Skip to content
My Wedding Office logo My Wedding Office

My Wedding Office

Security & Privacy

Effective date
April 29, 2026
Last updated
April 29, 2026
Version
2.0
Contact
contact@myweddingoffice.com

We build My Wedding Office for small service businesses that entrust us with customer data, communications, and documents. Privacy and security are treated as part of the product, not an add-on.

This page is informational. It is not a guarantee of complete security, a compliance certification, or a data processing agreement.

Our Principles

  • We do not sell user data or customer data.
  • We do not use business users’ customer data for advertising.
  • Customer data belongs to the business user who enters or imports it into the Services.
  • AI features are assistive and should be reviewed by the user.
  • Product analytics is limited and consent-based where required.
  • We aim to minimize data sent to analytics and error monitoring tools.
  • Sensitive technical data, such as integration tokens, is stored in a protected form according to its nature.
  • Production data access is limited to people and situations where it is needed.

Data and Encryption

We use TLS encryption in transit where data is sent over a network. Selected sensitive data, such as integration tokens, external service passwords, or other secrets, is stored encrypted or otherwise protected according to its nature and available infrastructure mechanisms.

User passwords should not be stored in reversible form. They are hashed by the authentication system or handled by the auth provider.

We do not state that all data is end-to-end encrypted or that the Services are 100% secure. Security also depends on the user’s device, browser, passwords, connected accounts, and team configuration.

Example Technical and Organizational Measures

  • access control for accounts and administrative resources;
  • restricted access to API keys, tokens, and secrets;
  • file storage in controlled infrastructure and use of time-limited access URLs where appropriate;
  • monitoring of errors, stability, and technical logs;
  • redaction of tokens, authorization headers, cookies, and secrets in logs where technically possible;
  • backups, migrations, and maintenance processes depending on the production environment;
  • limited human access to Google data, emails, and documents to support, security, legal, or user-requested situations.

Analytics and Logs

We use tools such as PostHog and Sentry to improve the product and diagnose problems. We configure them to limit the transfer of personal data and to avoid intentionally sending message content, documents, passwords, tokens, or payment data.

We cannot promise that analytics or error monitoring tools will never receive any personal data, so we limit event scope, redact secrets where technically possible, and describe main providers on the subprocessors page.

Subprocessors

The current list of main providers and subprocessors is available on the Subprocessors page. Some tools apply only when the user enables a feature or connects an external account.

Incidents

If we identify a security incident involving personal data, we will assess its scope and take action appropriate to the risk. Where law requires it, we will notify relevant people, business customers, or authorities to the required extent.

Your Responsibilities

  • use strong passwords and secure sign-in methods;
  • protect access to Google, Facebook, email, e-sign, and Stripe accounts;
  • grant access only to people who need it;
  • do not upload sensitive data unless necessary and lawful;
  • review AI content, messages, documents, and replies before sending.

Contact

Security and privacy questions can be sent to contact@myweddingoffice.com. If we publish dedicated security or privacy addresses later, we will update this page.