Ever After← Home

Legal

Privacy Notice

Last updated: 22 May 2026

Ever After Wedding Planning ("we", "us", "our") is the data controller for personal data processed through Ever After Planner (the "Service"). We operate from England, United Kingdom and comply with the UK GDPR and the Data Protection Act 2018.

1. Personal data we collect

  • Account data — name, email, password (hashed), and authentication identifiers.
  • Wedding data you provide — partner names, wedding date, venue, guest details, RSVPs, dietary requirements, seating plans, suppliers, budget, notes, vows and inspiration uploads.
  • Usage and device data — IP address, browser type, pages visited, and basic telemetry needed to operate and secure the Service.
  • Support correspondence — messages you send to support and our replies.
  • Payment data — handled by Paddle (see "Sharing" below). We do not store full card details.

2. Why we use your data (legal basis)

  • Performance of contract — to create your account and provide the Service.
  • Legitimate interests — to keep the Service secure, prevent fraud, improve features, and provide support.
  • Legal obligation — to meet tax, accounting and law-enforcement requirements.
  • Consent — for optional analytics or marketing cookies, withdrawable at any time via our cookie banner.

3. Sharing

  • Subprocessors — hosting and database providers used to deliver the Service.
  • Paddle — our Merchant of Record for sale of the product, payment processing, tax compliance and invoicing. Paddle is an independent controller for the personal data it collects to provide payment services.
  • Professional advisers — legal, accounting and audit professionals where strictly necessary.
  • Authorities — where required by law or to protect our rights.

We never sell your personal data.

4. International transfers

Where personal data is transferred outside the UK or EEA, we rely on appropriate safeguards such as the UK International Data Transfer Agreement, EU Standard Contractual Clauses, or adequacy decisions.

5. Retention

We keep personal data for as long as your account is active. If you delete your account we delete or anonymise your personal data within 30 days, except where we must retain it for legal, tax or fraud-prevention reasons.

6. Security

We use appropriate technical and organisational measures including encryption in transit, access controls, row-level database security, and regular backups.

7. Your rights under UK GDPR

You have the right to:

  • access your personal data;
  • rectify inaccurate data;
  • erase your data ("right to be forgotten");
  • restrict or object to processing;
  • data portability;
  • withdraw consent at any time;
  • lodge a complaint with the UK Information Commissioner's Office (ico.org.uk).

To exercise these rights email privacy@everafterplanner.app. We will respond within one month.

8. Cookies

See our Cookie Policy for details on the cookies we use and how to manage your preferences.

9. Changes

We'll notify you of material changes by email or in-app banner before they take effect.

10. Contact

Email privacy@everafterplanner.app.