

Our servers are located in the United States. If you are accessing our Services from outside, please be aware that your information may be transferred to, stored by, and processed by us in our facilities and in the facilities of the third parties with whom we may share your personal information (see "When and with whom do we share your personal information?" above), in and other countries.

If you are a resident in the European Economic Area (EEA), United Kingdom (UK), or Switzerland, then these countries may not necessarily have data protection laws or other similar laws as comprehensive as those in your country. However, we will take all necessary measures to protect your personal information in accordance with this Privacy Notice and applicable law.

7. How long do we keep your information?


In Short: We keep your information for as long as necessary to fulfill the purposes outlined in this Privacy Notice unless otherwise required by law.

We will only keep your personal information for as long as it is necessary for the purposes set out in this Privacy Notice, unless a longer retention period is required or permitted by law (such as tax, accounting, or other legal requirements).

When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize such information, or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.

8. Do we collect information from minors?


In Short: We do not knowingly collect data from or market to children under 18 years of age.

We do not knowingly collect, solicit data from, or market to children under 18 years of age, nor do we knowingly sell such personal information. By using the Services, you represent that you are at least 18 or that you are the parent or guardian of such a minor and consent to such minor dependent's use of the Services. If we learn that personal information from users less than 18 years of age has been collected, we will deactivate the account and take reasonable measures to promptly delete such data from our records. If you become aware of any data we may have collected from children under age 18, please contact us at support(at)weddy.app with documentation relating to the account/user in question immediately.

9. What are your privacy rights?


In Short: You may review, change, or terminate your account at any time, depending on your country, province, or state of residence.

Withdrawing your consent: If we are relying on your consent to process your personal information, which may be express and/or implied consent depending on the applicable law, you have the right to withdraw your consent at any time. You can withdraw your consent at any time by contacting us by using the contact details provided in the section "How can you contact us about this policy?" below.

However, please note that this will not affect the lawfulness of the processing before its withdrawal nor, when applicable law allows, will it affect the processing of your personal information conducted in reliance on lawful processing grounds other than consent.

9.1 Account Information

If you would at any time like to review or change the information in your account or terminate your account, you can: Upon your request to terminate your account, we will deactivate or delete your account and information from our active databases. However, we may retain some information in our files to prevent fraud, troubleshoot problems, assist with any investigations, enforce our legal terms and/or comply with applicable legal requirements.

10. Controls for Do-Not-Track features

Most web browsers and some mobile operating systems and mobile applications include a Do-Not-Track ("DNT") feature or setting you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected. At this stage, no uniform technology standard for recognizing and implementing DNT signals has been finalized. As such, we do not currently respond to DNT browser signals or any other mechanism that automatically communicates your choice not to be tracked online. If a standard for online tracking is adopted that we must follow in the future, we will inform you about that practice in a revised version of this Privacy Notice.

11. Do we make updates to this policy?

We may update this Privacy Notice from time to time. The updated version will be indicated by an updated "Revised" date at the top of this Privacy Notice. If we make material changes to this Privacy Notice, we may notify you either by prominently posting a notice of such changes or by directly sending you a notification. We encourage you to review this Privacy Notice frequently to be informed of how we are protecting your information.

12. How can you review, update, or delete the data we collect?

Based on the applicable laws of your country, you may have the right to request access to the personal information we collect from you, details about how we have processed it, correct inaccuracies, or delete your personal information. You may also have the right to withdraw your consent to our processing of your personal information. These rights may be limited in some circumstances by applicable law. To request to review, update, or delete your personal information, please contact us using the method described in the "How can you contact us about this policy?" section below.

13. How can you contact us about this policy?

If you have questions or comments about this policy, you can contact us through the contact form on our website or by email at support(at)weddy.app.