Legal

Privacy Policy

Effective Date: February 10, 2026  |  Last Updated: February 10, 2026  |  GDPR/CCPA Compliant

This Privacy Policy describes how eesspp LLC, doing business as Wedding Memory ("Company," "we," "us," or "our"), collects, uses, shares, and protects personal information through our wedding content delivery platform (the "Service"). This policy applies to all users of our Service, including wedding professionals ("PROs"), couples, and wedding guests.

1. Who We Are

1.1 Data Controller

eesspp LLC acts as a data processor on behalf of wedding professionals (PROs) who are the data controllers for their clients' data. For PRO account data, we act as the data controller.

1.2 Contact Information

  • Company: eesspp LLC (d/b/a Wedding Memory)
  • Email: privacy@wedding-memory.com
  • Data Protection Inquiries: dpo@wedding-memory.com

2. Information We Collect

2.1 PRO Account Information

When you register as a professional, we collect:

  • Full name and business name
  • Email address
  • Password (hashed, never stored in plain text)
  • Business logo and branding assets
  • Brand color preferences
  • Subdomain preference

2.2 Couple Information

When a wedding page is created, we collect:

  • Couple's names
  • Wedding date
  • Wedding access code (auto-generated)
  • Optional: couple's email address

2.3 Guest Information

When guests access the platform, we may collect:

  • Display name or nickname
  • Email address (if provided for notifications)
  • Device information and browser type
  • Photos and videos uploaded by guests
  • Comments and guestbook entries

2.4 Automatically Collected Information

We automatically collect:

  • IP address
  • Browser type and version
  • Device type and operating system
  • Access times and dates
  • Pages viewed and features used
  • Referring URL

2.5 Payment Information

Payment processing is handled by our third-party payment processor. We do not store credit card numbers or full payment details. We retain only transaction references and amounts for billing records.

3. How We Use Your Information

3.1 To Provide the Service

  • Create and manage accounts
  • Process and store wedding content
  • Enable content sharing between PROs, couples, and guests
  • Generate QR codes for guest access
  • Send notifications about content updates
  • Provide customer support

3.2 To Improve the Service

  • Analyze usage patterns to improve features
  • Debug technical issues
  • Monitor service performance
  • Develop new features

3.3 To Communicate

  • Send service-related emails (account verification, security alerts)
  • Respond to support requests
  • Send product updates (with opt-out option)

3.4 Legal Bases for Processing (GDPR)

  • Contract performance: Processing necessary to provide the Service
  • Legitimate interest: Service improvement, security, fraud prevention
  • Consent: Marketing communications, optional features
  • Legal obligation: Compliance with applicable laws

4. How We Share Your Information

4.1 With PROs

Couple and guest information is shared with the PRO who manages the wedding. This includes names, uploaded content, and comments.

4.2 With Couples and Guests

Content and comments are visible to authorized users of a specific wedding (the couple and invited guests).

4.3 Service Providers

We share data with trusted third-party providers who assist in operating our Service:

  • Supabase: Database hosting and authentication (EU/US servers)
  • Cloudflare: Content delivery, storage (R2), and security
  • Vercel: Web application hosting
  • Payment processor: Payment processing

4.4 Legal Requirements

We may disclose information if required by law, court order, or government request, or if necessary to protect our rights, safety, or property.

4.5 Business Transfers

In the event of a merger, acquisition, or sale of assets, user data may be transferred. We will notify affected users before data is transferred and becomes subject to a different privacy policy.

4.6 No Selling of Data

We do not sell, rent, or trade your personal information to third parties for their marketing purposes.

5. Data Storage & Security

5.1 Where Data Is Stored

  • Database: Supabase cloud infrastructure
  • Media files: Cloudflare R2 storage (globally distributed)
  • Application: Vercel edge network

5.2 Security Measures

We implement appropriate technical and organizational measures including:

  • Encryption in transit (TLS/SSL)
  • Encryption at rest for stored data
  • Row Level Security (RLS) on database
  • Presigned URLs for secure file access (time-limited)
  • Password hashing using industry-standard algorithms
  • Regular security reviews

5.3 Breach Notification

In the event of a data breach affecting your personal information, we will notify affected users and relevant authorities within 72 hours as required by applicable law.

6. Data Retention

6.1 Active Accounts

PRO account data is retained for the duration of your account.

6.2 Wedding Content

  • Active weddings: Content retained during active hosting period
  • Post-wedding: Content retained for 90 days after expiry
  • After retention period: All content permanently deleted

6.3 Account Deletion

Upon account deletion, we retain data for 30 days to allow recovery, then permanently delete all associated data.

6.4 Legal Retention

Some data may be retained longer if required by law (e.g., billing records for tax purposes).

7. Your Rights

7.1 All Users

Regardless of your location, you have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Request deletion of your data
  • Object to processing of your data
  • Receive a copy of your data in a portable format

7.2 EU/EEA Residents (GDPR)

Under GDPR, you additionally have the right to:

  • Restrict processing of your data
  • Withdraw consent at any time
  • Lodge a complaint with your local data protection authority
  • Object to automated decision-making and profiling

7.3 California Residents (CCPA/CPRA)

Under California law, you have the right to:

  • Know what personal information we collect and why
  • Delete your personal information
  • Opt out of the sale of personal information (we do not sell data)
  • Non-discrimination for exercising your rights
  • Correct inaccurate personal information
  • Limit use of sensitive personal information

7.4 How to Exercise Your Rights

Contact us at privacy@wedding-memory.com with your request. We will respond within 30 days (or shorter if required by applicable law). We may need to verify your identity before processing requests.

8. Cookies & Tracking

8.1 Essential Cookies

We use essential cookies for:

  • Authentication and session management
  • Security and fraud prevention
  • User preferences (theme, language)

8.2 Analytics

We may use privacy-respecting analytics to understand how the Service is used. We do not use invasive tracking or sell analytics data.

8.3 No Third-Party Advertising

We do not serve third-party advertisements or use advertising cookies or tracking pixels.

8.4 Managing Cookies

You can control cookies through your browser settings. Disabling essential cookies may affect Service functionality.

9. Children's Privacy

The Service is not directed to children under 16. We do not knowingly collect personal information from children under 16. Wedding content may incidentally include images of minors (e.g., flower girls, ring bearers) — photographers are responsible for obtaining appropriate parental consent. If we learn that we have collected personal information from a child under 16, we will delete it promptly.

10. International Data Transfers

Your data may be transferred to and processed in countries other than your own, including the United States. For EU/EEA data transfers, we rely on Standard Contractual Clauses (SCCs) approved by the European Commission, Data Processing Agreements with all sub-processors, and adequacy decisions where applicable.

11. Third-Party Links & Services

The Service may contain links to third-party websites or services. We are not responsible for their privacy practices. We recommend reviewing the privacy policies of any third-party services you interact with.

12. Specific Disclosures

12.1 GDPR Data Processing

  • Data Controller: PROs (for client data); eesspp LLC (for PRO account data)
  • Data Processor: eesspp LLC (for client data processed on behalf of PROs)
  • Sub-processors: Supabase, Cloudflare, Vercel, payment processor
  • DPA: Available upon request at dpo@wedding-memory.com

12.2 CCPA Disclosure

Category of Information Collected Sold Business Purpose
Identifiers (name, email) Yes No Account management, service delivery
Commercial information Yes No Billing, subscription management
Internet activity Yes No Service improvement, security
Geolocation (approximate) Yes No Service delivery, compliance
Audio/visual information Yes No Core service (photo/video delivery)
Professional information Yes No Account management

12.3 Do Not Track

We honor Do Not Track browser signals by not engaging in cross-site tracking.

13. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be notified via email or prominent notice on the Service at least 30 days before taking effect. The "Last Updated" date at the top indicates when the policy was last revised. Continued use of the Service after changes constitutes acceptance of the updated policy.

14. Contact Information

  • General Privacy: privacy@wedding-memory.com
  • Data Protection Officer: dpo@wedding-memory.com
  • General Contact: hello@wedding-memory.com

eesspp LLC (d/b/a Wedding Memory). We aim to respond to all privacy inquiries within 30 days. For EU/EEA residents, if you are not satisfied with our response, you have the right to lodge a complaint with your local data protection authority.