Legal
Privacy Policy
Last updated: July 2026. This is a starting template and not legal advice. Replace the bracketed details and have it reviewed before launch.
Who we are
This service (“the digital guestbook”, “we”) is operated by [Provider name], [address], contactable at [email]. We are the data controller for the personal data described here.
What we collect
- Account data for event owners: name, email address, and a hashed password.
- Event content: photos, written messages, and signatures that guests submit, along with an optional guest name.
- Technical data: limited request metadata (such as IP address and timestamp) used for security, abuse prevention, and rate limiting.
How we use it
We use this data only to provide the service: to run your event, display and collect contributions, build your memory book, and keep the service secure. We do not sell personal data and we do not use it for advertising.
Guest contributions and consent
Guests are shown a short notice before contributing and choose what to submit. Event owners are responsible for having an appropriate basis to collect and keep their guests' contributions.
Where data and photos are stored
Account data, written messages, and signatures are stored on infrastructure located in the European Union ([hosting / object storage provider and region]).
Photos are handled in two parts. When a guest adds a photo, we generate and keep two smaller copies on our EU object storage: a thumbnail (around 400 px) and a display-sized version (around 1600 px). These power the contribution wall and the memory book. They are kept on private storage and shown only through short-lived signed links, so they are not publicly browsable. The full-resolution original is uploaded to the event owner's own Google Drive. If Drive is not connected, or an upload does not succeed, the original is held on our storage for a limited period (about 60 days) and then automatically deleted, while the two smaller copies remain so the book keeps working.
For Google Drive we request only the limited drive.file permission,
which lets us add files to (and later remove them from) the single per-event folder
we create. We cannot see or access any of your other Drive files.
Retention and deletion
Owners can delete any contribution or an entire event at any time, which removes the associated media. Closing your account removes your personal data, subject to any legal retention obligations.
Your rights
Under the GDPR you may request access, correction, deletion, restriction, or portability of your personal data, and you may object to certain processing. Contact [email] to exercise these rights. You may also lodge a complaint with your local supervisory authority.
Cookies
We use only essential cookies needed to sign in and keep the application working. We do not use third-party advertising or analytics trackers by default.
Contact
Questions about this policy: [email].