1. Who We Are
PlannedBy is a web-based wedding day coordination platform operated by BAVS Studios, based in Melbourne, Australia. When we say "we", "us", or "our", we mean BAVS Studios. When we say "you" or "your", we mean you -- the person using PlannedBy, whether you're a couple, a wedding planner, or a vendor.
If you have any questions about this policy, reach us at hello@plannedby.com.
2. What Information We Collect
We collect different types of information depending on how you use PlannedBy.
2.1 Information You Give Us
- Account information: your name, email address, and password when you create an account.
- Wedding details: wedding date, venue, timeline, bridal party details, and any other information you add to your runsheet or wedding profile.
- Vendor contact information: names, email addresses, phone numbers, and roles of vendors associated with your wedding.
- Access codes: codes you generate or receive to connect with planners, couples, or vendors on the platform.
- Payment information: when you purchase a plan, your payment is processed by Stripe. We do not store your full credit card number. Stripe provides us with a transaction reference, the last four digits of your card, and your billing email.
- Communications: any messages or information you send us via email or through the platform.
2.2 Information We Collect Automatically
- Usage analytics: pages visited, features used, clicks, session duration, and general interaction patterns. We use Google Analytics for this purpose.
- Login audit trails: timestamps, IP addresses, and device/browser information each time you sign in, for security purposes.
- Device and browser information: browser type, operating system, screen resolution, and language preferences.
2.3 Cookies and Local Storage
- Authentication cookies: we use session cookies to keep you logged in. These are essential for the platform to function.
- Local storage: we use your browser's localStorage to enable offline functionality, such as caching your runsheet data so it loads quickly and works when your connection drops.
- Analytics cookies: Google Analytics sets cookies to help us understand how people use PlannedBy. You can opt out of Google Analytics using their browser opt-out tool.
We do not use advertising cookies or sell your data to advertisers.
3. How We Use Your Information
We use your information to:
- Provide the service: create and manage your account, store your wedding data, generate runsheets, and facilitate coordination between couples, planners, and vendors.
- Enable collaboration: share relevant wedding details with vendors and planners you've connected with through access codes.
- Process payments: charge for paid plans and manage billing through Stripe.
- Improve the platform: understand how PlannedBy is used so we can fix bugs, add useful features, and make the experience better.
- Communicate with you: send account-related emails such as password resets, payment confirmations, and important service updates.
- Maintain security: detect and prevent fraud, unauthorized access, and other harmful activity using login audit trails and security monitoring.
We will never sell your personal information to third parties.
4. Who We Share Your Information With
We share your information only in the following circumstances:
4.1 Other Users on the Platform
When you connect with a planner, couple, or vendor through PlannedBy (for example, by sharing an access code), they can see the wedding details relevant to their role. Vendors see the information you've shared with them -- not your full account details.
4.2 Service Providers
We use the following third-party services to operate PlannedBy:
| Provider |
Purpose |
Data Shared |
Location |
| Supabase |
Database and authentication |
Account data, wedding data, access codes, audit trails |
Cloud-hosted |
| Vercel |
Hosting and content delivery |
Web traffic, IP addresses |
Global CDN |
| Stripe |
Payment processing |
Billing email, payment method details, transaction data |
US/Global |
| Google Analytics |
Usage analytics |
Anonymised usage data, cookies |
US/Global |
Each of these providers has their own privacy policy and processes data in accordance with their terms. We choose providers that maintain appropriate security standards.
4.3 Legal Requirements
We may disclose your information if required to do so by law, court order, or government request, or if we believe in good faith that disclosure is necessary to protect the rights, safety, or property of PlannedBy, our users, or the public.
5. Data Retention
- Active accounts: your data is kept for as long as your account is active.
- Archived weddings: after your wedding date passes, your wedding data is kept in a read-only archived state. You can still access it, but it's no longer actively editable.
- Account deletion: you can request deletion of your account and all associated data at any time by emailing hello@plannedby.com. We will delete your data within 30 days of your request, except where we are required by law to retain it (for example, payment records for tax purposes).
- Backups: deleted data may persist in encrypted backups for up to 90 days before being permanently removed.
6. Data Security
We take reasonable steps to protect your information, including:
- Encryption of data in transit (HTTPS/TLS).
- Encryption of sensitive data at rest.
- Row-level security in our database so users can only access data they're authorised to see.
- Login audit trails to detect suspicious activity.
- Regular review of our security practices.
No system is perfectly secure. If we become aware of a data breach that affects your personal information, we will notify you and the relevant authorities as required by law.
7. Your Rights
7.1 Under the Australian Privacy Act 1988
If you're in Australia, you have the right to:
- Access the personal information we hold about you.
- Request correction of inaccurate or incomplete information.
- Complain to the Office of the Australian Information Commissioner (OAIC) if you believe we've breached the Australian Privacy Principles.
7.2 Under the GDPR (for users in the EU/UK)
If you're in the European Union or United Kingdom, you have additional rights under the General Data Protection Regulation, including:
- Right of access: request a copy of your personal data.
- Right to rectification: correct inaccurate personal data.
- Right to erasure: request deletion of your personal data ("right to be forgotten").
- Right to restrict processing: ask us to limit how we use your data.
- Right to data portability: receive your data in a structured, commonly used format.
- Right to object: object to processing based on legitimate interests.
- Right to withdraw consent: where processing is based on consent, withdraw it at any time.
Our lawful bases for processing under the GDPR are:
- Contract performance: processing necessary to provide you with the PlannedBy service.
- Legitimate interests: improving our platform, maintaining security, and preventing fraud.
- Consent: where you've opted in, such as for analytics cookies.
To exercise any of these rights, email us at hello@plannedby.com. We will respond within 30 days.
8. International Data Transfers
Our service providers operate globally, which means your data may be transferred to and processed in countries outside Australia, including the United States. Where this happens, we rely on the provider's compliance with applicable data protection frameworks (such as Standard Contractual Clauses for GDPR purposes) to ensure your data is adequately protected.
9. Children's Privacy
PlannedBy is not intended for use by anyone under the age of 16. We do not knowingly collect personal information from children. If you believe a child has provided us with their information, please contact us and we will delete it.
10. Changes to This Policy
We may update this privacy policy from time to time. When we do, we'll update the "Last updated" date at the top. If we make significant changes, we'll notify you by email or through a notice on the platform.
We encourage you to review this policy periodically.