Privacy & data
Privacy Policy
Last updated: May 25, 2026
What we collect
Seatery collects only what's needed to arrange your seating chart and run the service:
- Guest data: Names, relationships, dietary notes, table preferences, and group assignments you enter. This data is used solely to generate your seating arrangement.
- Email address: Provided optionally to save your progress, or at checkout to complete your purchase.
- Payment information: Processed entirely by Stripe. We never see or store your card number.
- Usage data: Anonymous, aggregated analytics (page views, feature usage) to improve the product. IP addresses are hashed and never stored in raw form.
- Guest photos (Pro / Planner): If you upload a photo for a guest, we store the image bytes alongside your other guest data on Vercel Blob (US region). Photos appear only inside your own seating chart. We do not run facial recognition, biometric processing, or AI training on them, do not share them with third parties, and do not use them for marketing. They're deleted when you delete the guest, when your account is cancelled, or when your event data expires. Takedown requests: dmca@seatery.net.
How we use your data
- Generate and display your seating arrangement
- Send transactional emails (magic links, expiration reminders)
- Process payments via Stripe
- Improve the product through anonymous usage analytics
We do not sell, rent, or share your guest data with advertisers or data brokers. We use a small number of strictly-necessary processors (Vercel, Stripe, Resend) and one optional analytics processor (Mouseflow) that records anonymized interactions only outside the EU/UK/Switzerland — see the table below.
Third-party services
| Service | Purpose | Data shared |
|---|---|---|
| Vercel | Hosting, CDN, edge network, Blob storage (guest photos) | Request data (URL, headers, IP — used for routing and security; not retained for analytics). Guest photo bytes (Pro / Planner only). |
| Stripe | Payment processing | Email, payment info |
| Resend | Transactional email | Your email address only |
| Mouseflow | Session recording (if enabled) | Anonymized interactions — form input contents are masked where supported; password fields are never recorded |
Data retention
- Free tier: Your data is stored server-side for 30 days. After 30 days without payment, it is soft-deleted. After 60 days, it is permanently removed.
- Paid users: Your data is stored permanently until you delete your account.
- Email addresses: Retained for account access even after event data expires. Deleted on account deletion request.
Your rights
You can:
- Export your data: Email privacy@seatery.net and we'll send you a copy of all your data within 30 days.
- Delete your account: Request full deletion from your account page. All guest data, relationships, analytics events, and email logs will be removed within 30 days.
- Opt out of session recording: Mouseflow is only active when explicitly enabled and respects your browser's Do Not Track setting.
For GDPR (EU) or CCPA (California) requests, email privacy@seatery.net. We respond within 30 days.
Cookies
Seatery uses a single functional cookie (seatery_session) to maintain your session. It is HttpOnly, Secure, and SameSite=Strict. It is not used for tracking. No cookie consent banner is required for functional cookies under the ePrivacy Directive.
Children's data
We do not knowingly collect data from children under 13. Account holders confirm they are 13 or older when signing up. Guest lists may include minors' names as entered by the couple — this data is treated with the same privacy protections as all other guest data. If you believe a child under 13 has signed up, please contact privacy@seatery.net and we will delete the account.
Data controller
When a couple uploads their guest list, the couple is the data controller and Seatery is the data processor. We process guest data only on the couple's instruction (seating optimization) and do not use it for any other purpose.
Contact
Questions about this policy? Email privacy@seatery.net.