Privacy Policy

Personal Information

We collect information you provide directly to us, including:

• Account Information: Name, email address, phone number, password
• Profile Information: Profile picture, bio, preferences
• Event Information: Event details, guest lists, invitation content
• Payment Information: Billing address, payment method details (processed securely)
• Communication Data: Messages, support requests, feedback

Automatically Collected Information

When you use Shutterly, we automatically collect certain information:

• Usage Data: Features used, time spent, click patterns
• Device Information: Browser type, operating system, device identifiers
• Log Data: IP address, access times, pages viewed
• Location Data: General location based on IP address (with consent)

Information from Third Parties

We may receive information from:

• Social media platforms when you connect your accounts
• Payment processors for transaction verification
• Analytics services to improve our platform
• Security services to prevent fraud and abuse

Service Provision

We use your information to:

• Create and manage your account
• Process and deliver your invitations
• Enable event planning and guest management features
• Process payments and subscriptions
• Provide customer support

Service Improvement

Your data helps us:

• Analyze usage patterns to improve user experience
• Develop new features and functionality
• Optimize platform performance and reliability
• Conduct research and analytics

Communication

We may contact you for:

• Service announcements and updates
• Security alerts and important notices
• Marketing communications (with your consent)
• Surveys and feedback requests

Legal and Safety

We process data to:

• Comply with legal obligations
• Prevent fraud and abuse
• Protect user safety and security
• Enforce our terms of service

Service Providers

We share information with trusted third-party service providers who help us operate Shutterly:

• Cloud Hosting: Secure data storage and platform hosting
• Payment Processing: Secure payment and billing services
• Email Services: Invitation delivery and communication
• Analytics: Usage analysis and performance monitoring
• Security: Fraud prevention and security monitoring

Legal Requirements

We may disclose your information when required by law or to:

• Comply with legal processes, court orders, or government requests
• Protect our rights, property, or safety
• Protect the rights, property, or safety of our users
• Investigate potential violations of our terms

Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change in ownership.

With Your Consent

We may share your information with third parties when you explicitly consent to such sharing, such as when integrating with social media platforms.

Security Measures

We implement comprehensive security measures to protect your data:

• Encryption: Data encrypted in transit and at rest using industry standards
• Access Controls: Strict access controls and authentication requirements
• Regular Audits: Security assessments and vulnerability testing
• Secure Infrastructure: Trusted cloud providers with security certifications
• Employee Training: Regular security training for all team members

Data Protection Practices

• Regular security updates and patches
• Network security and firewall protection
• Intrusion detection and monitoring systems
• Secure backup and disaster recovery procedures
• Privacy by design principles in development

Incident Response

In the unlikely event of a data breach, we have procedures in place to:

• Quickly identify and contain the incident
• Assess the impact and notify affected users
• Work with authorities as required by law
• Implement additional safeguards to prevent future incidents

Data Access and Control

You have the right to:

• Access: Request a copy of your personal data
• Correction: Update or correct inaccurate information
• Deletion: Request deletion of your personal data
• Portability: Export your data in a machine-readable format
• Restriction: Limit how we process your data
• Objection: Object to certain types of data processing

Account Management

Through your account settings, you can:

• Update your profile information and preferences
• Control privacy settings for your events and invitations
• Manage communication preferences and notifications
• Download your data or delete your account

Marketing Communications

You can:

• Opt out of marketing emails using the unsubscribe link
• Update your communication preferences in account settings
• Choose which types of notifications you receive

Cookie Controls

You can control cookies through:

• Browser settings to block or delete cookies
• Our cookie preference center
• Opting out of analytics and advertising cookies

Types of Cookies We Use

Third-Party Tracking

We may use third-party services that use tracking technologies:

• Google Analytics: Website usage analysis
• Social Media Plugins: Social sharing functionality
• Payment Processors: Secure payment processing
• Customer Support: Live chat and help desk services

Your Cookie Choices

You can control cookies by:

• Adjusting your browser settings to block or delete cookies
• Using our cookie preference center to manage consent
• Opting out of specific tracking services
• Using private/incognito browsing mode

Retention Periods

We retain your data for different periods based on the type of information:

• Account Data: Until you delete your account or request removal
• Event Data: 3 years after event date or account deletion
• Payment Data: 7 years for tax and legal compliance
• Support Data: 2 years after the last interaction
• Usage Analytics: 2 years in anonymized form
• Marketing Data: Until you opt out or 3 years of inactivity

Automatic Deletion

We automatically delete:

• Inactive accounts after 5 years of no activity
• Expired invitation links and temporary data
• Log files older than 1 year
• Backup data according to our retention schedule

Account Deletion

When you delete your account:

• Personal information is deleted within 30 days
• Some data may be retained for legal compliance
• Anonymized usage data may be retained for analytics
• You'll receive confirmation when deletion is complete

Global Service

Shutterly operates globally, and your information may be transferred to and processed in countries other than your own, including the United States and other countries where we or our service providers operate.

Transfer Safeguards

When we transfer your data internationally, we ensure adequate protection through:

• Adequacy Decisions: Transfers to countries with adequate data protection
• Standard Contractual Clauses: EU-approved data transfer agreements
• Certification Programs: Privacy Shield and similar frameworks
• Binding Corporate Rules: Internal data protection policies

Your Rights for International Transfers

You have the right to:

• Request information about data transfer safeguards
• Object to transfers in certain circumstances
• Request a copy of transfer agreements

Age Restrictions

Shutterly is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13 without parental consent.

Parental Controls

If you are a parent or guardian and believe your child has provided personal information:

• Contact us immediately at privacy@Shutterly.com
• We will delete the information as soon as possible
• We will not use the information for any purpose

Teen Privacy (13-17)

For users aged 13-17:

• We recommend parental involvement in account creation
• Enhanced privacy settings are available
• Limited data collection and sharing
• Parents can request account deletion

Policy Updates

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or for other operational reasons.

Notification of Changes

When we make significant changes, we will:

• Update the "Last Modified" date at the top of this policy
• Notify you via email if you have an account with us
• Display a prominent notice on our website
• Provide in-app notifications for material changes

Your Continued Use

Your continued use of Shutterly after we make changes constitutes acceptance of the updated Privacy Policy. If you don't agree with changes, you can delete your account.

Previous Versions

We maintain archived versions of our Privacy Policy for reference. You can request previous versions by contacting our privacy team.

Privacy Contact Information

For privacy-related questions, requests, or concerns, contact us:

Filing a Complaint

If you have a privacy complaint:

1. Contact us first - we aim to resolve issues quickly
2. If unsatisfied, you can file a complaint with your local data protection authority
3. EU residents can contact their national supervisory authority
4. US residents can contact the FTC or relevant state attorney general

Response Time

We are committed to responding to privacy inquiries:

• Acknowledgment: Within 2 business days
• Resolution: Within 30 days for most requests
• Complex Requests: May take up to 60 days with explanation
• Urgent Issues: Immediate response for security concerns