Invitarium

Privacy Policy

Effective date: June 2, 2026  ·  Last updated: June 2, 2026

1. Introduction

This Privacy Policy describes how Invitarium, LLC ("Invitarium", "we", "us", or "our") collects, uses, and shares information about you when you use our website at invitarium.io, the Invitarium application at app.invitarium.io, guest pages we publish for our users at *.invitarium.site or other custom domains, and any related services (collectively, the "Service").

By using the Service you agree to the practices described in this policy. If you do not agree, please do not use the Service.

Capitalised terms not defined here have the meanings given in our Terms of Service.

2. Who we are

Invitarium, LLC is a limited liability company registered in the State of Delaware, United States. We operate the Service as a global software-as-a-service platform that lets designers create invitation and event templates and lets their customers personalise and publish those templates.

For all questions about this policy or your personal data, contact us at support@invitarium.io.

3. Information we collect

We collect information in three ways.

3.1 Information you provide directly

  • Account information. When you create an account we collect your email address and, optionally, your name and a profile avatar. If you sign in with Google we receive your name, email address, Google account ID, and avatar URL from Google.
  • Authentication codes. When you sign in with email we generate and verify one-time codes sent to your inbox. We store a hashed version of each code until it is used or expires.
  • Project content. Anything you create or upload to the Service: invitation designs, canvas elements, text, images, audio, fonts, colour palettes, project settings, link previews, domains you claim, and the configuration of any widgets (RSVP forms, maps, countdowns, buttons, QR codes, etc.).
  • Client accounts (Pro tier). If you are a Pro user, the client logins you create (username and bcrypt-hashed password) and the folders you assign to them.
  • Support communications. Messages you send through the in-app Report-an-issue form or by email to support@invitarium.io, including the description, the page you were on, and your browser user agent.
  • Payment information. When you subscribe or make a one-time payment, our payment processor (Stripe) collects your payment details directly. We receive only a token identifier, your subscription status, billing email, last four digits and brand of the card, and the country associated with the payment method. We do not store full card numbers.

3.2 Information collected automatically

  • Usage data. Pages you view inside the app, actions you take in the editor, timestamps, and approximate session duration. We use this to improve performance and identify bugs.
  • Device and connection data. IP address, browser user agent, operating system, language, screen size, and time zone. We use IP address to apply rate limits, detect abuse, and keep your session secure.
  • Cookies and similar technologies. See section 6 and our Cookie Policy for details.

3.3 Information collected on behalf of our users

Designers and their customers use Invitarium to publish event pages that include RSVP forms, contact buttons, and similar interactive widgets. When a guest interacts with one of those pages, we collect the data the guest submits (name, email, response answers, attending status, message text, and similar fields the designer added to the form). We process that data on behalf of the user who published the page and store it so that user can read, export, and respond to it.

The user who publishes the page is the controller of the guest data collected through it. If you are a guest and want your data removed, please contact the person who sent you the invitation, or write to us at support@invitarium.io and we will help you reach them.

Designer-entered notes on refund actions. When a Designer revokes a Customer’s access to a shared folder copy (see the Terms of Service, section 8), the Designer can optionally attach a free-text note that is saved to the refund audit log. The Customer does not see this note. The Designer is responsible for the content of any note they enter, and must not include personal data about the Customer or third parties in a refund note unless it is strictly necessary for the Designer’s own legal or accounting records. We retain the note alongside the related folder and delete it together with the folder when the thirty (30) day window lapses (see section 7).

3.4 Notice at Collection (California)

For users in California, the table below summarises the categories of personal information we collect, the sources from which we collect them, the business purposes for which we use them, and the categories of third parties with which we share them. The categories follow the definitions in California Civil Code § 1798.140.

CategorySourcesBusiness purposeShared with
Identifiers (name, email, account ID, IP, device ID)You; Google (if you sign in with Google)Provide and secure the Service, authenticate sign-in, prevent abuseStripe, Google, Cloudflare, Hostinger, error and analytics providers
Commercial information (subscriptions, billing history, metered usage, one-time purchases)You; StripeProcess payments, manage subscriptions, issue receipts, comply with tax and accounting obligationsStripe
Internet or network activity (pages viewed, actions in the editor, browser and OS metadata)Automatically from your browserOperate and improve the Service, debug issues, generate aggregate analyticsError and analytics providers (when enabled)
Geolocation (approximate, derived from IP)Automatically from your browserApply rate limits, detect abuse, route trafficCloudflare, Hostinger
Professional information (for Pro users only: client account usernames you create for the people you work with)YouProvide the client-account feature so your clients can sign in to their assigned folderNo third party
User-generated content (project designs, uploaded images, audio, RSVP submissions guests send to you)You and your guestsHost and render your projects, deliver the ServiceCloudflare (object storage), Hostinger (hosting)

We do not collect or process sensitive personal information as defined in California Civil Code § 1798.140(ae), and we do not sell or share personal information for cross-context behavioural advertising.

4. How we use information

We use the information described above to:

  • provide, operate, and improve the Service;
  • authenticate you, keep your account secure, and prevent fraud or abuse (account takeover detection, rate limits, lockouts);
  • host and render your projects, including the published guest pages your customers see;
  • process payments, manage subscriptions, meter folder-copy usage, issue receipts, and recover failed payments;
  • send transactional emails such as login codes, welcome messages, billing receipts, subscription changes, payment failure notices, help-edit notifications, refund notices when a Designer revokes a Customer’s access to a shared folder copy, and one-time publish reminders;
  • respond to your support requests and to feedback you send through the Report-an-issue form;
  • generate aggregated, non-identifying analytics to understand how the Service is used and to plan new features;
  • comply with legal obligations, enforce our Terms of Service, and protect the rights, property, and safety of our users and others;
  • when you give us permission, send service announcements or product updates by email. You can opt out at any time.

Legal bases (for users in the European Economic Area and the United Kingdom). We rely on the following bases under the General Data Protection Regulation (GDPR): (a) performance of a contract with you, where processing is necessary to provide the Service you signed up for; (b) compliance with our legal obligations; (c) our legitimate interests in operating, securing, and improving the Service, balanced against your rights; and (d) your consent, where required.

No automated decision-making. We do not engage in automated decision-making, including profiling, that produces legal or similarly significant effects concerning you under Article 22 of the GDPR or analogous laws.

5. How we share information

We do not sell your personal information. We share data only as described below.

5.1 With service providers we rely on

We use third-party processors to run the Service. Each is bound by contract to handle data only on our instructions and to apply appropriate safeguards.

  • Stripe, Inc. processes subscription and one-time payments, stores payment methods, and sends billing receipts. Stripe collects payment details directly from you; see Stripe's privacy policy at stripe.com/privacy.
  • Google LLC authenticates Google sign-ins and powers the Map widget through Google Maps and Places APIs.
  • Cloudflare, Inc. provides CDN, DNS, and DDoS protection for *.invitarium.site and stores uploaded image assets in Cloudflare R2 object storage.
  • Hostinger International Ltd. hosts the application servers and the support inbox infrastructure during the early launch period. As we complete our virtual-private-server migration, application hosting will move to a dedicated VPS while email delivery may stay on Hostinger.
  • Analytics and error monitoring. We may add privacy-respecting analytics (such as Plausible or PostHog) and error monitoring (such as Sentry) before commercial launch. We will update this policy and the Cookie Policy when we do.

Changes to our sub-processors. Where we add a new sub-processor that handles your personal data, or replace an existing one with another that handles your personal data, we will update this section before the change takes effect for recurring data flows. Where the change has a material adverse effect on the protection of your personal data, we will use reasonable efforts to give you at least thirty (30) days' notice so you can review the change.

5.2 Between designers and their customers

The Service is built around designers sharing folders, templates, and edit access with their customers and clients. When you use a shared-folder link, when a designer grants you edit access to your copy, or when you assign a project to a client account, the relevant parts of your account and your project data become visible to the other side of that relationship. We log who shared what and when for audit and dispute resolution.

5.3 For legal reasons

We may disclose information if we believe in good faith that disclosure is required to comply with a law, regulation, legal process, or governmental request; to enforce our Terms of Service; to detect, prevent, or address fraud, security, or technical issues; or to protect the rights, property, or safety of Invitarium, our users, or the public.

5.4 In connection with a business transaction

If Invitarium is involved in a merger, acquisition, financing, or sale of assets, your information may be transferred as part of that transaction. We will notify you and give you a meaningful choice if your data would be transferred to an entity whose practices materially differ from this policy.

6. Cookies and tracking

We use a small number of cookies and similar technologies to keep you signed in, protect requests from cross-site forgery, and remember basic preferences. We do not use advertising cookies and we do not allow third-party advertisers to track you across our Service.

For a full breakdown of the cookies we set, see our Cookie Policy.

7. Data retention

We keep personal information only for as long as we need it for the purposes described in this policy or as required by law. The table below sets out the retention period (or the criteria we use to determine it) for each category of information we hold.

CategoryRetention period or criteria
Account information (email, name, avatar, plan)For as long as the account is active; deleted from active systems within thirty (30) days after the account is deleted.
Project content (designs, images, audio, RSVP submissions)For as long as the account is active; deleted from active systems within thirty (30) days after the account is deleted.
Login-code hashesUntil the code is used or expires (up to ten (10) minutes).
Client-account credentials (Pro tier only)Until the Pro user deletes the client account or downgrades out of Pro; then deleted from active systems within thirty (30) days.
Billing records and Stripe-related eventsSeven (7) years from the date of the transaction, to meet US tax and accounting obligations.
Security logs and rate-limit dataUp to twelve (12) months from the date of the event, then deleted or aggregated.
Support communications and feedbackUp to twenty-four (24) months from the date of the last message.
Template copies whose access has been revoked by the original Designer (refund flow)Deleted from active systems thirty (30) days after the Designer revokes access, unless the Designer restores access within that window. The published page goes offline immediately on revocation.
Refund and restore audit recordsRetained while the related folder exists; deleted together with the folder upon expiry of the thirty (30) day window. Restore actions append a new audit entry but do not erase prior entries.
Backups containing any of the abovePurged within ninety (90) days after the corresponding active-system deletion.

We may keep aggregated, non-identifying information for longer to run analytics and improve the Service. We may also keep limited records longer where retention is required by law or to establish, exercise, or defend legal claims.

8. Your rights and choices

8.1 Rights available to everyone

You have the following rights with respect to the personal data we hold about you. To exercise any of these rights, email support@invitarium.io from the address associated with your account. We will respond within thirty (30) days, or sooner where required by law. We may need to verify your identity before fulfilling a request and will use reasonable measures proportionate to the sensitivity of the data.

  • Access. Request a copy of the personal data we hold about you.
  • Correction. Update or correct inaccurate or incomplete data. Most account fields can be edited directly in Settings.
  • Deletion. Delete your account and the personal data associated with it. You can start this from Settings or by emailing us.
  • Export. Receive a portable copy of your account data and project content in a structured, machine-readable format.
  • Opt out of marketing. Unsubscribe from non-transactional emails using the link in the email or by updating your preferences. Transactional emails (login codes, billing receipts, security alerts) cannot be switched off while you have an active account because we need them to operate the Service.

8.2 California (CCPA and CPRA)

If you are a California resident, you have the right to know what personal information we collect, to request deletion, to correct inaccurate information, and to opt out of any "sale" or "sharing" of personal information as those terms are defined under California law. We do not sell or share your personal information in that sense and we do not use it for cross-context behavioural advertising. You also have the right to be free from discrimination for exercising any of these rights and to designate an authorised agent to act on your behalf. We will acknowledge a verifiable consumer request within ten (10) business days and respond substantively within forty-five (45) calendar days, with a possible extension of forty-five (45) additional days where reasonably necessary, as permitted by California law.

8.3 Other US states

Residents of Virginia (under the Virginia Consumer Data Protection Act), Colorado (Colorado Privacy Act), Connecticut (Connecticut Data Privacy Act), Utah (Utah Consumer Privacy Act), and other US states that have adopted comprehensive privacy laws (including, where in effect, Texas, Oregon, Montana, Florida, Iowa, Delaware, Tennessee, Indiana, New Jersey, and New Hampshire) have rights that overlap with those described above, including the right to access, correct, delete, and obtain a portable copy of their personal data, and to opt out of certain targeted advertising and profiling. Because our use of personal data does not include targeted advertising, the "sale" of personal data, or profiling that produces legal or similarly significant effects, those opt-out rights either do not apply to our processing or are honoured by default. To exercise any state-specific right, contact us at support@invitarium.io and identify the state in which you reside.

8.4 European Economic Area, United Kingdom, and Switzerland

If you are in the European Economic Area, the United Kingdom, or Switzerland, you have the following rights under the GDPR (or the UK GDPR or Swiss Federal Act on Data Protection, as applicable) in addition to the rights listed in section 8.1:

  • Object to processing based on our legitimate interests, and at any time and without giving reasons where the processing is for direct marketing;
  • Restrict processing in the circumstances set out in Article 18 of the GDPR (for example, while a request for correction is being assessed);
  • Withdraw consent at any time where processing is based on consent, without affecting the lawfulness of processing carried out before the withdrawal;
  • Receive your data in a portable format (Article 20 GDPR) and have it transmitted directly to another controller where technically feasible;
  • Lodge a complaint with the data-protection supervisory authority of your country, in addition to any other right you have to seek a remedy. Examples of supervisory authorities include the Information Commissioner's Office (ICO) in the United Kingdom (ico.org.uk), the Commission Nationale de l'Informatique et des Libertés (CNIL) in France (cnil.fr), the Bundesbeauftragte für den Datenschutz und die Informationsfreiheit (BfDI) in Germany (bfdi.bund.de), and the Agencia Española de Protección de Datos (AEPD) in Spain (aepd.es). The European Data Protection Board maintains a full list at edpb.europa.eu.

Data-protection contact. For any privacy or GDPR-related request, you can contact us at support@invitarium.io. We are a small team without a formal Data Protection Officer (we do not meet the criteria set out in Article 37 of the GDPR), so this email reaches the people responsible for handling your request directly.

9. International data transfers

Invitarium is based in the United States and our service providers operate globally. If you access the Service from outside the United States, your information will be transferred to and processed in the United States and other countries that may have data-protection laws different from those in your country.

Where required, we rely on appropriate safeguards for transfers from the European Economic Area, the United Kingdom, and Switzerland to the United States or other third countries, including:

  • the European Commission's Standard Contractual Clauses (the "EU SCCs") adopted on 4 June 2021, using the module appropriate to the transfer (controller to processor for our service-provider relationships; controller to controller where the recipient acts as an independent controller);
  • the UK International Data Transfer Addendum to the EU SCCs, issued by the Information Commissioner's Office, for transfers of UK personal data;
  • equivalent contractual safeguards for transfers from Switzerland, recognised by the Federal Data Protection and Information Commissioner;
  • supplementary technical and organisational measures, including encryption in transit and at rest, strict access controls, and confidentiality obligations on personnel.

You may request a copy of the safeguards that apply to a specific transfer by contacting support@invitarium.io.

10. Children's privacy

The Service is not directed to children. You must be at least thirteen (13) years old to use the Service in the United States, and at least sixteen (16) years old to use the Service in the European Economic Area. We do not knowingly collect personal information from anyone below those ages. If you believe a child has provided us with personal information, please contact support@invitarium.io and we will delete it promptly.

11. Security

We apply reasonable technical and organisational measures to protect your information, including encryption in transit (TLS), encryption at rest where supported by our infrastructure, isolated access controls, password hashing with bcrypt, brute-force login lockouts, cross-site-request- forgery protection, and routine security review. No method of transmission or storage is perfectly secure; we cannot guarantee absolute security and we encourage you to use a strong, unique password and to keep your device secure.

Personal-data breach notification. If we become aware of a personal-data breach (as defined in Article 4(12) of the GDPR) that is likely to result in a risk to your rights and freedoms, we will notify the competent supervisory authority without undue delay and, in any event, within seventy-two (72) hours of becoming aware of it, where required by law. Where the breach is likely to result in a high risk to your rights and freedoms, we will also notify you directly without undue delay, describing the nature of the breach, the likely consequences, and the measures we have taken or propose to take to address it.

12. Changes to this policy

We may update this Privacy Policy from time to time. If we make material changes we will notify you by email and post the updated policy on this page at least thirty (30) days before the changes take effect. The "Effective date" and "Last updated" dates at the top of this page tell you when the policy was last revised. Continued use of the Service after the new policy takes effect means you accept the updated terms.

13. Contact us

For any question or request relating to this policy or your personal data, contact us at:

Invitarium, LLC
Delaware, United States
support@invitarium.io