Privacy Policy

1. Introduction

Welcome to Minglr. We respect your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, and share your information when you use our event invitation and RSVP management service.

By using Minglr, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with our policies, please do not use our service.

2. Information We Collect

2.1 Information You Provide

When you create an account or use Minglr, you may provide:

• Account Information: Name, email address, password, phone number, profile picture
• Event Information: Event name, description, date, time, location, address, images
• Guest Information: Names, email addresses, RSVP responses, plus-one details, children count
• Payment Information: If we introduce paid features, payment card details (processed securely by third-party providers)
• Communications: Messages, feedback, or support inquiries you send to us

2.2 Information We Collect Automatically

When you use Minglr, we automatically collect:

• Usage Data: Pages viewed, features used, time spent, click patterns
• Device Information: Device type, operating system, browser type and version, IP address
• Log Data: Server logs including IP addresses, access times, error messages
• Cookies and Tracking: Session cookies, authentication tokens, analytics cookies
• Location Data: Approximate location based on IP address (not precise GPS location)

2.3 Information from Third Parties

We may receive information from:

• OAuth Providers: When you sign in with Google, we receive your name, email, and profile picture
• Analytics Services: Aggregated usage data from analytics providers
• Public Sources: Publicly available information you've made available

3. How We Use Your Information

We use your information to:

3.1 Provide and Improve Services

• Create and manage your account
• Enable you to create and manage events
• Process and track RSVPs
• Store and display event images
• Send event-related notifications and reminders
• Improve our service features and user experience
• Develop new features and functionality

3.2 Communication

• Send transactional emails (account confirmation, password reset, RSVP notifications)
• Provide customer support and respond to your inquiries
• Send service updates, security alerts, and administrative messages
• Send marketing communications (with your consent, and you can opt-out anytime)

3.3 Security and Compliance

• Detect, prevent, and address fraud, abuse, and security issues
• Enforce our Terms of Service
• Comply with legal obligations and protect our legal rights
• Conduct investigations and audits

3.4 Analytics and Research

• Analyze usage patterns and trends
• Measure the effectiveness of our features
• Conduct research to improve our services
• Create aggregated, anonymized statistics

4. How We Share Your Information

We do not sell your personal information. We may share your information in the following circumstances:

4.1 With Event Participants

When you create an event, the event information you provide (name, description, date, time, location, images) is visible to anyone with the event's share link. When someone RSVPs to your event, their information (name, RSVP details) is visible to you as the event host.

4.2 Service Providers

We share information with trusted third-party service providers who help us operate our service:

• Supabase: Database hosting, authentication, and file storage
• Vercel: Website hosting and content delivery
• Google: OAuth authentication, Maps API for location services
• Email Services: Transactional and notification emails
• Analytics Providers: Usage analytics and performance monitoring

These providers are contractually obligated to protect your data and use it only for the services they provide to us.

4.3 Legal Requirements

We may disclose your information if required to do so by law or in response to:

• Valid legal process (subpoenas, court orders, search warrants)
• Law enforcement or government requests
• Protection of our rights, property, or safety
• Protection of the rights, property, or safety of our users or the public

4.4 Business Transfers

If Minglr is involved in a merger, acquisition, sale of assets, or bankruptcy, your information may be transferred as part of that transaction. We will notify you of any such change and its implications for your data.

4.5 With Your Consent

We may share your information with third parties when you explicitly consent to such sharing.

5. Data Storage and Security

5.1 Data Storage

Your data is stored securely using Supabase (PostgreSQL database) and cloud storage services. Data is stored in secure data centers with industry-standard protections.

5.2 Security Measures

We implement technical and organizational security measures including:

• Encryption of data in transit (HTTPS/TLS)
• Encryption of sensitive data at rest
• Secure password hashing (bcrypt)
• Regular security audits and vulnerability assessments
• Access controls and authentication requirements
• Regular backups and disaster recovery procedures

5.3 Data Retention

We retain your information for as long as:

• Your account is active
• Needed to provide you with our services
• Required to comply with legal obligations
• Necessary to resolve disputes and enforce our agreements

When you delete your account, we will delete or anonymize your personal information within 90 days, except where we are required to retain it for legal purposes.

6. Your Privacy Rights

6.1 Access and Portability

You have the right to access your personal data and request a copy in a portable format. You can view and download most of your data through your account settings.

6.2 Correction and Updates

You can update your account information, event details, and preferences at any time through your account settings.

6.3 Deletion

You have the right to delete your account and personal data. You can do this through your account settings or by contacting us. Note that:

• Deleting your account will permanently delete your events and RSVPs
• Some information may be retained in backups for up to 90 days
• We may retain certain data for legal compliance or dispute resolution

6.4 Opt-Out of Marketing

You can opt out of marketing emails by clicking the "unsubscribe" link in any marketing email or updating your notification preferences. Note that you will still receive transactional emails related to your account and events.

6.5 Cookie Controls

You can control cookies through your browser settings. Note that disabling cookies may limit your ability to use certain features of our service.

6.6 Regional Rights

Depending on your location, you may have additional rights:

• GDPR (EU/EEA): Right to object to processing, restrict processing, data portability, lodge complaints with supervisory authorities
• CCPA (California): Right to know what personal information is collected, right to delete, right to opt-out of sale (we do not sell data)
• Other Jurisdictions: Rights as provided by applicable local laws

7. Cookies and Tracking Technologies

7.1 Types of Cookies

We use the following types of cookies:

• Essential Cookies: Required for authentication and core functionality
• Preference Cookies: Remember your settings and preferences
• Analytics Cookies: Help us understand how you use our service
• Marketing Cookies: Used to deliver relevant advertisements (with consent)

7.2 Third-Party Tracking

We may use third-party analytics services (such as Google Analytics) that use cookies to collect information about your use of our service. These third parties have their own privacy policies.

8. Children's Privacy

Minglr is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us, and we will delete such information.

Users between 13 and 18 should have parental or guardian permission before using Minglr.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that differ from the laws of your country.

When we transfer personal data internationally, we ensure appropriate safeguards are in place, such as standard contractual clauses approved by regulatory authorities.

10. Third-Party Links

Our service may contain links to third-party websites or services (such as registry links you add to events). We are not responsible for the privacy practices of these third parties. We encourage you to read the privacy policies of any third-party sites you visit.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by:

• Posting the updated policy on our website
• Updating the "Last updated" date
• Sending you an email notification (for significant changes)

Your continued use of Minglr after such changes constitutes your acceptance of the updated Privacy Policy.

12. Data Controller Information

Minglr is the data controller responsible for your personal information. For GDPR purposes, we are the entity that determines the purposes and means of processing your personal data.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:

We will respond to your inquiry within 30 days. For GDPR or CCPA requests, we will respond within the timeframes required by applicable law.