Privacy Policy

Charlotte (the “Service”) is a wedding planning tool operated by Ben Stefanik (“Ben”, “I”, “me”). This Privacy Policy explains what information I collect, how I use it, and the choices you have. By using the Service, you agree to this Policy.

1. Information I collect

• Account information. Your email address and a hashed password, or a Google account identifier if you sign in with Google.
• Profile and planning data. Information you add to the Service, including your name, wedding details, vendors, tasks, timelines, budgets, questionnaires, documents, and uploaded files.
• Guest and collaborator data. Names, emails, RSVPs, and other details about people you add as clients, guests, collaborators, or vendors. You are responsible for having a lawful basis to share that information with the Service.
• Payment information. If you pay or accept payments, this is processed by Stripe. I do not see or store full card numbers; I only receive metadata (e.g. amount, status, last 4 digits).
• Communications. Emails sent through the Service (e.g. document delivery, notifications) are processed by Resend. Bug reports you submit are processed by Web3Forms.
• Usage data. Pages visited, device/browser info, IP address, and similar analytics, collected via Google Analytics.
• Cookies. Used for sign-in sessions and analytics.

2. How I use information

• To operate, maintain, and improve the Service.
• To authenticate you and keep your account secure.
• To process payments through Stripe.
• To send transactional emails (e.g. confirmations, documents).
• To debug issues and prevent abuse.
• To comply with legal obligations.

3. Sub-processors I use

The Service relies on the following third parties, each with their own privacy practices:

• Supabase — database, authentication, file storage.
• Stripe — payment processing.
• Resend — transactional email delivery.
• Google — OAuth sign-in and Analytics.
• Web3Forms — bug report intake.
• Hosting provider (e.g. Plesk) — serving the application.

4. Sharing

I do not sell your personal information. I share data only with the sub-processors above to operate the Service, with people you choose to collaborate with inside the Service, or when required by law.

5. Retention

I keep your data while your account is active. You can request deletion at any time by emailing benstefanik05@gmail.com. Some records (e.g. payment receipts) may be retained as required by law.

6. Your rights

Depending on where you live (e.g. EU/UK under GDPR, California under CCPA/CPRA), you may have the right to access, correct, delete, export, or restrict the processing of your personal information, and to withdraw consent. To exercise these rights, email benstefanik05@gmail.com.

7. International transfers

The Service is operated from the United States. If you access it from outside the U.S., your information will be transferred to and processed in the U.S.

8. Children

The Service is not intended for anyone under 16. Do not use the Service or provide information about children.

9. Security

I use commercially reasonable measures (encryption in transit, hashed passwords, access controls) to protect your data. No system is 100% secure; you use the Service at your own risk.

10. Changes

I may update this Policy. Material changes will be communicated by updating the “Effective date” above and, where appropriate, by email or in-app notice.

11. Contact

Questions? Email benstefanik05@gmail.com.