1. Introduction
Wefeen helps hosts create beautiful digital invitation and event websites, share them through a single link, collect RSVPs, and manage guest information. Because our Service involves personal information about hosts, guests, planners, and visitors, we take privacy seriously.
This Privacy Policy applies to personal information we process in connection with:
- the Wefeen website and marketing pages;
- host accounts, dashboards, and billing;
- published event pages and RSVP forms;
- customer support, contact forms, and email communications; and
- security, analytics, and platform operations.
By accessing or using the Service, you acknowledge that you have read this Privacy Policy. Where required by law, we will obtain your consent or provide additional choices before processing your information.
2. Definitions
- “Personal information” (or “personal data”) means information that identifies, relates to, describes, or could reasonably be linked with an identifiable individual, directly or indirectly.
- “Host” means a person or organization that creates, purchases, or administers an event page or account.
- “Guest” means a person who views an event page, submits an RSVP, or otherwise interacts with content published through the Service.
- “Guest Data” means personal information collected through an event page on behalf of a Host.
- “Process” or “processing” means any operation performed on personal information, including collection, storage, use, disclosure, deletion, or anonymization.
- “Service” has the meaning given in our Terms and Conditions.
3. Scope and Roles
3.1 Wefeen as Data Controller
For most platform operations, including account registration, authentication, billing, website analytics, fraud prevention, direct marketing where permitted, and responses to contact forms, Wefeen acts as the data controller (or equivalent under applicable law).
3.2 Wefeen as Data Processor
When a Host uses Wefeen to collect Guest Data, the Host typically decides what information to collect and why. In that context, the Host is generally the data controller and Wefeen processes Guest Data on the Host’s documented instructions to provide the Service. Wefeen may also act as an independent controller for security logging, abuse prevention, billing tied to the Host account, and compliance with law.
3.3 Guests
If you are a Guest responding to an invitation, the Host controls most uses of your RSVP information. Contact the Host first with questions about their event list, follow-up messages, or retention. You may contact Wefeen if you need help identifying the Host or making a request relating to data stored on our systems.
3.4 Event Planners and Agencies
If you manage events on behalf of clients, you and your client are responsible for determining controller/processor roles, guest notices, and lawful bases before collecting Guest Data through Wefeen.
4. Information We Collect
The information we collect depends on how you use the Service.
4.1 Information You Provide Directly
- Account and profile data: name, email address, phone number, password or authentication credentials, organization or planner details, language preferences, and account settings.
- Event and page content: event names, hosts’ names, dates, venues, addresses, schedules, dress codes, gift registry links, photos, videos, audio selections, design choices, custom messages, and co-host details.
- RSVP and guest form submissions: attendance status, guest names, email addresses, phone numbers, plus-one information, dietary requirements, accessibility needs, travel details, custom question responses, and optional messages to the Host.
- Payment and billing data: billing name, billing address, tax identifiers where provided, transaction IDs, plan selections, invoices, and limited payment method details processed by our payment partners. We do not intentionally store full payment card numbers on our own servers when a certified payment processor is used.
- Support and inquiries: information you submit through contact forms, email, chat, or social messages, including attachments and metadata.
4.2 Information Collected Automatically
- Device and technical data: IP address, browser type and version, operating system, device type, screen resolution, language settings, time zone, and mobile network information.
- Usage data: pages viewed, buttons clicked, referral URLs, session duration, feature usage, RSVP submission events, error logs, and performance metrics.
- Security data: login timestamps, authentication events, suspicious activity indicators, and anti-abuse signals.
- Cookie and pixel data: as described in Section 15.
4.3 Information from Third Parties
We may receive information from:
- payment processors and billing partners;
- authentication or single sign-on providers, if enabled;
- analytics, hosting, email delivery, and customer-support vendors;
- anti-fraud and security services; and
- publicly available sources where permitted by law.
4.4 Sensitive Information
Wefeen is not designed to collect special categories of sensitive personal data such as government ID numbers, full payment card numbers, health records, biometric data, or precise geolocation tracking beyond what you voluntarily include in an event page or RSVP field configured by a Host. Hosts should avoid requesting unnecessary sensitive information. If such information is submitted despite our guidance, we may delete or restrict it where appropriate.
4.5 Information We Do Not Intentionally Collect
We do not require Guests to create accounts to view most event pages or submit basic RSVPs. We do not knowingly collect information from children under 16 for account registration, as described in Section 19.
5. How We Use Information
We use personal information for the following purposes:
- Providing the Service: creating and hosting event pages, enabling RSVP collection, displaying content, sending transactional notifications, and maintaining guest lists for Hosts.
- Account administration: registration, authentication, plan management, customer support, and service communications.
- Payments: processing purchases, renewals, refunds where applicable, tax documentation, and fraud screening.
- Improvement and analytics: understanding feature usage, diagnosing errors, testing new functionality, and improving performance and design.
- Security and abuse prevention: detecting spam, unauthorized access, malicious content, and violations of our Terms.
- Legal and compliance: responding to lawful requests, enforcing agreements, protecting rights, and meeting record-keeping obligations.
- Marketing: sending promotional messages where permitted and subject to your choices.
We do not use Guest Data collected on behalf of a Host to market unrelated third-party products to Guests without authorization. We do not sell personal information for money. We do not use RSVP responses to make solely automated decisions that produce legal or similarly significant effects without appropriate safeguards and notice where required by law.
6. Legal Bases for Processing
We process personal information only where we have a valid legal basis. Depending on your location, that may include:
- Performance of a contract: to provide the Service, process payments, and support your account or RSVP submission.
- Legitimate interests: to secure the platform, prevent abuse, improve the Service, and communicate about important account matters, balanced against your rights.
- Consent: for optional marketing, non-essential cookies, or other processing where consent is required or chosen.
- Legal obligation: to comply with tax, accounting, regulatory, or law-enforcement requirements.
- Vital interests or public interest: where necessary to protect life or comply with applicable law in limited circumstances.
Where we rely on legitimate interests, you may have the right to object as described in Section 12. Where we rely on consent, you may withdraw it at any time without affecting processing already performed.
7. How We Share Information
We share personal information only as described below.
7.1 With Hosts, Guests, and Authorized Users
RSVP responses and event content are shared with the relevant Host and anyone the Host authorizes, such as co-hosts, family members, or event planners. Some event pages may display limited information to other guests if the Host enables that feature.
7.2 With Service Providers
We use trusted vendors who process information on our behalf under contractual obligations, including providers of:
- cloud hosting and storage;
- email and SMS delivery;
- payment processing;
- customer support tools;
- analytics and performance monitoring;
- security, backup, and content delivery services.
These providers may access personal information only to perform services for us and must protect it appropriately.
7.3 For Legal and Safety Reasons
We may disclose information if we believe in good faith that disclosure is necessary to comply with law, regulation, legal process, or governmental request; protect the rights, property, or safety of Wefeen, our users, or others; investigate fraud or security issues; or enforce our Terms.
7.4 Business Transfers
If we are involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets, personal information may be transferred as part of that transaction subject to continuing protections consistent with this Policy.
7.5 With Your Direction
When you connect third-party integrations, embed external content, or share a public event link, information may be disclosed according to your settings and the third party’s practices.
7.6 Aggregated or De-identified Data
We may share aggregated or de-identified information that does not reasonably identify an individual for analytics, research, or business purposes.
8. Public Pages and Messaging Apps
Event pages are often shared through WhatsApp, SMS, email, social media, QR codes, or printed materials. Anyone with the link may be able to view information the Host publishes, including names, photos, venue details, and schedules. RSVP forms may collect information that is visible only to the Host, but the existence of the event and some page content may still be visible depending on settings.
When you share a link through a messaging app or social network, that platform may collect its own usage data under its privacy policy. Wefeen does not control how WhatsApp, Meta, Google, Apple, or other platforms process information outside our Service.
Hosts are responsible for choosing appropriate privacy settings, password protection, guest-list visibility, and the amount of personal information published on public pages.
9. International Transfers
Wefeen is operated from India and may use service providers in India and other countries. If you access the Service from outside India, your information may be transferred to, stored in, and processed in countries that may not provide the same level of data protection as your home jurisdiction.
Where required by applicable law, we implement appropriate safeguards for cross-border transfers, such as standard contractual clauses approved by relevant authorities, intra-group agreements, or other lawful transfer mechanisms. You may contact us for more information about safeguards applicable to your region.
10. Data Retention
We retain personal information only as long as reasonably necessary for the purposes described in this Policy, unless a longer period is required or permitted by law.
- Active accounts and event pages: retained while the account or page remains active and for a reasonable period afterward to allow reactivation, export, or dispute resolution.
- Guest RSVP data: retained according to the Host’s account status and product settings until deleted by the Host or Wefeen in accordance with this Policy and our Terms.
- Billing and tax records: retained for the period required by applicable tax, accounting, and commercial laws, which may exceed account lifetime.
- Support communications: typically up to 24 months, unless needed longer for legal or security reasons.
- Security logs: retained for a limited period appropriate to incident investigation and compliance.
- Marketing preferences: retained until you opt out or request deletion, plus a minimal suppression record to honor your choice.
When information is deleted, residual copies may remain in encrypted backups for a limited period before being overwritten. We may also retain information as necessary to comply with legal obligations, resolve disputes, or enforce agreements.
Where available, Hosts may export or delete event data through account tools. Guests seeking deletion of RSVP data should contact the Host first; we will assist where appropriate.
11. Security and Breach Notification
We implement administrative, technical, and organizational measures designed to protect personal information, including:
- access controls and role-based permissions;
- encryption in transit using industry-standard protocols where supported;
- monitoring for suspicious activity and abuse;
- vendor review and contractual security obligations;
- internal policies limiting employee and contractor access on a need-to-know basis.
No online service can guarantee absolute security. You are responsible for maintaining the confidentiality of your account credentials and for using strong passwords. Hosts should limit dashboard access to trusted individuals.
If we become aware of a personal data breach that is likely to result in risk to your rights and freedoms, we will notify affected individuals and relevant authorities as required by applicable law, and we will take reasonable steps to mitigate harm.
12. Your Rights and Choices
Depending on your location and role (Host, Guest, or visitor), you may have some or all of the following rights:
- Access: request confirmation of whether we process your personal information and obtain a copy.
- Correction: request correction of inaccurate or incomplete information.
- Deletion: request deletion of personal information, subject to legal exceptions.
- Restriction: request that we limit certain processing in specific circumstances.
- Objection: object to processing based on legitimate interests or direct marketing.
- Portability: receive certain information in a structured, commonly used, machine-readable format where applicable.
- Withdraw consent: where processing is based on consent, withdraw it at any time.
- Complaint: lodge a complaint with a supervisory authority or regulator.
To submit a request relating to information controlled by Wefeen, email [email protected]. We may need to verify your identity before responding. We aim to respond within the timeframe required by applicable law. For Guest Data controlled by a Host, we may direct you to the Host or assist the Host in fulfilling the request.
You can opt out of marketing emails by using the unsubscribe link in the message or contacting us. Even if you opt out of marketing, we may still send transactional or service-related communications.
13. Region-Specific Disclosures
13.1 European Economic Area, United Kingdom, and Switzerland
If you are located in the EEA, UK, or Switzerland, Wefeen is the controller for platform processing described in this Policy unless we process Guest Data solely on a Host’s instructions. You may contact us at [email protected] to exercise your rights. You also have the right to lodge a complaint with your local data protection authority.
13.2 India
If you are located in India, our processing of digital personal data is conducted in accordance with applicable law, including the Digital Personal Data Protection Act, 2023 and rules notified thereunder, as amended from time to time. You may have rights to access information about personal data we process, request correction or erasure, withdraw consent where processing is consent-based, and register grievances as described in Section 21.
13.3 United States and California
We do not sell personal information for monetary consideration. We do not share personal information for cross-context behavioral advertising in exchange for money, as those terms are defined under California law, except as permitted after providing required choices.
California residents may have additional rights under the California Consumer Privacy Act, as amended by the CPRA, including the right to know categories of information collected, request deletion subject to exceptions, correct inaccurate information, and not receive discriminatory treatment for exercising privacy rights. Authorized agents may submit requests where permitted by law.
Other U.S. state privacy laws may provide similar rights. Contact us to exercise rights applicable in your state.
13.4 Other Jurisdictions
If local law grants you additional rights, you may contact us to exercise them. Nothing in this Policy limits rights that cannot be waived under applicable law.
14. Host Responsibilities
If you are a Host, you agree that you will:
- provide guests with clear notice about what information you collect and how you will use it;
- collect only information reasonably necessary for your event;
- obtain valid consent or another lawful basis before collecting Guest Data;
- honor guest rights requests for Guest Data you control;
- not use Wefeen to send unlawful spam or unrelated marketing;
- secure your account and limit access to RSVP exports and guest lists;
- comply with applicable privacy, electronic communications, and event-related laws in your country and your guests’ countries.
Failure to meet these obligations may result in suspension or termination of your account under our Terms.
15. Cookies and Similar Technologies
We and our partners use cookies, local storage, pixels, and similar technologies to:
- keep you signed in and remember preferences;
- maintain session security;
- measure traffic and feature usage;
- improve performance and diagnose errors; and
- support marketing analytics where permitted.
Types of cookies we may use:
- Strictly necessary: required for core site functions and security.
- Functional: remember choices such as language or display settings.
- Analytics: help us understand how the Service is used.
- Marketing: used only where permitted and, where required, with consent.
You can control cookies through browser settings and, where we offer one, a cookie preference tool. Blocking certain cookies may affect functionality. We do not respond to all “Do Not Track” browser signals in a uniform way because industry standards are not yet settled.
16. Third-Party Services and Embeds
The Service may include links to third-party websites or embed content such as maps, fonts, music players, video platforms, payment widgets, and social sharing tools. Third parties may collect information directly from you under their own privacy policies. Wefeen does not control and is not responsible for third-party practices.
Examples of third-party services Hosts or the website may use include map providers, streaming or audio platforms, analytics services, payment processors, and font delivery networks. Review those providers’ policies before enabling integrations or submitting information through them.
17. Marketing Communications
We may send you emails or messages about Wefeen features, offers, templates, or updates if you opt in or if permitted by law based on your relationship with us. You can opt out at any time. We may still send non-promotional messages about your account, security, billing, or support.
Hosts are solely responsible for promotional messages they send to their guests outside the Wefeen platform.
18. Automated Processing
We may use automated systems to detect spam, fraud, malware, or Terms violations. These systems may flag content or accounts for human review. We do not use RSVP data to make solely automated decisions about employment, credit, insurance, or similar high-impact matters.
19. Children
The Service is not directed to children under 16, and we do not knowingly collect personal information from children under 16 for account registration without appropriate consent. Guests of any age may appear in event content uploaded by Hosts, who are responsible for obtaining necessary permissions from parents or guardians.
If you believe we have collected personal information from a child in violation of this Policy, contact us at [email protected] and we will take appropriate steps to review and delete the information where required.
20. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in law, technology, or our practices. When we make material changes, we will update the “Last updated” date and, where required by law, provide additional notice such as email or a prominent notice on the Service. Continued use after the effective date of an updated Policy constitutes acknowledgment unless applicable law requires a different process.
We encourage you to review this page periodically. Prior versions may be available on request where required by law.
21. Contact and Grievance
For privacy questions, data subject requests, or complaints, contact:
- Entity: Wefeen
- Privacy contact: [email protected]
- Grievance contact (India): [email protected]
- Website: https://wefeen.com
If you are located in India and have concerns about our processing of digital personal data, you may contact our grievance contact above. We will acknowledge and endeavor to resolve grievances in accordance with applicable law and within reasonable timelines.
If you are not satisfied with our response, you may have the right to escalate your complaint to the relevant data protection board or supervisory authority in your jurisdiction, where applicable law provides that right.