Privacy Policy

1. Who we are

Ever Vow is a wedding planning platform that helps couples organize digital invitations, guest lists, RSVP responses, budgets, vendors, timelines, and related wedding workspace information.

For privacy questions, data requests, or GDPR rights requests, contact us at support@ever-vow.com.

2. What data we collect

Account data: your name, email address, and password. Passwords are stored only in hashed form and are never stored as plain text.

Wedding workspace data: guest names and RSVP statuses, budget lines, vendors, timeline events, seating information, invitation details, and other planning content you choose to add.

Payment data: payments are processed by Stripe. Ever Vow does not store full card numbers, CVC codes, or raw payment card data. We may store payment status, Stripe customer identifiers, checkout session identifiers, payment intent identifiers, and payment timestamps for account access and support purposes.

Technical data: essential cookies, session tokens, CSRF/security tokens where applicable, device/browser metadata, and IP addresses in anonymized or security-log form where required to protect the service.

3. Why we collect it and legal basis

Contract performance: we process account and wedding workspace data to provide the Ever Vow service, including saving your workspace, displaying your dashboard, generating invitations, and managing RSVP workflows.

Legitimate interest: we process limited technical and security data to prevent abuse, secure accounts, debug service issues, detect fraud, and maintain platform reliability.

Consent: optional email notifications and preferences are processed based on your choices. You can change notification preferences where available in the application.

4. How long we keep data

Active accounts: workspace and account data are retained until you request deletion or delete your account, unless a longer period is required by law or necessary for legitimate dispute resolution.

Expired or unpaid workspaces: expired or unpaid workspaces may be deleted after 90 days according to our cleanup and retention rules.

Stripe data: payment records processed by Stripe are governed by Stripe's own retention policies. Ever Vow stores only the minimum payment metadata needed to confirm access and provide support.

5. Your GDPR rights

If you are located in the European Economic Area or otherwise protected by GDPR, you may have the right to access, rectify, erase, restrict, or port your personal data, and to object to certain processing.

You may also withdraw consent for optional processing, such as optional email notifications, where applicable.

To exercise your rights, contact support@ever-vow.com. We may need to verify your identity before completing a request.

6. Cookies

Ever Vow uses essential cookies and local storage only where necessary for authentication, sessions, security, consent preferences, and core application functionality.

We do not use advertising cookies, behavioral tracking cookies, or third-party ad tracking cookies.

Essential cookies may include session cookies and CSRF/security tokens where required to keep your account and workspace secure.

7. Third-party processors

Stripe processes payments and related payment metadata.

Resend processes transactional emails such as account verification, invitation-related messages, and RSVP notifications.

MongoDB Atlas hosts the application database used to store account and workspace data.

Vercel hosts the Ever Vow application and related serverless infrastructure.

8. International transfers and safeguards

Some third-party processors may process data outside your country or the European Economic Area. Where required, we rely on appropriate safeguards such as contractual commitments, standard contractual clauses, or processor security measures.

9. Security

We use reasonable technical and organizational measures to protect personal data, including password hashing, access controls, secure session handling, and limiting access to production systems.

No online service can guarantee absolute security, but we work to protect your account and workspace against unauthorized access, misuse, and loss.

10. Changes to this policy

We may update this Privacy Policy as Ever Vow evolves, legal requirements change, or processors change. The latest version will always be available on this page.

If a change materially affects your rights or how we process your personal data, we will take reasonable steps to notify users where appropriate.