Skip to main content
Invyt
Back to Home

Privacy Policy

Last updated: December 31, 2024 | Effective: December 31, 2024

1. Introduction

Invyt ("Company," "we," "us," or "our") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our event invitation platform ("Service").

By using the Service, you consent to the data practices described in this policy. If you do not agree with this policy, please do not use the Service.

2. Information We Collect

2.1 Information You Provide

We collect information you voluntarily provide, including:

  • Account Information: Name, email address when you sign in via Google OAuth
  • Event Information: Event details you create (title, date, time, location, description)
  • Response Information: RSVP responses, guest names, dietary requirements, and messages
  • Payment Information: Processed securely by Stripe; we do not store credit card numbers

2.2 Information Collected Automatically

When you use the Service, we may automatically collect:

  • Device Information: Browser type, operating system, device identifiers
  • Usage Data: Pages visited, features used, time spent on the Service
  • Log Data: IP addresses, access times, referring URLs
  • Cookies: Small data files stored on your device (see Section 5)

2.3 Information from Third Parties

We may receive information from:

  • Google OAuth: Basic profile information (name, email, profile picture) when you sign in
  • Payment Processors: Transaction status and confirmation from Stripe

3. How We Use Your Information

We use collected information to:

  • Provide, maintain, and improve the Service
  • Process transactions and send related information
  • Send event-related communications (invitations, responses, reminders)
  • Respond to your inquiries and provide customer support
  • Monitor and analyze usage patterns and trends
  • Detect, prevent, and address technical issues or fraud
  • Comply with legal obligations

We do not sell your personal information to third parties.

4. Information Sharing and Disclosure

We may share your information in the following circumstances:

4.1 Event Participants

When you create an event, event details are shared via the invitation link. When you respond to an event, your response is visible to the event host.

4.2 Service Providers

We use third-party services to operate the Service:

  • Stripe: Payment processing
  • Vercel: Hosting and infrastructure
  • Turso: Database services
  • Google: Authentication services

These providers have access to your information only to perform services on our behalf and are obligated to protect your data.

4.3 Legal Requirements

We may disclose information if required by law or in response to:

  • Court orders, subpoenas, or legal process
  • Requests from government authorities
  • Protection of our rights, property, or safety
  • Investigation of suspected fraud or illegal activity

4.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.

5. Cookies and Tracking Technologies

We use cookies and similar technologies to:

  • Keep you signed in to your account
  • Remember your preferences
  • Analyze how the Service is used
  • Provide personalized features

5.1 Types of Cookies

  • Essential Cookies: Required for the Service to function (authentication, security)
  • Functional Cookies: Remember your choices and preferences
  • Analytics Cookies: Help us understand how you use the Service

5.2 Managing Cookies

Most browsers allow you to control cookies through settings. Note that disabling cookies may affect the functionality of the Service.

6. Data Retention

We retain your information for as long as necessary to provide the Service and fulfill the purposes described in this policy. Specifically:

  • Account Data: Retained while your account is active
  • Event Data: Retained for a reasonable period after the event date
  • Transaction Records: Retained as required for legal and financial compliance
  • Log Data: Retained for security and analytics purposes

When data is no longer needed, we securely delete or anonymize it.

7. Data Security

We implement appropriate technical and organizational measures to protect your information, including:

  • HTTPS encryption for all data transmission
  • Secure authentication mechanisms
  • Regular security assessments
  • Access controls and data minimization

However, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security of your data.

8. Your Rights and Choices

Depending on your location, you may have the following rights:

8.1 Access and Portability

You can request a copy of your personal data that we hold.

8.2 Correction

You can request correction of inaccurate or incomplete data.

8.3 Deletion

You can request deletion of your personal data, subject to legal retention requirements.

8.4 Opt-Out

You can opt out of marketing communications at any time.

8.5 Withdraw Consent

Where processing is based on consent, you may withdraw consent at any time.

To exercise these rights, contact us at privacy@invyt.io. We will respond within a reasonable timeframe as required by applicable law.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your own. These countries may have different data protection laws. By using the Service, you consent to the transfer of your information to these countries.

We take steps to ensure that your data receives adequate protection in accordance with this Privacy Policy.

10. Children's Privacy

The Service is not intended for children under 18 years of age. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child, we will take steps to delete it promptly.

11. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights:

  • Right to Know: What personal information we collect and how it's used
  • Right to Delete: Request deletion of your personal information
  • Right to Non-Discrimination: Equal service regardless of exercising privacy rights
  • Right to Opt-Out: We do not sell personal information

To exercise these rights, contact us at privacy@invyt.io.

12. European Privacy Rights (GDPR)

If you are in the European Economic Area (EEA), you have rights under GDPR:

  • Right of access to your personal data
  • Right to rectification of inaccurate data
  • Right to erasure ("right to be forgotten")
  • Right to restrict processing
  • Right to data portability
  • Right to object to processing
  • Right to lodge a complaint with a supervisory authority

Our legal bases for processing include: performance of contract, legitimate interests, consent, and legal obligations.

13. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated revision date. Your continued use of the Service after changes constitutes acceptance of the updated policy.

For significant changes, we may provide additional notice such as a banner on the Service or email notification.

14. Contact Us

If you have questions about this Privacy Policy or our data practices, contact us at:

  • Email: privacy@invyt.io
  • Website: invyt.io

BY USING THE SERVICE, YOU ACKNOWLEDGE THAT YOU HAVE READ AND UNDERSTOOD THIS PRIVACY POLICY AND AGREE TO THE COLLECTION AND USE OF YOUR INFORMATION AS DESCRIBED HEREIN.

Terms of Service|Return to Home