← Ellie

Privacy Policy

Last updated [effective date]

This Privacy Policy explains how [Company Name](“we”, “us”) collects, uses, and shares information when you use Ellie, an AI-assisted wedding-planning service (the “Service”). By using the Service, you agree to this Policy.

Information we collect

Information you provide

  • Account information — your email address and authentication details (handled by our authentication provider).
  • Wedding details— the couple’s names, wedding date, location, guest count, budget, style preferences, and any notes you enter.
  • Files — documents or images you upload.
  • Vendor information — contact details and notes for vendors you add, and the content of messages you approve for us to send.

Information collected automatically

  • Vendor sourcing data — publicly available vendor listings we retrieve to suggest matches.
  • Communications — emails sent on your behalf and replies received from vendors.
  • Technical data — log, device, and error data used to operate and secure the Service.

How we use information

  • To provide the Service: source vendors, draft outreach, and — with your approval — send and manage communications on your behalf.
  • To generate draft messages and suggestions using AI (see below).
  • To operate, secure, debug, and improve the Service.
  • To communicate with you about your account.

AI processing

We use a third-party AI provider (currently Anthropic) to draft outreach emails and suggest matches. Relevant details — such as your wedding brief and vendor context — are sent to the provider to generate these drafts. Drafts are shown to you for approval before anything is sent, and your information is not used to train third-party models.

Email sent on your behalf

A core function of the Service is contacting vendors on your behalf. With your approval, we send emails that identify you as the couple and route replies back into your account. Every message includes an unsubscribe link; vendors who unsubscribe are suppressed from future sends.

How we share information

We do not sell your personal information. We share it with service providers who process it on our behalf, including:

  • Supabase — database and authentication.
  • Cloudflare R2 — file storage.
  • Anthropic — AI draft generation.
  • Resend — outbound email delivery.
  • Postmark — inbound email processing.
  • Sentry — error monitoring.
  • Our hosting providers.

We may also disclose information to comply with the law, to protect our rights, or in connection with a business transfer.

Data retention

We keep your information while your account is active and as needed to provide the Service, then delete or anonymize it within a reasonable period, except where we must retain it to meet legal obligations.

Your rights

Depending on where you live, you may have the right to access, correct, delete, export, or restrict the use of your personal information, and to withdraw consent. To exercise these rights, email us at [privacy@yourdomain.com]. You can delete your account at any time.

Security

We use industry-standard safeguards — encryption in transit, access controls, and row-level security on user data — to protect your information. No method of transmission or storage is completely secure.

International transfers

Your information may be processed in countries other than where you live, including the United States. We rely on appropriate safeguards for such transfers.

Children

The Service is not directed to anyone under 18, and we do not knowingly collect information from them.

Changes

We may update this Policy from time to time. Material changes will be posted here with an updated date.

Contact

Questions? Email [privacy@yourdomain.com]. The Service is operated by [Company Name] and governed by the laws of British Columbia, Canada.