Privacy Policy

Learn how we collect, use, and protect your personal data. We prioritize transparency and empower you to control your information.

SnapInvite Privacy Policy

Last updated: November 22, 2025

Valley Tech LLC ("Valley Tech," "we," "us," or "our") operates the SnapInvite website, web application, and related services (collectively, the "Services"). This Privacy Policy explains how we collect, use, disclose, and safeguard personal information when you interact with the Services. It also describes your rights and choices. If you do not agree with this policy, please do not use the Services.

1. Information We Collect

We collect the following categories of information:

1.1 Information you provide directly

  • Account and profile details: name, email address, passwordless authentication tokens (e.g., magic links), and preferences you add to your account or waitlist registration
  • Event and design inputs: event descriptions, recipient details, party dates, themes, and other text or assets you upload to generate invitations. Important: Avoid including sensitive personal data unless necessary for the invitation
  • Print and shipping information: recipient names, postal addresses, contact phone numbers, and order notes for fulfillment
  • Payment details: billing name, email, and limited payment method information submitted through Stripe. Stripe stores and processes full payment credentials on our behalf
  • Support and communications: information you provide when you contact support, respond to surveys, or participate in beta feedback programs
  • RSVP waitlist: email collected through the RSVP landing page so we can notify you when access opens

1.2 Information collected automatically

  • Usage and device data: log files, IP address, browser type, operating system, language, referring/exit pages, and timestamps
  • Analytics data: events captured by our first-party analytics client, Google Analytics 4 (when enabled through the cookie manager), Meta Pixel, and Reddit Pixel (client + Conversions API). These tools may set cookies, pixels, or local storage identifiers to measure conversions and improve the product
  • Session replay diagnostics (FullStory): When you accept optional/analytics cookies, we collect site usage and session information (pages visited, clicks, scrolling, limited input context, and how you reached the page) and share it with FullStory, our trusted processor, so they can analyze that data on our behalf for support and product improvements. Sensitive or payment fields are masked per our privacy rules, and you can opt out at any time through the cookie preference links below.
  • Attribution data: UTM parameters, referral URLs, campaign identifiers, and marketing source data stored in local storage (after you opt into analytics cookies) to attribute signups and orders
  • App performance data: diagnostic information about errors, latency, AI generation metadata, and queue performance captured for troubleshooting

1.3 Information from third parties

  • Authentication partners: If we offer single sign-on or social login, we may receive profile data from those providers
  • AI service providers: OpenAI and similar AI vendors may process your content inputs to generate invitation designs. We do not control their data practices beyond our service agreements
  • Payment processors: Stripe shares payment status, billing details, and transaction metadata so we can manage orders, subscriptions, and customer support
  • Fulfillment partners: When necessary, we share shipment information with printing or logistics partners and receive status updates or delivery confirmations
  • Analytics and advertising partners: Google and Meta may provide aggregated insights about ad performance and audience segments

2. How We Use Information

We process personal information for the following purposes:

  1. Provide and improve the Services, including generating AI invitations, saving designs, processing payments, shipping print orders, and enhancing product features
  2. Communicate with you, such as sending waitlist updates, onboarding emails, transaction receipts, order status notifications, and customer support responses
  3. Personalize experiences, including recommending templates, remembering preferences, and tailoring onboarding flows
  4. Analyze usage and measure performance, including understanding feature adoption, debugging issues, and optimizing marketing campaigns
  5. Protect the Services, including detecting fraud, enforcing the Terms of Service, and securing accounts
  6. Comply with legal obligations and respond to lawful requests from authorities
  7. Conduct marketing and promotional activities with your consent or where permitted by law

3. Legal Bases for Processing

Note: SnapInvite is currently available only to customers in the United States. We process personal information in accordance with applicable US privacy laws, including the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA).

Where required by law, we rely on the following legal bases:

  • Contract: Processing necessary to provide the Services or fulfill orders
  • Legitimate interests: Improving the Services, safeguarding our platform, and marketing to existing customers, provided these interests are not overridden by your rights
  • Opt-out consent: We use analytics and advertising cookies by default to improve your experience. You may opt out at any time via the "Do Not Sell or Share My Personal Information" or "Cookie Preferences" links in the footer. We honor Global Privacy Control (GPC) signals automatically
  • Consent for communications: Sending promotional emails or processing sensitive information you choose to share. You may withdraw consent at any time by contacting us
  • Legal obligations: Complying with tax, accounting, and regulatory requirements

4. How We Share Information

We share personal information with:

  • Service providers: Companies that host infrastructure (Amazon Web Services, Cloudflare), operate databases, queue email delivery, provide AI generation (OpenAI), or support customer communications. These providers process data only under our instructions and are bound by data processing agreements
  • Payment processors: Stripe and its affiliates process payments and store saved payment methods under their own privacy policies
  • Fulfillment and shipping partners: Trusted printers, couriers, and logistics vendors that produce and deliver physical invitations
  • Analytics and marketing partners: Google Analytics 4, Meta Pixel, Reddit Pixel (client + Conversions API), FullStory (session replay), and similar tools collect or receive usage data to help us understand engagement and conversions while honoring the preferences you set in our cookie banner
  • Professional advisors: Lawyers, accountants, auditors, or insurers, when necessary to protect our business
  • Authorities or parties in legal matters: If required by law, subpoena, or to protect the rights, property, or safety of Valley Tech, our users, or the public
  • Business transfers: In connection with a merger, acquisition, financing, or sale of assets, provided the recipient agrees to honor this policy

We do not sell personal information, and we do not share invitation content with third parties for advertising purposes.

5. Cookies, Local Storage, and Tracking Technologies

We use cookies and similar technologies by default to improve your experience, measure performance, and support marketing activities. You can opt out at any time by clicking "Do Not Sell or Share My Personal Information" in the site footer.

We use cookies, local storage, and similar technologies to:

  • Keep you signed in and secure the application
  • Remember preferences and onboarding progress
  • Measure website traffic and campaign performance
  • Enable advertising and retargeting via Meta or other partners
  • Store attribution parameters (e.g., UTM tags) in local storage to measure which campaigns lead to signups or purchases

FullStory’s session replay loads by default when you visit our site (consistent with their site usage disclosure). You can turn it off any time by selecting "Do Not Sell or Share My Personal Information" in the footer; we also honor Global Privacy Control (GPC).

Your Privacy Rights: You have the right to opt out of the sale or sharing of your personal information at any time. Click "Do Not Sell or Share My Personal Information" or "Cookie Preferences" in the footer to manage your choices. Changes take effect immediately. We also honor Global Privacy Control (GPC) signals automatically.

You can adjust browser settings to refuse cookies, but this may affect core functionality.

6. Data Retention

We retain personal information based on the following criteria:

  • Account data: For the duration of your account plus 3 years after closure for legal compliance
  • Transaction records: 7 years after the transaction for accounting and tax purposes
  • Waitlist data: Until you request deletion or 2 years from signup if no account is created
  • Analytics logs: 26 months (Google Analytics default) unless you request earlier deletion
  • Support communications: 3 years from the last interaction
  • Marketing communications: Until you unsubscribe or request deletion

We will delete or anonymize personal information when it is no longer needed for the purposes outlined in this policy, unless we are required to retain it by law.

7. Data Security

We employ technical and organizational safeguards appropriate to the sensitivity of the data, including:

  • Encrypted connections (HTTPS/TLS)
  • Network segmentation and access controls
  • Regular security monitoring and incident response procedures
  • Employee training on data protection
  • Vendor security assessments and data processing agreements

However, no system is completely secure. Please notify us immediately at [email protected] if you believe your account has been compromised.

8. Your Rights and Choices

Depending on your location, you may have the right to:

  • Access your personal information and receive a copy
  • Correct inaccurate or incomplete information
  • Delete your personal information (subject to legal retention requirements)
  • Object to or restrict certain processing, including direct marketing
  • Withdraw consent where we rely on consent
  • Data portability: Receive your data in a structured, machine-readable format
  • Lodge a complaint with a supervisory authority

To exercise these rights, contact us at [email protected]. We may ask you to verify your identity before fulfilling requests. We will respond within 30 days (or as required by applicable law).

9. International Data Transfers

We are based in the United States and use service providers located in the United States and other countries. When we transfer personal information internationally, we rely on appropriate safeguards, such as:

  • Standard contractual clauses approved by the European Commission
  • Adequacy decisions by the European Commission
  • Certification under approved frameworks (when available)

10. Children's Privacy

SnapInvite is designed for adults planning events and is not directed to children under 13. We do not knowingly collect personal information directly from children under 13 without verifiable parental consent. If you believe a child has provided personal information without consent, please contact us immediately so we can delete it.

11. Biometric Data (Face Uploads)

If you use the optional face-upload feature (including for children’s photos), you agree that:

  • We process the image solely to generate an invitation and then delete the temporary copy after generation (temporary S3 storage auto-expires; no biometric templates or embeddings are stored).
  • Illinois and Texas (BIPA states): Explicit consent is required before processing. A parent/guardian must provide consent for minors. We treat unrecognized locations as requiring consent by default.
  • All other locations: Consent is still required to use the face-upload feature, but BIPA-specific obligations do not apply.
  • We do not sell, share, or reuse biometric data for other purposes. We use reputable AI vendors (e.g., OpenAI/Replicate) under contract, and only transmit the minimum needed image data for generation. These vendors contractually represent they do not use your images to train their models, but their independent data practices are governed by their own terms and policies, which we do not control.
  • You are responsible for having the legal right/permission to upload the photo (including for children), and for complying with applicable biometric, privacy, and child-protection laws.

12. California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

  • Right to know: Request information about the categories and specific pieces of personal information we collect
  • Right to delete: Request deletion of your personal information
  • Right to correct: Request correction of inaccurate personal information
  • Right to opt-out: We do not sell personal information, but you can opt-out of sharing for targeted advertising
  • Right to limit sensitive personal information: We do not use sensitive personal information beyond necessary service provision
  • Right to non-discrimination: We will not discriminate against you for exercising your privacy rights

To exercise these rights, contact us at [email protected]. We may ask you to verify your identity before fulfilling requests. We will respond within 30 days (or as required by applicable law).

13. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, services, or legal requirements. We will:

  • Update the "Last updated" date at the top of this policy
  • Notify you of material changes through the Services or by email
  • For significant changes, provide at least 30 days advance notice

Continued use of the Services after changes take effect signifies acceptance of the updated policy.

14. Contact Us

Valley Tech LLC
Physical Address: 550 CALIFORNIA STREET, SUITE 1040, SAN FRANCISCO, CA 94104
Email: [email protected]