QuikRSVP ("we," "us," or "our") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our services.
By using QuikRSVP, you consent to the data practices described in this policy. If you do not agree with this policy, please do not use our services.
| Data Type | Examples | Purpose |
|---|---|---|
| Account Information | Name, email, password | Account creation and authentication |
| Event Information | Event name, date, location, couple names | Creating and managing RSVP forms |
| Guest Data | Guest names, email, phone, dietary preferences, RSVP responses | Managing guest lists and responses |
| Payment Information | Bank account details, tax ID (for registry owners) | Processing gift registry payouts via Stripe |
| Contact Lists | Contacts you import (via CSV, vCard, device picker, or Google Contacts) for messaging campaigns | Sending event invitations and reminders |
| Organization Data (Corporate plan) | Organization name, logo, team member emails and roles, shared contacts directory, campaign history, subscription status, Stripe customer ID | Operating the Corporate dashboard, team collaboration, billing |
| Connected Google Account (optional) | Email address, display name, and OAuth refresh token of the Google account you connect for sending email campaigns | Sending campaign emails from your own Gmail address via the Gmail API |
We use collected information to:
We share your information with third-party service providers who assist in operating our service:
When you use the gift registry feature, your payment and identity information is shared with Stripe, Inc. for payment processing and identity verification.
Important: Please review Stripe's Privacy Policy to understand how they handle your data. By using our gift registry, you authorize us to share your information with Stripe as required for their services.
Email invitations and notifications are sent through SendGrid. Recipient email addresses and message content are processed by SendGrid according to their privacy policy.
When you send messages via WhatsApp, recipient phone numbers and message content are processed through the WhatsApp Business API. See WhatsApp's Privacy Policy.
When event hosts choose to send invitations via SMS, recipient phone numbers and message content are processed through our SMS provider (Brevo/Sendinblue) according to their privacy policy.
Mobile Information Privacy: We will not share, sell, or rent your mobile phone number or any personal information collected in connection with SMS messaging to third parties for promotional or marketing purposes. Mobile information will only be used to deliver event invitation messages as requested by the event host.
SMS recipients may reply STOP to opt out of future messages or HELP for assistance. Standard message and data rates may apply. Message frequency varies based on event activity.
We use Firebase for authentication and data storage. See Firebase Privacy.
We use the Meta Pixel on our website to measure the effectiveness of our advertising, understand how visitors interact with our site, and reach relevant audiences on Facebook and Instagram.
We have enabled Meta's Automatic Advanced Matching feature, which may send hashed (SHA-256 encrypted) versions of personal information you have provided to us — such as your name, email address, phone number, date of birth, location, and gender — to Meta Platforms, Inc. This helps Meta attribute conversions to our ads and improve ad relevance. This data is hashed before transmission and Meta states it is used solely for matching purposes.
By using our service, you acknowledge that this data may be shared with Meta in this manner. You can opt out of Meta's use of your data for advertising purposes by visiting Meta's Privacy Center or adjusting your ad preferences in your Facebook account settings. See Meta's Privacy Policy for more details.
We may also share information:
If you choose to use the "Import from Google Contacts" feature in our Campaign Wizard, we will request read-only access to your Google contacts via Google's OAuth consent screen. You can grant or deny this permission at any time.
What we access. When you authorize access, we read the names, email addresses, and phone numbers of the contacts in your Google account. We do not access photos, addresses, birthdays, notes, or any other fields.
How we use it. The contacts are shown to you in a picker so you can select which ones to add to your specific campaign. Only the contacts you explicitly select are imported. We do not make a copy of your full Google address book on our servers.
Where it is stored. The contacts you select are stored as part of the campaign you are creating, the same way contacts you upload via CSV or enter manually are stored. We do not maintain a separate database mirroring your Google Contacts.
What we do not do. We do not modify, add, or delete any contacts in your Google account — our access is read-only. We do not use your contact data for advertising, machine-learning model training, or marketing. We do not share it with anyone other than the email and SMS delivery providers required to send the campaign messages you create.
Revoking access. You can revoke QuikRSVP's access to your Google contacts at any time by visiting myaccount.google.com/permissions and removing QuikRSVP. Revoking access does not delete contacts already imported into an existing campaign; to remove those, edit or delete the campaign itself.
Limited Use disclosure. QuikRSVP's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
Corporate plan administrators may optionally connect a Google account so that QuikRSVP can send campaign emails from their address via the Gmail API.
What we request. We request only the gmail.send scope plus basic
profile info (userinfo.email, userinfo.profile) so we know which
address to send from. We do not request access to read your messages,
drafts, labels, settings, contacts, or any other Gmail data.
How we use it. When you send a campaign email to a contact and the "Send from Gmail" option is selected, QuikRSVP constructs the message and calls the Gmail API to send it. The sent email appears in your own Gmail "Sent" folder. Replies go to your inbox, not to QuikRSVP.
What we store. We store a secure OAuth refresh token (required to keep the connection alive between sessions), your connected email address, your display name, and a count of how many sends you have made each day for quota purposes. We do not store the contents of any message beyond the campaign body you composed in QuikRSVP.
Revoking access. You can revoke QuikRSVP's access to your Gmail send
permission at any time from the Organization Settings page in your dashboard, or from
myaccount.google.com/permissions.
When revoked, any future campaigns will fall back to sending from QuikRSVP's own sending
domain (events.quikrsvp.com) instead.
What we do not do. We do not read your inbox. We do not sell, share, or transfer Gmail API data to advertisers or data brokers. We do not use Gmail data to train machine-learning models. We do not send emails from your account other than the campaigns you explicitly compose and trigger within QuikRSVP.
Limited Use disclosure. QuikRSVP's use of information from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
When you send campaign emails from QuikRSVP's own sending domain (not via your connected Gmail), the messages are routed through Brevo (formerly Sendinblue), our email service provider. Brevo processes recipient email addresses, the contents of your message, and delivery-event metadata (sent, delivered, opened, bounced, spam complaint, unsubscribe). Brevo acts as a data processor on QuikRSVP's behalf and is subject to their Privacy Policy.
For WhatsApp campaigns (available on individual plans), messages are sent via YCloud, our WhatsApp Business Solution Provider. YCloud forwards your messages to Meta's WhatsApp Business Platform, which delivers them to recipients. YCloud processes recipient phone numbers, message content, template metadata, and delivery events on QuikRSVP's behalf.
We use Microsoft Clarity to capture how visitors use and interact with our website through behavioral metrics, heatmaps, and session replay. This helps us improve our products and services. Website usage data is captured using first- and third-party cookies and other tracking technologies to determine the popularity of products and services and online activity. We also use this information for site optimization, fraud and security purposes, and to inform product decisions.
Clarity is configured to mask the contents of form input fields by default, so the values you type into RSVP forms (such as your name, email, or phone number) are not transmitted to Microsoft. Session replays capture page interactions (clicks, scrolls, mouse movement) rather than personal information. Clarity is not loaded on QuikRSVP's internal admin pages.
For more information about how Microsoft collects and uses your data, see the Microsoft Privacy Statement.
We implement appropriate technical and organizational measures to protect your data:
Note: No method of transmission over the internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.
We retain your data for as long as necessary to provide our services and fulfill the purposes described in this policy:
If you cancel a Corporate (Organization) subscription, your Organization's data is retained on a graduated schedule to give you time to reactivate or export:
You can reactivate your subscription at any point during the 90-day window and all Organization data (events, responses, contacts, team settings, campaign history) will be restored. You may also request early deletion of your Organization's data by emailing support; verified requests are processed within 30 days.
Certain data may be retained beyond this window when required by law (such as tax records for subscription payments) or in anonymized/aggregated form that does not identify you.
OAuth tokens and the connected email address for Gmail send integration are retained as long as the connection is active. When you disconnect Gmail (from the Organization Settings panel or from myaccount.google.com/permissions), QuikRSVP calls Google's token-revocation endpoint and deletes the stored refresh token, access token, and connected-account metadata from our database. This is not reversible — reconnecting Gmail later requires a new authorization flow.
Depending on your location, you may have the following rights regarding your personal data:
Under GDPR, you have additional rights including the right to lodge a complaint with a supervisory authority. Our legal basis for processing includes consent, contract performance, and legitimate interests.
California residents have the right to:
To exercise any of these rights, please contact us at privacy@quikrsvp.com. We will respond within 30 days.
QuikRSVP is not intended for children under 16 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.
Your data may be transferred to and processed in countries other than your own, including the United States. These countries may have different data protection laws. By using our service, you consent to such transfers.
We ensure appropriate safeguards are in place for international transfers, including Standard Contractual Clauses where required.
We use cookies and similar technologies to enhance your experience. This includes behavioral analytics and session replay technology (provided by Microsoft Clarity, see Section 4.12) that records page interactions such as clicks, scrolls, and mouse movement so we can understand and improve how the site works. Form input values are masked and are not captured. For detailed information, please see our Cookie Policy.
We may update this Privacy Policy from time to time. We will notify you of material changes by posting the new policy on this page and updating the "Last Updated" date. Your continued use of the service after changes constitutes acceptance.
If you have questions about this Privacy Policy or our data practices, please contact us:
Your privacy matters to us. Thank you for trusting QuikRSVP with your information.