Privacy Policy
Effective Date: December 2025Last Updated: December 2025
Table of Contents
Weddly ("Company," "we," "us," "our," or "Service") operates as a wedding photo gallery and media management platform. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit and use our Service, including our website and related applications.
We take your privacy seriously. This Privacy Policy applies to all information collected through our Service, regardless of how it is collected (online, offline, directly, or indirectly).
Please read this Privacy Policy carefully. If you do not agree with our policies and practices, please do not use our Service.
We take your privacy seriously. This Privacy Policy applies to all information collected through our Service, regardless of how it is collected (online, offline, directly, or indirectly).
Please read this Privacy Policy carefully. If you do not agree with our policies and practices, please do not use our Service.
2.1 Information You Provide Directly
Account Registration
When you create a Weddly account, we collect:
- Full name
- Email address
- Password (encrypted)
- Phone number (optional)
- Profile picture or avatar (optional)
- Billing address and payment information
Gallery and Media Information
When you create galleries and upload content, we collect:
- Gallery name, description, and slug
- Event date
- Cover images and media files
- Photos and videos uploaded by you or your guests
- Metadata associated with media (EXIF data, dimensions, timestamps)
- Captions and descriptions
- Gallery settings and configuration
Guest Information
When you invite guests to upload media, we collect:
- Guest name
- Guest email address (optional)
- Device identifiers (for tracking anonymous guest contributions)
- Guest comments and reactions to photos
- Upload activity logs
Payment Information
When you subscribe to a paid plan, we collect:
- Billing address
- Payment method details (credit card, debit card information)
- Billing history and transaction records
- Subscription preferences
Note: Payment information is processed by Stripe, our third-party payment processor. We do not store complete credit card numbers on our servers.
Communication
When you contact us, we collect:
- Email address
- Name
- Subject and content of your message
- Any attachments you provide
User Profile Information
- Customizable profile information you choose to provide
- Preferences and settings
- Support interactions and feedback
Consent Verification Data
When you provide consent for specific actions (such as changing a gallery URL, accepting terms, requesting data export, or deleting your account), we collect additional information to verify the authenticity of your consent and maintain a legally compliant audit trail:
- IP Address: To verify the geographic location and authenticity of the consent
- User Agent String: Browser type, version, operating system, and device information to identify the device used to provide consent
- Timestamp: The exact date and time consent was given
- Consent Context: Details about what you consented to (e.g., old and new values for URL changes)
- Consent Status: Whether consent was given or revoked
This information is collected under our legitimate interest in maintaining GDPR-compliant consent records and protecting both you and Weddly from fraudulent activity. Consent records are retained for 6 years to meet legal compliance requirements for demonstrating valid consent.
You can view your consent history in your account settings. This data is used solely for legal compliance and consent verification purposes and is not used for marketing or profiling.
When you create a Weddly account, we collect:
- Full name
- Email address
- Password (encrypted)
- Phone number (optional)
- Profile picture or avatar (optional)
- Billing address and payment information
Gallery and Media Information
When you create galleries and upload content, we collect:
- Gallery name, description, and slug
- Event date
- Cover images and media files
- Photos and videos uploaded by you or your guests
- Metadata associated with media (EXIF data, dimensions, timestamps)
- Captions and descriptions
- Gallery settings and configuration
Guest Information
When you invite guests to upload media, we collect:
- Guest name
- Guest email address (optional)
- Device identifiers (for tracking anonymous guest contributions)
- Guest comments and reactions to photos
- Upload activity logs
Payment Information
When you subscribe to a paid plan, we collect:
- Billing address
- Payment method details (credit card, debit card information)
- Billing history and transaction records
- Subscription preferences
Note: Payment information is processed by Stripe, our third-party payment processor. We do not store complete credit card numbers on our servers.
Communication
When you contact us, we collect:
- Email address
- Name
- Subject and content of your message
- Any attachments you provide
User Profile Information
- Customizable profile information you choose to provide
- Preferences and settings
- Support interactions and feedback
Consent Verification Data
When you provide consent for specific actions (such as changing a gallery URL, accepting terms, requesting data export, or deleting your account), we collect additional information to verify the authenticity of your consent and maintain a legally compliant audit trail:
- IP Address: To verify the geographic location and authenticity of the consent
- User Agent String: Browser type, version, operating system, and device information to identify the device used to provide consent
- Timestamp: The exact date and time consent was given
- Consent Context: Details about what you consented to (e.g., old and new values for URL changes)
- Consent Status: Whether consent was given or revoked
This information is collected under our legitimate interest in maintaining GDPR-compliant consent records and protecting both you and Weddly from fraudulent activity. Consent records are retained for 6 years to meet legal compliance requirements for demonstrating valid consent.
You can view your consent history in your account settings. This data is used solely for legal compliance and consent verification purposes and is not used for marketing or profiling.
2.2 Information Collected Automatically
Usage Data
- Pages visited and time spent
- Features used and interactions with the Service
- Gallery access patterns
- Download and export activities
- Search queries
- Clicks and mouse movements
- Referral sources
Device Information
- Device type, model, and operating system
- Browser type and version
- IP address and geolocation (approximate)
- Unique device identifiers
- Mobile advertising IDs
- Device settings
Cookies and Similar Technologies
- Session identifiers
- Authentication tokens
- User preferences
- Analytics data
- Advertising identifiers
Log Data
- Server logs containing IP addresses
- Access timestamps
- Browser type and language
- Pages accessed and referrer URLs
- Error logs and system events
Analytics
- Page views and session duration
- Feature usage patterns
- Conversion events
- User behavior flows
- Performance metrics
- Pages visited and time spent
- Features used and interactions with the Service
- Gallery access patterns
- Download and export activities
- Search queries
- Clicks and mouse movements
- Referral sources
Device Information
- Device type, model, and operating system
- Browser type and version
- IP address and geolocation (approximate)
- Unique device identifiers
- Mobile advertising IDs
- Device settings
Cookies and Similar Technologies
- Session identifiers
- Authentication tokens
- User preferences
- Analytics data
- Advertising identifiers
Log Data
- Server logs containing IP addresses
- Access timestamps
- Browser type and language
- Pages accessed and referrer URLs
- Error logs and system events
Analytics
- Page views and session duration
- Feature usage patterns
- Conversion events
- User behavior flows
- Performance metrics
2.3 Information from Third Parties
Service Providers
- Stripe (payment processing)
- Supabase (database and authentication)
- Analytics providers
- Email service providers
Third-Party Integrations
- Information from social media platforms (if you authorize OAuth login)
- Information shared by other Weddly users about you
- Stripe (payment processing)
- Supabase (database and authentication)
- Analytics providers
- Email service providers
Third-Party Integrations
- Information from social media platforms (if you authorize OAuth login)
- Information shared by other Weddly users about you
3.1 Core Service Operations
- Providing, maintaining, and improving the Service
- Processing transactions and sending transaction confirmations
- Creating and managing your account
- Enabling you to create galleries and upload media
- Facilitating guest uploads and interactions
- Storing and retrieving your photos and videos
- Processing transactions and sending transaction confirmations
- Creating and managing your account
- Enabling you to create galleries and upload media
- Facilitating guest uploads and interactions
- Storing and retrieving your photos and videos
3.2 Communication
- Sending transactional emails (account confirmations, password resets)
- Responding to your inquiries and support requests
- Sending service updates and announcements
- Notifying you of changes to our policies
- Sending survey requests and feedback requests
- Responding to your inquiries and support requests
- Sending service updates and announcements
- Notifying you of changes to our policies
- Sending survey requests and feedback requests
3.3 Customization and Personalization
- Customizing content and recommendations
- Remembering your preferences and settings
- Improving user experience based on your interactions
- Providing personalized features (theme selection, language preferences)
- Remembering your preferences and settings
- Improving user experience based on your interactions
- Providing personalized features (theme selection, language preferences)
3.4 Marketing and Promotional Activities
- Sending promotional emails and special offers (with your consent)
- Conducting marketing campaigns
- Creating targeted advertising content
- Analyzing marketing effectiveness
- Developing new features based on user demand
- Conducting marketing campaigns
- Creating targeted advertising content
- Analyzing marketing effectiveness
- Developing new features based on user demand
3.5 Analytics and Research
- Understanding user behavior and usage patterns
- Measuring engagement and satisfaction
- Identifying popular features and improvements
- Conducting A/B testing
- Generating aggregate analytics reports
- Measuring engagement and satisfaction
- Identifying popular features and improvements
- Conducting A/B testing
- Generating aggregate analytics reports
3.6 Security and Fraud Prevention
- Detecting and preventing fraud, abuse, and security incidents
- Protecting against malicious activity
- Enforcing our Terms of Service
- Protecting user rights and property
- Complying with legal obligations
- Investigating suspected violations of law
- Protecting against malicious activity
- Enforcing our Terms of Service
- Protecting user rights and property
- Complying with legal obligations
- Investigating suspected violations of law
3.7 Legal Compliance
- Complying with applicable laws and regulations
- Responding to legal requests and court orders
- Protecting against legal liability
- Enforcing contractual agreements
- Responding to legal requests and court orders
- Protecting against legal liability
- Enforcing contractual agreements
For users in the European Economic Area (EEA), we process personal data based on the following legal grounds:
4.1 Legitimate Interests
- Service improvement and optimization
- Fraud prevention and security
- Marketing and business purposes (balanced against your rights)
- Analytics and user behavior analysis
- Fraud prevention and security
- Marketing and business purposes (balanced against your rights)
- Analytics and user behavior analysis
4.2 Contractual Necessity
- Providing the Service as contracted
- Processing payments
- Fulfilling your requests
- Processing payments
- Fulfilling your requests
4.3 Consent
- Marketing communications (unless based on legitimate interests)
- Non-essential cookies
- Analytics
- Optional features and integrations
- Non-essential cookies
- Analytics
- Optional features and integrations
4.4 Legal Obligation
- Compliance with tax and financial regulations
- Responding to government requests
- Protecting user safety
- Responding to government requests
- Protecting user safety
4.5 Vital Interests
- Protecting your health and safety
- Preventing harm
- Preventing harm
5.1 When We Do NOT Share Data
We do not sell, rent, or trade your personal information to third parties for their marketing purposes.
5.2 When We DO Share Data
With Service Providers:
- Stripe: payment processing
- Supabase: database services and authentication
- Analytics providers: usage and behavior analysis
- Email service providers: transactional and marketing communications
- Cloud hosting providers: infrastructure and data storage
- Customer support tools: support ticket management
With Other Users:
- Gallery owners can see guest names, emails, and contribution records
- Guests invited to galleries can see uploaded media and other guests' contributions
- Team members can see shared gallery information (if team feature is enabled)
For Legal Reasons:
- When required by law, court order, or government request
- To protect against fraud or security threats
- To enforce our Terms of Service
- To protect user rights, property, and safety
Business Transfers:
- If Weddly is acquired, merges, or undergoes bankruptcy, your information may be transferred as part of that transaction
With Your Consent:
- When you explicitly authorize data sharing
- For features that require third-party integrations
- Stripe: payment processing
- Supabase: database services and authentication
- Analytics providers: usage and behavior analysis
- Email service providers: transactional and marketing communications
- Cloud hosting providers: infrastructure and data storage
- Customer support tools: support ticket management
With Other Users:
- Gallery owners can see guest names, emails, and contribution records
- Guests invited to galleries can see uploaded media and other guests' contributions
- Team members can see shared gallery information (if team feature is enabled)
For Legal Reasons:
- When required by law, court order, or government request
- To protect against fraud or security threats
- To enforce our Terms of Service
- To protect user rights, property, and safety
Business Transfers:
- If Weddly is acquired, merges, or undergoes bankruptcy, your information may be transferred as part of that transaction
With Your Consent:
- When you explicitly authorize data sharing
- For features that require third-party integrations
5.3 Aggregate and De-identified Data
We may share aggregate, anonymized, or de-identified data that cannot reasonably be used to identify you:
- Industry benchmarks and statistics
- Usage patterns and trends
- Research and insights (for academic or industry purposes)
- Industry benchmarks and statistics
- Usage patterns and trends
- Research and insights (for academic or industry purposes)
6.1 Retention Periods
Account Information:
- Retained for the duration of your account
- Retained for [X years] after account deletion for legal compliance
Gallery Content (Photos/Videos):
- Retained for as long as your account is active
- Deleted within [30 days] of account deletion
- You can delete specific content at any time
Payment and Billing Information:
- Retained for [7 years] for tax and accounting purposes
- Credit card information deleted after transaction completion
Support Communications:
- Retained for [3 years] for customer service and dispute resolution
Log Data:
- Server logs retained for [90 days]
- Security logs retained for [1 year]
Cookies:
- Session cookies: deleted when you close your browser
- Persistent cookies: deleted after [1 year] of inactivity
- You can delete cookies at any time through browser settings
Guest Information:
- Retained for the duration of the gallery
- Deleted when gallery is deleted
- You can remove guest data at any time
Consent Records:
- Retained for 6 years from the date consent was given
- Required for GDPR compliance and demonstrating valid consent
- Includes IP address, user agent, timestamp, and consent details
- Cannot be deleted during the retention period as they serve as legal proof of consent
- Retained for the duration of your account
- Retained for [X years] after account deletion for legal compliance
Gallery Content (Photos/Videos):
- Retained for as long as your account is active
- Deleted within [30 days] of account deletion
- You can delete specific content at any time
Payment and Billing Information:
- Retained for [7 years] for tax and accounting purposes
- Credit card information deleted after transaction completion
Support Communications:
- Retained for [3 years] for customer service and dispute resolution
Log Data:
- Server logs retained for [90 days]
- Security logs retained for [1 year]
Cookies:
- Session cookies: deleted when you close your browser
- Persistent cookies: deleted after [1 year] of inactivity
- You can delete cookies at any time through browser settings
Guest Information:
- Retained for the duration of the gallery
- Deleted when gallery is deleted
- You can remove guest data at any time
Consent Records:
- Retained for 6 years from the date consent was given
- Required for GDPR compliance and demonstrating valid consent
- Includes IP address, user agent, timestamp, and consent details
- Cannot be deleted during the retention period as they serve as legal proof of consent
6.2 Deletion Requests
Upon request, we will delete your personal information except:
- When required by law
- When necessary for contractual obligations
- When necessary for dispute resolution
- When needed for security purposes
- Backup copies (deleted within [90 days])
- When required by law
- When necessary for contractual obligations
- When necessary for dispute resolution
- When needed for security purposes
- Backup copies (deleted within [90 days])
7.1 Access and Portability
You have the right to:
- Access the personal information we hold about you
- Receive your data in a portable format (data export)
- Request a copy of your information in common formats
To exercise: Submit a request through your account settings or contact us at [privacy@weddly.com]
- Access the personal information we hold about you
- Receive your data in a portable format (data export)
- Request a copy of your information in common formats
To exercise: Submit a request through your account settings or contact us at [privacy@weddly.com]
7.2 Correction and Updates
You have the right to:
- Correct inaccurate information
- Update outdated information
- Complete incomplete information
To exercise: Update your profile directly through account settings or contact us
- Correct inaccurate information
- Update outdated information
- Complete incomplete information
To exercise: Update your profile directly through account settings or contact us
7.3 Deletion (Right to be Forgotten)
You have the right to:
- Delete your account and associated data
- Request removal of specific information
- Exceptions: legally required records, dispute resolution, security
To exercise: Request deletion through account settings or contact us
- Delete your account and associated data
- Request removal of specific information
- Exceptions: legally required records, dispute resolution, security
To exercise: Request deletion through account settings or contact us
7.4 Restrict Processing
You have the right to:
- Limit how we use your information
- Restrict processing for specific purposes
- Maintain data without processing it
To exercise: Contact us at [privacy@weddly.com]
- Limit how we use your information
- Restrict processing for specific purposes
- Maintain data without processing it
To exercise: Contact us at [privacy@weddly.com]
7.5 Object to Processing
You have the right to object to:
- Marketing communications
- Profiling and analytics
- Automated decision-making
To exercise: Click "unsubscribe" in emails or adjust settings in your account
- Marketing communications
- Profiling and analytics
- Automated decision-making
To exercise: Click "unsubscribe" in emails or adjust settings in your account
7.6 Withdraw Consent
You can withdraw consent for:
- Marketing communications
- Non-essential cookies
- Analytics
- Optional features
To exercise: Update your preferences in account settings or contact us
- Marketing communications
- Non-essential cookies
- Analytics
- Optional features
To exercise: Update your preferences in account settings or contact us
7.7 Not Be Subject to Automated Decision-Making
We do not use fully automated decision-making that produces legal or similarly significant effects. However, we use:
- Algorithmic content recommendations
- Fraud detection
- Spam filtering
You can request human review of these decisions.
- Algorithmic content recommendations
- Fraud detection
- Spam filtering
You can request human review of these decisions.
7.8 Marketing Preferences
You can:
- Opt out of promotional emails
- Adjust communication frequency
- Change notification preferences
- Customize marketing topics
- Opt out of promotional emails
- Adjust communication frequency
- Change notification preferences
- Customize marketing topics
7.9 Cookie Management
You can:
- Disable cookies through browser settings
- Clear cookies manually
- Opt out of analytics cookies
Note: Some features may not function properly if you disable essential cookies
- Disable cookies through browser settings
- Clear cookies manually
- Opt out of analytics cookies
Note: Some features may not function properly if you disable essential cookies
7.10 Your California Privacy Rights (CCPA/CPRA)
If you are a California resident:
- Right to know what personal information is collected
- Right to know whether personal information is sold or disclosed
- Right to delete personal information (with exceptions)
- Right to opt out of the "sale" of personal information
- Right to non-discrimination for exercising your rights
We do not sell your personal information in the traditional sense but may share it with service providers in ways that could be considered "sales" under CCPA. You have the right to opt out.
To exercise: Submit a request at [https://weddly.com/privacy-request]
- Right to know what personal information is collected
- Right to know whether personal information is sold or disclosed
- Right to delete personal information (with exceptions)
- Right to opt out of the "sale" of personal information
- Right to non-discrimination for exercising your rights
We do not sell your personal information in the traditional sense but may share it with service providers in ways that could be considered "sales" under CCPA. You have the right to opt out.
To exercise: Submit a request at [https://weddly.com/privacy-request]
7.11 Your Brazilian Rights (LGPD)
If you are a Brazilian resident:
- Right to access your personal data
- Right to correct incomplete or inaccurate data
- Right to anonymization, blocking, or deletion
- Right to data portability
- Right to delete data collected with consent
- Right to information about data sharing
- Right to revoke consent
- Right to lodge a complaint with the National Data Protection Authority (ANPD)
- Right to access your personal data
- Right to correct incomplete or inaccurate data
- Right to anonymization, blocking, or deletion
- Right to data portability
- Right to delete data collected with consent
- Right to information about data sharing
- Right to revoke consent
- Right to lodge a complaint with the National Data Protection Authority (ANPD)
7.12 Your Canadian Rights (PIPEDA)
If you are a Canadian resident:
- Right to access your personal information
- Right to correct your information
- Right to request accuracy correction
- Right to know how your information is used
- Right to opt out of marketing
- Right to lodge a complaint with the Privacy Commissioner
- Right to access your personal information
- Right to correct your information
- Right to request accuracy correction
- Right to know how your information is used
- Right to opt out of marketing
- Right to lodge a complaint with the Privacy Commissioner
7.13 Your UK Rights (UK GDPR/DPA 2018)
If you are in the United Kingdom:
- All GDPR rights apply (see Section 7.1-7.7)
- Right to lodge a complaint with the Information Commissioner's Office (ICO)
- Right to obtain confirmation of lawfulness of processing
- All GDPR rights apply (see Section 7.1-7.7)
- Right to lodge a complaint with the Information Commissioner's Office (ICO)
- Right to obtain confirmation of lawfulness of processing
8.1 Security Measures
We implement comprehensive security measures to protect your information:
Encryption:
- All data in transit is encrypted using TLS/SSL protocols
- Sensitive data at rest is encrypted using industry-standard encryption
- Database-level encryption for stored media
Access Control:
- Role-based access control (RBAC)
- Principle of least privilege
- Multi-factor authentication (MFA) for sensitive operations
Infrastructure Security:
- Secure cloud hosting with Supabase/AWS
- Regular security audits and penetration testing
- DDoS protection and rate limiting
- Web application firewall
Data Protection:
- Secure password hashing (bcrypt)
- No plain-text password storage
- Automatic session timeouts
- Secure cookie handling
Operational Security:
- Regular security training for staff
- Background checks for employees
- Confidentiality agreements
- Incident response procedures
Encryption:
- All data in transit is encrypted using TLS/SSL protocols
- Sensitive data at rest is encrypted using industry-standard encryption
- Database-level encryption for stored media
Access Control:
- Role-based access control (RBAC)
- Principle of least privilege
- Multi-factor authentication (MFA) for sensitive operations
Infrastructure Security:
- Secure cloud hosting with Supabase/AWS
- Regular security audits and penetration testing
- DDoS protection and rate limiting
- Web application firewall
Data Protection:
- Secure password hashing (bcrypt)
- No plain-text password storage
- Automatic session timeouts
- Secure cookie handling
Operational Security:
- Regular security training for staff
- Background checks for employees
- Confidentiality agreements
- Incident response procedures
8.2 Limitations
While we use reasonable security measures, no system is completely secure. We cannot guarantee absolute security. You are responsible for:
- Maintaining the confidentiality of your password
- Protecting your login credentials
- Reporting unauthorized access
- Keeping your device and software updated
- Maintaining the confidentiality of your password
- Protecting your login credentials
- Reporting unauthorized access
- Keeping your device and software updated
Our Service may contain links to third-party websites and services not operated by Weddly. This Privacy Policy does not apply to:
- Third-party websites and applications
- Third-party social media platforms
- Third-party payment processors
- Third-party analytics services
We encourage you to review the privacy policies of any third parties before providing information or using their services.
- Third-party websites and applications
- Third-party social media platforms
- Third-party payment processors
- Third-party analytics services
We encourage you to review the privacy policies of any third parties before providing information or using their services.
Weddly is not intended for children under 13 (or the applicable minimum age in your jurisdiction).
We do not knowingly collect information from children under 13.
If we learn that a child under 13 has provided information:
1. We will delete the information
2. We will delete the account
3. We will notify the parent/guardian
For minors ages 13-18:
- Parental consent is recommended
- Minors have all privacy rights under this policy
- Additional protections may apply
California COPPA Compliance:
- We do not "sell" information of children under 16
- We do not collect sensitive information from children without consent
We do not knowingly collect information from children under 13.
If we learn that a child under 13 has provided information:
1. We will delete the information
2. We will delete the account
3. We will notify the parent/guardian
For minors ages 13-18:
- Parental consent is recommended
- Minors have all privacy rights under this policy
- Additional protections may apply
California COPPA Compliance:
- We do not "sell" information of children under 16
- We do not collect sensitive information from children without consent
11.1 Data Location
Weddly operates primarily in the United States. Your information may be:
- Processed in the United States
- Stored on servers located in the United States
- Accessed by employees in the United States
- Processed in the United States
- Stored on servers located in the United States
- Accessed by employees in the United States
11.2 Legal Framework (GDPR Users)
For users in the EEA, UK, or Switzerland:
- Data is transferred under Standard Contractual Clauses (SCCs)
- Adequacy decisions may apply
- You have rights to object to transfers
- Data is transferred under Standard Contractual Clauses (SCCs)
- Adequacy decisions may apply
- You have rights to object to transfers
11.3 International Users
By using Weddly, you consent to the transfer of your information to countries that may have different data protection laws. Some countries may not have the same level of protection as your home country.
Some browsers and devices include a "Do Not Track" feature. Currently, there is no industry standard for recognizing DNT signals. Weddly does not respond to DNT signals, though you can control tracking through:
- Browser privacy settings
- Cookie management
- Marketing opt-out
- Preference settings in your account
- Browser privacy settings
- Cookie management
- Marketing opt-out
- Preference settings in your account
California residents may request information about third parties with whom we share personal information for direct marketing purposes. This applies only to third parties in California.
To request: Send written request to [privacy@weddly.com] with "Shine the Light" in the subject line.
To request: Send written request to [privacy@weddly.com] with "Shine the Light" in the subject line.
Nevada residents have the right to opt out of the sale of certain covered information. Weddly does not sell covered information, but you can submit opt-out requests to [privacy@weddly.com]
If your organization requires a Data Processing Agreement:
- We provide DPAs for business customers
- DPAs outline data processor responsibilities
- Compliance with GDPR and relevant regulations
- Standard terms available upon request
To request: Contact [legal@weddly.com]
- We provide DPAs for business customers
- DPAs outline data processor responsibilities
- Compliance with GDPR and relevant regulations
- Standard terms available upon request
To request: Contact [legal@weddly.com]
We may update this Privacy Policy periodically to reflect:
- Changes in our practices
- Changes in applicable laws
- New features and services
- User feedback
We will notify you of material changes:
- By email to registered users
- By prominent notice on the Service
- By posting the updated policy
Your continued use after changes constitutes acceptance. We recommend reviewing this policy periodically.
- Changes in our practices
- Changes in applicable laws
- New features and services
- User feedback
We will notify you of material changes:
- By email to registered users
- By prominent notice on the Service
- By posting the updated policy
Your continued use after changes constitutes acceptance. We recommend reviewing this policy periodically.
If you have questions, concerns, or requests regarding this Privacy Policy:
Privacy Inquiries:
- Email: [privacy@weddly.com]
- Address: [Company Address]
Data Subject Rights Requests:
- Email: [dsar@weddly.com]
- Online Form: [https://weddly.com/privacy-request]
US Data Protection Officer (DPO) Contact:
- Email: [dpo@weddly.com]
EU/UK Data Protection Officer (if applicable):
- Email: [eu-dpo@weddly.com]
Regulatory Complaint:
- EU/EEA: Contact your local data protection authority
- UK: Information Commissioner's Office (ICO)
- California: California Attorney General
- Brazil: Autoridade Nacional de Proteção de Dados (ANPD)
- Canada: Privacy Commissioner of Canada
Response Timeline:
- We aim to respond to all requests within 30 days
- Complex requests may require additional time
- We will inform you of any delays
Privacy Inquiries:
- Email: [privacy@weddly.com]
- Address: [Company Address]
Data Subject Rights Requests:
- Email: [dsar@weddly.com]
- Online Form: [https://weddly.com/privacy-request]
US Data Protection Officer (DPO) Contact:
- Email: [dpo@weddly.com]
EU/UK Data Protection Officer (if applicable):
- Email: [eu-dpo@weddly.com]
Regulatory Complaint:
- EU/EEA: Contact your local data protection authority
- UK: Information Commissioner's Office (ICO)
- California: California Attorney General
- Brazil: Autoridade Nacional de Proteção de Dados (ANPD)
- Canada: Privacy Commissioner of Canada
Response Timeline:
- We aim to respond to all requests within 30 days
- Complex requests may require additional time
- We will inform you of any delays
18.1 European Union (GDPR)
Your Rights:
- As outlined in Section 7.1-7.7
- Full GDPR protections apply
Our Obligations:
- Data Protection Impact Assessments (DPIA)
- Lawful basis for processing
- Data Processing Agreements available
- 30-day response timeline for requests
Legal Basis Summary:
- Contractual: Service provision and payment processing
- Consent: Marketing and analytics
- Legitimate Interests: Service improvement, fraud prevention, analytics
- Legal Obligation: Tax and regulatory compliance
- As outlined in Section 7.1-7.7
- Full GDPR protections apply
Our Obligations:
- Data Protection Impact Assessments (DPIA)
- Lawful basis for processing
- Data Processing Agreements available
- 30-day response timeline for requests
Legal Basis Summary:
- Contractual: Service provision and payment processing
- Consent: Marketing and analytics
- Legitimate Interests: Service improvement, fraud prevention, analytics
- Legal Obligation: Tax and regulatory compliance
18.2 United Kingdom
Your Rights:
- All GDPR rights apply (UK GDPR)
- Data Protection Act 2018 protections
- ICO jurisdiction
- All GDPR rights apply (UK GDPR)
- Data Protection Act 2018 protections
- ICO jurisdiction
18.3 Switzerland
Your Rights:
- Federal Data Protection Act (FADP) compliance
- Similar to GDPR protections
- Swiss data protection authority oversight
- Federal Data Protection Act (FADP) compliance
- Similar to GDPR protections
- Swiss data protection authority oversight
18.4 Canada (PIPEDA)
Your Rights:
- Access to your information
- Correction of information
- Opt-out of marketing
- Complaint to Privacy Commissioner
- Access to your information
- Correction of information
- Opt-out of marketing
- Complaint to Privacy Commissioner
18.5 Brazil (LGPD)
Your Rights:
- All rights in Section 7.11
- LGPD compliance
- ANPD complaint authority
- All rights in Section 7.11
- LGPD compliance
- ANPD complaint authority
See our separate Cookie Policy for detailed information about:
- Types of cookies used
- Cookie purposes
- Cookie duration
- How to manage cookies
- Types of cookies used
- Cookie purposes
- Cookie duration
- How to manage cookies
This Privacy Policy is a template for informational purposes only. It is not legal advice. You should:
- Consult with a qualified attorney
- Customize for your specific business model
- Ensure compliance with your actual data practices
- Verify compliance with local laws
- Update based on your specific services and locations
---
Effective Date: [DATE]
Version: 1.0
For the most current version, visit: [https://weddly.com/privacy]
- Consult with a qualified attorney
- Customize for your specific business model
- Ensure compliance with your actual data practices
- Verify compliance with local laws
- Update based on your specific services and locations
---
Effective Date: [DATE]
Version: 1.0
For the most current version, visit: [https://weddly.com/privacy]
Questions or Concerns?
If you have any questions about this policy or want to exercise your rights, please contact us:
privacy@weddly.com