PRIVACY POLICY
PRIVACY STATEMENT
Paperless Wedding respects your privacy. Your personal data is protected in the UK by the Data Protection Act 1998. Under the Data Protection Act, we have a legal duty to protect any information we collect from you. Any information that you give us is held with the utmost care and security. It will not be used in ways to which you have not consented. We do not and will not pass on your details to any third party or government department unless you give us permission to do so.
ABOUT THIS POLICY
Paperless Wedding is a digital wedding stationery service that lets engaged couples send invitations, save-the-dates and reminders to their own guest list. This policy explains what personal information we collect, why we collect it, who is responsible for it, and how to exercise your rights.
WHO IS RESPONSIBLE FOR YOUR DATA
Paperless Wedding is operated by Paperless Wedding Limited (a UK company, registered number 07816352, registered with the UK Information Commissioner’s Office under reference ZB157479). Paperless Wedding Limited is the data controller for the personal data of paying account-holders — the wedding couples who sign up to use the platform.
The platform is operated and maintained on behalf of Paperless Wedding Limited by Magma Software Engineering Limited (a UK company, registered number 13149230, ICO reference ZB266675). Magma Software Engineering Limited is the data processor — it handles personal data only on Paperless Wedding Limited’s documented instructions, and does not use it for its own purposes.
A different picture for guest data
When a couple adds their wedding guests to their workspace, the couple themselves are the controller of that guest data. They decide who is invited, what is sent, and when. Paperless Wedding Limited (and Magma Software Engineering Limited as the underlying processor) acts strictly on the couple’s instructions; we do not use guest data for any other purpose.
This is the standard arrangement that digital wedding-stationery and event-invitation platforms operate under. It means that as a guest, your relationship is primarily with the couple who invited you, not with Paperless Wedding — see Exercising your rights as a guest below.
SECTION 1 – WHAT DO WE DO WITH YOUR INFORMATION?
When you sign up to Paperless Wedding as a couple, we collect the personal information you give us — typically your names, email address, the details of your wedding (date, venue), and the payment information needed to process your subscription. When you use the site, we also automatically receive your device’s internet protocol (IP) address and basic browser information so we can serve the right content and identify abuse.
When you build a guest list, you provide us with information about your guests — typically names and email addresses, sometimes postal addresses or phone numbers, and any per-guest notes you choose to add (dietary requirements, RSVPs, plus-one preferences). This guest information is held on your behalf — see About this policy above for what that means.
We do not send marketing emails. All email we send falls into one of two categories: service emails to you as the account-holder(payment receipts, password resets, trial-expiry reminders, digests of activity on your own workspace) and event-driven emails to your guests sent on your instruction (invitations, save-the-dates, reminders). Both are described in more detail in Guest data and email sends below.
SECTION 2 – CONSENT
How we collect and use your information
When you sign up and pay for an account, we collect and use your personal information to provide the service you’ve signed up for — running your wedding workspace, processing your payment, sending you service emails, and delivering the guest-facing sends you trigger. We do not need separate consent for these uses: they are necessary to perform the contract you entered into when you signed up.
When you add guests to your workspace, we collect and use their information only to deliver the sends you instruct (invitation, save-the-date, reminder) and to show you the activity that comes back (RSVP, gallery upload, guestbook entry). We do not use guest data for anything else.
We do not send marketing email
Should this ever change in future, marketing sends will be gated behind a separate, clearly-labelled opt-in (not bundled with this privacy policy), will be clearly distinguishable from service emails, and will carry a one-click unsubscribe option as required by law.
Withdrawing consent / closing your account
You can stop using the service at any time. Contact us using the details in Questions and contact information below to request closure of your account and deletion of your data.
SECTION 3 – ONLINE SHOPPING
Your data is stored through our website’s data storage, databases and the general website application. We store your data on a secure server behind a firewall. Payment: If you choose a direct payment gateway to complete your purchase, then our website stores your credit card data. Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.
SECTION 4 – THIRD-PARTY SERVICES
In general, the third-party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us. However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions. For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers.
SECTION 5 – SECURITY
To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed. If you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL). Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all requirements and implement additional generally accepted industry standards.
COOKIES
This site uses cookies – small text files that are placed on your machine to help the site provide a better user experience. In general, cookies are used to retain user preferences, store information for things like shopping carts, and provide anonymised tracking data to third party applications like Google Analytics. As a rule, cookies will make your browsing experience better. However, you may prefer to disable cookies on this site and others. The most effective way to do this is to disable cookies in your browser. We suggest consulting the Help section of your browser or taking a look at the About Cookies website which offers guidance for all modern browsers. Here is a list of cookies that we use. We’ve listed them here so you can choose if you want to opt-out of cookies or not.
| COOKIE | TYPE | DURATION | DESCRIPTION |
|---|---|---|---|
| PHPSESSID | This cookie does not identify you personally and is not linked to any other information we store about you. | A session cookie, deleted when you close your web browser. | As you browse |
| viewed_cookie_policy | This cookie lasts for 365 days to save you repeating the acceptance each time you visit. | Used by the CookieLaw plugin to remember whether you have already accepted our cookie policy. This keeps us in line with The Privacy and Electronic Communications (EC Directive) (Amendment) Regulations 2011 otherwise known as the “cookie law”. | |
| wordpress_logged_in_xxxxx | Your login details are stored in an encrypted form. | A session cookie, deleted when you close your web browser. | WordPress uses this cookie to indicate when you’re logged in, and who you are, for most interface use. |
| wordpress_test_cookie | Stores the text ‘WP Cookie check’ | A session cookie, deleted when you close your web browser. | WordPress sets this cookie when you navigate to the login page. The cookie is used to check whether your web browser is set to allow, or reject cookies. |
| wordpress_xxxxx | Your login authentication details in an encrypted form. | A session cookie, deleted when you close your web browser. | WordPress uses these cookies to store your authentication details, and their use is limited to the admin console area. |
| wp-settings- |
Data is stored as text indicating your preferred settings. | WordPress uses this cookie to customise your view of admin interface, and possibly also the main site interface. | |
| __utma | Google Analytics Cookie | 2 years from set/update | Used to distinguish users and sessions. The cookie is created when the javascript library executes and no existing __utma cookies |
| __utmt | Google Analytics Cookie. | 10 minutes | Used to throttle request rate. |
| __utmb | Google Analytics Cookie | 30 mins from set/update | Used to determine new sessions/visits. The cookie is created when the javascript library executes and no existing __utmb cookies |
| __utmc | Google Analytics Cookie | End of browser session | Not used in ga.js. Set for interoperability with urchin.js. Historically, this cookie operated in conjunction with the __utmb cookie to determine whether the user was in a new session/visit |
| __utmv | Google Analytics Cookie | 2 years from set/update | Used to store visitor-level custom variable data. This cookie is created when a developer uses the_setCustomVarmethod with a visitor level custom variable. This cookie was also used for the deprecated _setVar method. The cookie is updated every time data is sent to Google Analytics. |
| __utmz | Google Analytics Cookie | 6 months from set/update | Stores the traffic source or campaign that explains how the user reached your site. The cookie is created when the javascript library executes and is updated every time data is sent to Google Analytics. |
Most web browsers allow some control of most cookies through the browser settings. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.allaboutcookies.org.
To opt out of being tracked by Google Analytics across all websites visit http://tools.google.com/dlpage/gaoptout.
Guest data and email sends
We send email in two distinct ways, both transactional:
Emails to you as the account-holder (the couple)
These include payment receipts, password resets, trial-expiry reminders, and the digests of activity on your own workspace (RSVPs, gallery uploads, guestbook entries) at the frequency you’ve chosen. They are essential to providing the service you’ve paid for and are not used for any marketing purpose.
Emails to your guests, sent on your instruction
When you trigger an invitation, save-the-date or reminder to a specific named guest on your own curated guest list, the platform sends that email on your behalf.
Every guest-facing email:
- Is sent to a single named guest you have a pre-existing personal relationship with — there is no broadcast, no contact-list rental, no third-party send.
- Carries an unsubscribe link so a guest can decline further sends from your workspace.
- Is event-bounded and time-bounded — your access to send to your guest list runs for the duration of your paid access window (typically up to 18 months). At the end of that window the workspace is archived and no further sends can be made.
- Is never used by Paperless Wedding Limited or Magma Software Engineering Limited for any marketing purpose. Your guest list is held strictly on your behalf; we do not surface it to other tenants, retain it for marketing, or send anything you did not specifically trigger.
Exercising your rights as a guest
If you’ve received an invitation, save-the-date or reminder through Paperless Wedding, you have rights over your personal data. How those rights work depends on what you need:
- To stop receiving further sends from that couple’s workspace, use the unsubscribe link on the email you received. This is immediate.
- To access, correct or delete your personal data, contact us using the details in Questions and contact information below. Because the couple is the controller of their own guest list, we will route your request to them — they are responsible for the substantive response, and we (as processor) will assist them in fulfilling it. We will acknowledge your request and keep you informed of progress.
SECTION 6 – CHANGES TO THIS PRIVACY POLICY
We reserve the right to modify this privacy policy at any time, so please review it frequently. Changes and clarifications will take effect immediately upon their posting on the website. If we make material changes to this policy, we will notify you here that it has been updated, so that you are aware of what information we collect, how we use it, and under what circumstances, if any, we use and/or disclose it. If our site is acquired or merged with another company, your information may be transferred to the new owners so that we may continue to sell products to you.
QUESTIONS AND CONTACT INFORMATION
If you have a question about this policy or want to exercise any of your rights under UK data protection law (access, rectification, erasure, restriction, objection, portability), contact us at info@paperlesswedding.co.uk.
If you are a wedding guest, see Exercising your rights as a guest above.
You also have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO) at ico.org.uk.
COPYRIGHT 2017 PAPERLESS WEDDING | WEBSITE DESIGN BY ANON DESIGN STUDIO | PRIVACY POLICY | TERMS | FAQS