Covenant

Legal

Privacy Policy

Last updated: May 2026

1. What We Collect

When you use Covenant, we collect:

  • Account information: your email address and the wedding details you provide (names, date, temple)
  • Guest information: names, email addresses, phone numbers, and mailing addresses you add for your guests
  • Usage data: pages visited, features used — collected anonymously to improve the product
  • Payment data: processed by Stripe. We do not store your card number or payment details
  • Photos: hero photos you upload for your wedding website, stored securely

2. How We Use It

We use your data to:

  • Provide and operate the Service
  • Send RSVP confirmations and reminder emails to your guests (only when you enable them)
  • Send you account-related emails (password reset, payment confirmation)
  • Improve the product through aggregated, anonymous usage patterns

We do not sell your data to third parties. We do not use your data for advertising.

3. Guest Data

You provide guest names, emails, and addresses on behalf of your guests. By adding this information, you represent that you have appropriate permission to share it with us for the purpose of wedding planning and communication.

Guest data is used solely to power your RSVP system, guest list management, and email communications you initiate. We do not contact your guests for marketing purposes.

4. Public Wedding Websites

When you publish your wedding website, the following is publicly visible: couple names, event details you mark as public, your couple message, and registry links. Guests must search by name to access the RSVP form — names are not displayed publicly.

5. Data Retention

Your account data is retained as long as your account is active. Wedding data (guest lists, events, budget) is retained for 13 months after your wedding date, after which it may be deleted. You can request earlier deletion by contacting us.

6. Third-Party Services

Covenant uses the following third-party services:

  • Supabase — database and authentication
  • Stripe — payment processing
  • Resend — transactional email delivery
  • Vercel — hosting and deployment
  • Anthropic — AI timeline generation (event data sent to generate your timeline)

Each provider is bound by their own privacy policy. We share only the minimum data necessary for each service to function.

7. Security

We use industry-standard practices: HTTPS encryption in transit, row-level security in our database so users can only access their own data, and secure credential management. No security system is perfect — use a strong password and enable email verification.

8. Your Rights

You can request access to, correction of, or deletion of your personal data at any time. Email us at hello@covenant.wedding and we will respond within 30 days.

9. Contact

Privacy questions: hello@covenant.wedding

Terms of Service← Back to Covenant