DIGI WEDDING - online wedding planner

Privacy Policy

1. Introduction

Digi Wedding ("we", "us", "our") is a wedding planning platform operated by SIA "R4S", registered in Latvia (Registration Number: 40203386843). We are committed to protecting personal data in accordance with the EU General Data Protection Regulation (GDPR) (Regulation 2016/679) and applicable Latvian data protection law.

This Privacy Policy explains what personal data we collect, how we use it, with whom we share it, and your rights in relation to your data.

For questions or data requests, contact us at: info@digi.wedding

2. Data We Collect

2.1 Account Information

When you register, we collect: full name, email address, phone number (optional), profile photo (optional), billing details (only for purchases).

2.2 Wedding Planning Data

Data you create while using the platform: wedding date, location, guest list, budget, seating plans, task lists, vendor selections, uploaded photos/videos/documents, wedding website content, guest RSVP responses.

2.3 OAuth Login Data

If you sign in via Google or Facebook, we receive your name, email, and profile picture from the OAuth provider. We do not receive your password.

2.4 Google Calendar Data

If you connect Google Calendar: we store encrypted OAuth tokens (AES-256), create/update/delete calendar events on your behalf. We do not read your existing calendar events.

2.5 Technical Data

Automatically collected: IP address, browser type and version, device type, pages visited and time of visit, session identifiers.

2.6 Communications

Messages with wedding vendors through our platform and email notifications sent to you.

3. How We Use Your Data

PurposeLegal Basis Providing the wedding planning serviceContract performance (Art. 6(1)(b) GDPR) Account management and authenticationContract performance Google Calendar synchronisationExplicit user consent — initiated by user Sending service notifications and emailsContract performance / Legitimate interests Processing paymentsContract performance / Legal obligation Preventing fraud, abuse and security threatsLegitimate interests / Legal obligation Improving service quality and featuresLegitimate interests Marketing communicationsConsent (opt-in only) Compliance with legal obligationsLegal obligation (Art. 6(1)(c) GDPR)

4. Data Sharing, Transfer, and Disclosure

We do not sell your personal data. We share data only with the third-party service providers listed below, strictly to operate the Digi Wedding service. Each provider acts as a data processor under a data processing agreement.

4.1 Google Services

ServiceData SharedPurpose Google OAuth2 (login)Name, email, profile photo (received FROM Google)User authentication Google Calendar APIWedding event titles, dates, descriptions, locationsWriting events to user's Google Calendar on user request Google Analytics 4 (ID: G-3CYL5DY95F)IP address, browser, pages visited, session dataWebsite analytics — data stored in Google's infrastructure (USA) Google reCAPTCHA v3IP address, browser behaviour, form interaction dataBot and fraud prevention on forms Google Gemini AI (gemini-2.0-flash-exp)User-uploaded body photos and dress product imagesVirtual dress try-on feature (only when user initiates)

Important note about Google OAuth data:
Data received from Google OAuth (name, email, profile picture) is used exclusively to create and identify your Digi Wedding account. This data is stored on our servers in Latvia/EU, not transferred to any third party other than those listed in this policy, not used for advertising or profiling, and deleted upon account deletion request.

AI/ML Model Training Compliance:
Data obtained through Google APIs (Google OAuth and Google Calendar API) is used exclusively to provide the directly requested service features to the user. This data is NOT retained to develop, improve, or train any generalized artificial intelligence (AI) or machine learning (ML) model. DigiWedding uses third-party AI services (OpenAI, Google Gemini) but does not use users' Google data to train these or any other AI models.

4.2 AI Service Providers

All AI features are opt-in. No personal data is sent to AI providers automatically or in the background.

ProviderData SentPurpose OpenAI (USA)Wedding details: guest count, budget amounts, preferences, event date, task descriptionsAI-powered budget generation, task planning, wedding timeline creation Google Gemini (Google LLC, USA)User body photos + dress product imagesVirtual wedding dress try-on (fallback service)

4.3 Infrastructure and Operations

ProviderData SharedPurpose Mailgun (Sinch, USA/EU)Recipient email address, email contentTransactional email delivery (notifications, invitations) AWS S3 (Amazon Web Services, USA/EU)User-uploaded photos, videos, documentsCloud file storage Sentry.io (USA)User ID, display name, email — only captured at time of errorError monitoring and debugging

4.4 Social Media Pixels

ProviderData SharedPurpose Meta (Facebook) Pixel (ID: 380939977301242)IP address, browser, page visits, user behaviourAdvertising campaign measurement and optimisation

4.5 Payment Processing

ProviderData SharedPurpose Klix (Latvia)Order amount, billing detailsPayment processing for invitation card purchases and subscriptions

We do not store credit card numbers. All payment data is handled directly by Klix.

4.6 Vendors Listed on Digi Wedding

When you contact a wedding vendor through our platform, your message and name are visible to that vendor. Vendors are independent data controllers.

4.7 Legal Disclosures

We may disclose personal data to competent authorities, courts, or law enforcement when required by applicable law or to defend legal claims.

5. International Data Transfers

Some of the providers listed above (OpenAI, Sentry, AWS, Mailgun/Sinch, Meta) are located in the United States or other countries outside the EEA. For transfers to the USA, we rely on Standard Contractual Clauses (SCCs) approved by the European Commission.

6. Data Retention

Data CategoryRetention Period Account and profile dataUntil account deletion, then up to 30 days Wedding planning dataUntil you delete it, or until account deletion Google Calendar OAuth tokensUntil you disconnect Google Calendar, immediately deleted on disconnection Payment records5 years (legal/accounting obligation) Server access logs30–90 days Error reports (Sentry)90 days Analytics data (Google Analytics)14 months

7. Cookies

  • Essential cookies: Session management, login state (required for the service)
  • Analytics cookies: Google Analytics (tracking site usage, opt-out available)
  • Advertising cookies: Facebook Pixel (opt-out available)

A cookie consent banner is displayed on your first visit.

8. Your Rights (GDPR)

RightDescription AccessRequest a copy of the personal data we hold about you RectificationRequest correction of inaccurate data ErasureRequest deletion of your data (subject to legal retention obligations) RestrictionRequest that we restrict processing of your data PortabilityReceive your data in a machine-readable format ObjectionObject to processing based on legitimate interests Withdraw ConsentWithdraw consent at any time where processing is consent-based ComplaintLodge a complaint with the Datu valsts inspekcija (www.dvi.gov.lv)

To exercise any right, contact: info@digi.wedding
We will respond within 30 days.

To revoke Google Calendar access: https://myaccount.google.com/permissions

9. Data Security

  • Encrypted data in transit (TLS/HTTPS)
  • Google OAuth tokens encrypted at rest (AES-256)
  • Passwords hashed (bcrypt via Devise)
  • Access controls limiting who can access personal data
  • Rate limiting and DDoS protection (Rack::Attack)

10. Children's Privacy

Digi Wedding is intended for adults (18+). We do not knowingly collect personal data from children under 16.

11. Account Deletion

To delete your account and associated data, go to your profile at https://digi.wedding/users/profile and click the Delete account button.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify registered users of material changes by email or by a notice on our website.

13. Contact

Data Controller:
SIA "R4S"
Registration Number: 40203386843
Madonas nov., Liezēres pag., Liezēre, Bērzu iela 9, LV-4884, Latvia
Email: info@digi.wedding
Website: https://digi.wedding

Supervisory Authority:
Datu valsts inspekcija (Data State Inspectorate of Latvia)
Website: https://www.dvi.gov.lv
Email: info@dvi.gov.lv

Cookies give us the opportunity to improve your convenience as a user. By continuing to use our website, you agree to the use of cookies.Read more