Skip to content
My Wedding Office logo My Wedding Office

My Wedding Office

Privacy Policy

Effective date
April 29, 2026
Last updated
April 29, 2026
Version
2.0
Contact
contact@myweddingoffice.com

This Privacy Policy explains how Patryk Mateusz Rosiak, an individual operating under the name My Wedding Office (“MWO”, “we”, “us”), processes personal data in connection with the website, web application, browser extension, integrations, AI features, communications, and related services (“Services”). The Services are intended for business and professional users.

Summary of Key Points

We may process personal data depending on how you use the Services, which features you enable, and what data you choose to enter, connect, or import.

We do not knowingly request special categories of personal data. If you use MWO as a business user to process data about your customers, leads, couples, guests, or contacts, you are responsible for the proper legal basis and privacy notice to those people.

We may use providers for infrastructure, payments, email, analytics, error monitoring, AI, Google, Meta/Facebook, and e-sign only as needed for the Services, according to configuration and applicable safeguards.

1. Who this Policy applies to

This Policy applies when you visit myweddingoffice.com, create an account, use the app, connect integrations, use the Chrome extension, contact us, or use public pages and forms made available through MWO.

This is not your company privacy policy. If you use MWO to manage your own customers, leads, couples, guests, documents, or messages, you are responsible for your own privacy notices to those people.

2. Controller and Processor Roles

Depending on the context, My Wedding Office may act either as a data controller or as a data processor.

We act as controller for data relating to our own business operations, in particular user accounts, billing, customer support, security, product analytics, communications with users, running the website, and developing the Services.

We act as processor when a business user enters, imports, stores, or manages in My Wedding Office data about their customers, leads, couples, guests, contacts, messages, documents, or other third parties. In that case, the business user remains the data controller and is responsible for the proper legal basis, privacy notice, and lawful use of the data.

The processing terms are described in our Data Processing Addendum.

3. Data We Process

Depending on your configuration and use of the Services, we may process:

  • Account and profile data: name, email, phone number, business name, role, account settings, language, plan, subscription status, and authentication data.
  • Business and workflow data: services, packages, pricing, availability, booking pages, forms, inquiries, pipeline data, tasks, notes, documents, contract drafts, proposals, communications, and work history.
  • Business user customer data: data about couples, leads, customers, guests, contacts, signers, and other third parties that a user enters or imports into MWO.
  • Payment and billing data: Stripe customer identifiers, payment status, plan, invoices, billing country, and information needed to manage subscriptions. Full card data is handled by Stripe.
  • Technical data: IP address, browser or device identifiers, logs, session data, security events, errors, performance data, and basic usage metadata.
  • Product analytics — PostHog: if you consent to the relevant analytics category, we may process user or workspace identifiers, product usage events, technical device and browser information, approximate location derived from IP address, and session-related data.
  • Integration data: Gmail, Google Calendar, Google Business Profile, Meta/Facebook, custom email, browser extension, and e-sign provider data where you enable those features.

Product Analytics — PostHog

We use PostHog for optional product analytics if you consent to the relevant category of cookies or analytics technologies.

PostHog may help us understand which features are used, where users encounter problems, and how we can improve the product. Depending on configuration, PostHog may process user or workspace identifiers, product usage events, technical device and browser information, approximate location derived from IP address, and session-related data.

We do not use PostHog to intentionally analyze email message content, documents, customer notes, signed-contract data, review content, Facebook post content, or Google API data. We configure analytics to limit the transfer of personal data and end-customer content.

The current app configuration disables autocapture, automatic pageviews, heatmaps, and session recordings. If we enable heatmaps or session recordings in the future, we will update this Policy and require appropriate consent where required by law.

The PostHog host depends on environment configuration. When we use PostHog EU Cloud, analytics events are routed to PostHog’s EU host; this does not guarantee processing only in the EEA because PostHog providers, support, or transfers and applicable transfer safeguards may still apply.

Social Logins

If you choose to register or sign in with a supported third-party account, such as Google or Facebook, we may receive limited profile information from that provider as needed to create your account, authenticate you, or connect the integration. Use of that login is also subject to the provider’s own terms and policies.

We do not ask for special categories of personal data unless they are necessary for your own lawful business process. You should not put such data into MWO without a proper legal basis and clear need.

4. How We Process Data

We process data as necessary to provide, operate, secure, bill, support, and develop the Services; manage accounts and subscriptions; run integrations; send service communications; prevent abuse; comply with law; and, where you consent or law allows, send marketing communications.

If you enable the browser extension, Gmail, Google Calendar, Google Business Profile, email, e-sign, AI, or other integrations, we process feature data only as needed for user-facing actions such as syncing, displaying, sending, organizing, drafting, generating suggestions, or saving a lead at your direction.

We may also process data to send service communications, alerts, reports about service operation, or security notices. Some service communications are part of the Services, not marketing.

5. Legal Bases

Where the GDPR, UK GDPR, or similar laws apply, legal bases may include performance of a contract, legitimate interests, legal obligations, consent, or vital interests in exceptional cases.

  • Performance of a contract: where processing is needed to provide your account, features, integrations, subscription, support, or service communications.
  • Legitimate interests: where reasonably needed to secure the Services, diagnose problems, prevent abuse, develop the product, support customers, or enforce terms.
  • Consent: where consent is required, for example for optional analytics, some cookies, marketing, or selected integrations.
  • Legal obligations: where processing is needed for invoices, taxes, accounting, responding to lawful requests, or other legal duties.

For your customer, lead, couple, guest, contact, message, or document data processed in MWO as your business tool, you determine the legal bases as controller.

6. Artificial Intelligence-Assisted Features

My Wedding Office may offer artificial intelligence-assisted features such as next-step suggestions, summaries, reply drafts, follow-up risk analysis, review analysis, booking-process recommendations, onboarding question proposals, or other assistive features.

AI features operate using data available in the Services, such as customer data, inquiry status, communication history, notes, dates, calendar data, reviews, or other information selected for the feature. We send an AI provider only the data needed to perform the specific function.

We do not use AI features to make fully automated decisions that produce legal effects for individuals. AI outputs are assistive. You should independently assess whether a suggestion, analysis, or reply draft is accurate, appropriate, lawful, and consistent with your business practices.

If we use an external AI provider, such as OpenAI or a similar provider, data may be processed by that provider to the extent necessary to provide the feature and according to its terms and data processing agreement. Where a provider offers a mode in which API customer data is not used to train models, we use that mode where available and appropriate.

7. Email and Inbox Data

If you connect an email inbox or use email features in My Wedding Office, we may process data needed to display, organize, send, or sync messages. This may include sender, recipients, subject, date, message body, attachments, thread identifiers, message statuses, and technical metadata.

Email message data may include personal data about your customers or other third parties. To that extent, you remain the data controller and My Wedding Office acts as a processor.

We do not use email message content for advertising or selling data. We do not intentionally send email message content to analytics tools such as PostHog or error monitoring tools such as Sentry.

Some features, such as reply drafts or next-step suggestions, may use selected email excerpts to perform an AI feature if you use that feature.

8. Google Data and Google APIs

If you connect Google services, we may process the Google user data you authorize: Gmail content and metadata, labels, threads, drafts and sending; Google Calendar lists, events, participants, and metadata; Google Business Profile review data; and data needed for login or account connection.

We use Google data only for the user-facing features you enable in MWO, such as the inbox, calendar sync, Google Reviews management, draft replies, suggestions, or connecting communications to a customer record. We do not use Google user data for advertising, sale of data, data brokers, marketing profiling, or training generalized AI models.

We may retain Google-derived data for as long as needed to provide the enabled feature, workflow history, security, support, or legal obligations. After disconnecting Google or requesting deletion, we delete related data from active systems within a reasonable period unless law, security, disputes, or backups require limited retention.

9. Browser Extension and External-Platform Data

If you use the My Wedding Office extension, the extension may allow you to save visible content and metadata from supported pages, such as posts or comments visible publicly or to you, group names, source links, dates, visible author name or profile name, and notes you add.

The extension may also process connection and configuration data, such as extension tokens, company or workspace identifiers, connection status, last connection timestamp, recently used app/API origins, and debug values if enabled.

The extension is not intended for mass scraping, automated data extraction, bypassing platform safeguards, or collecting data from places where you do not have authorized access.

You are responsible for using the extension in compliance with law, external platform terms, and privacy notice duties to the people whose data you save in My Wedding Office. We do not sell extension data or use it for advertising or credit-worthiness decisions.

10. Electronic Document Signing

My Wedding Office may allow you to prepare, send, or sign documents using external electronic signature providers such as DocuSeal, Autenti, Dropbox Sign, DocuSign, or similar services.

For this feature, we may process document data, party and signer data, email addresses, signature status, event dates and times, IP addresses or other technical metadata, document identifiers, event history, and signed files.

The type of electronic signature, its legal effect, and evidentiary value may depend on the provider, configuration, jurisdiction, and selected signature level. My Wedding Office does not provide legal services and does not guarantee that a signature type will be appropriate for every document or situation.

E-sign data may be shared with the selected e-sign provider only as needed to provide the feature. Once a provider is selected or enabled, it will be described on the Subprocessors page.

11. Cookies and Analytics Technologies

We use cookies and similar technologies for authentication, security, language preference, consent, and core service behavior. Details are in our Cookie Policy.

In the web app, optional PostHog analytics is enabled only after consent and may include product usage events, user or workspace identifiers, device and browser information, approximate location from IP address, and session data. Autocapture, automatic pageviews, heatmaps, and session recordings are currently disabled.

Sentry may receive error data, device information, paths, user identifiers, or limited metadata needed for diagnosis. Details are described below.

12. Error Monitoring — Sentry

We use Sentry to monitor errors, crashes, performance, and application stability. Sentry helps us diagnose technical issues and improve the security and reliability of the Services.

Data sent to Sentry may include technical information such as browser type, operating system, URL, error message, stack trace, user or workspace identifier, event time, and other diagnostic information.

We configure Sentry to limit the transfer of personal and sensitive data. In particular, we do not intend to send passwords, access tokens, payment data, email message content, document content, full customer notes, signed-contract content, or data that is not needed for diagnostics.

We cannot promise that a diagnostic tool will never receive personal data, so we apply redaction and data minimization where technically possible.

13. Vendors and Subprocessors

We share data with selected service providers only to the extent necessary to provide, secure, maintain, and develop the Services or where required by law. The current list is described on our Subprocessors page.

Providers may include infrastructure, authentication, payments, email, file storage, error monitoring, analytics, AI, Google/Meta integrations, and e-sign providers. Some services apply only when you enable the feature or connect an external account.

PostHog is one of the product analytics providers described on our Subprocessors page. We share data with PostHog only when optional analytics is configured and you have provided the relevant consent; we do not treat PostHog as necessary for core account functionality.

Sentry is an error monitoring and technical diagnostics provider described on our Subprocessors page. We share data with it only as needed to diagnose and secure the Services.

14. International Data Transfers

Some of our service providers, subprocessors, or integration partners may process data outside the European Economic Area, the United Kingdom, or Switzerland. We do not state that all data always remains in the EEA.

In such cases, we use appropriate safeguards required by applicable law, such as standard contractual clauses, adequacy decisions, additional security measures, or other lawful mechanisms.

The list of main providers and processing scope is available on the Subprocessors page.

15. How Long We Retain Data

We retain data only as long as needed for the purposes described in this Policy unless a longer period is required by law, tax and accounting duties, security, dispute resolution, or contract enforcement. Practical details are described on our Data Deletion & Export page.

Data categoryExample retention period
User account datafor the account lifetime and a limited period after deletion
Workspace datafor the account lifetime or until deleted by the user
Customer, lead, and contact datauntil deleted by the user or the end of Services use
Email message datauntil deleted by the user, integration disconnect, or account closure, subject to backups
Documents and e-sign datafor the period set by the user or required to support the document, unless law requires longer retention
Billing and invoice datafor the period required by tax and accounting laws
Security logsusually 90 to 180 days unless longer retention is needed for security or incident handling
Sentry error logsaccording to retention configuration, usually for a limited diagnostic period
PostHog analytics dataaccording to retention configuration and user consent
Backupsfor a limited time based on backup cycles

After a deletion request, data may remain for a limited time in backups or technical logs until the relevant retention cycle completes.

16. Data Breach Handling

We use procedures intended to detect, assess, and handle security incidents.

If a personal data breach occurs, we will assess its nature, scope, and possible impact. Where required by law, we will notify the competent supervisory authority and affected individuals.

Where we act as processor on behalf of a business user, we will inform that user of a breach without undue delay so they can meet their own duties as controller.

17. Security

We use appropriate technical and organizational safeguards, including access control, encryption in transit, monitoring, event logging, limited token access, and response processes. We do not promise that the Services are 100% secure or end-to-end encrypted. More information is on our Security & Privacy page.

18. Minors

The Services are intended for users who are at least 18 years old and acting in a business or professional capacity. We do not knowingly collect personal data from children or direct the Services to minors.

If you believe we collected data from someone under 18, contact us at contact@myweddingoffice.com.

19. Your Rights

Depending on your location and the context, you may have rights to access, correct, delete, restrict, port, object, and withdraw consent. You may also have the right to complain to a supervisory authority.

If we rely on consent, you may withdraw it at any time. For optional analytics, you may change or withdraw consent through the consent banner or account settings where available.

You may opt out of marketing communications through the unsubscribe link or by contacting us. Service communications, security alerts, and some service reports may be sent as part of the Services.

If your question concerns your company data or MWO account, contact us. If you are a customer of an MWO business user, contact that business user first because they are usually the controller of your data.

20. Reviewing, Updating, or Deleting Data

You may sign in to account settings to update some information or contact us at contact@myweddingoffice.com.

If you have connected third-party accounts or services, including Google or Facebook, you may disconnect the integration in settings where available or request deletion of stored data connected with those accounts.

21. Policy Updates

We may update this Policy to reflect changes in the Services, providers, law, or operations. Material changes may be announced in-product or by email where appropriate.

22. Contact

Privacy questions can be sent to contact@myweddingoffice.com.