1. Introduction

Welcome to Invita Fiestas. We take the privacy of our users very seriously. This Privacy Policy describes how we collect, use, store, and protect your personal information when you use our digital invitation platform.

By using Invita Fiestas, you agree to the practices described in this policy. If you do not agree with any part of this policy, please do not use our services.

2. Information We Collect

2.1 Account Information

When you create an account, we collect:

• Email address
• Full name
• Password (stored in encrypted form)

2.2 Event Information

When you create an event, we collect:

• Event type (wedding, quinceañera, birthday, etc.)
• Event title and description
• Event date and location
• Host or celebrant names
• Images and photos you upload
• Visual and design settings
• Itinerary and additional location information

2.3 Guest Information (RSVP)

When guests confirm attendance, we collect:

• Guest's full name
• Number of accompanying guests
• Confirmation status (confirmed, declined, pending)
• Dietary restrictions or other notes (if provided)

2.4 Payment Information

To process payments, we use Stripe. We do not store complete credit card information on our servers. We collect:

• Payment amount
• Payment date
• Stripe transaction ID
• Payment status

2.5 Technical Information

We automatically collect:

• IP address
• Browser type and version
• Operating system
• Pages visited and time spent
• Cookie and local storage information

3. How We Use Your Information

We use the collected information to:

• Provide the service: Create, manage, and publish your digital invitations
• Process payments: Manage subscriptions and payments for published events
• Communication: Send you important notifications about your account and events
• Improve the service: Analyze platform usage to improve functionality
• Security: Detect and prevent fraud, abuse, and security issues
• Legal compliance: Comply with legal and regulatory obligations
• Customer support: Respond to your inquiries and provide assistance

4. Third-Party Services

4.1 Stripe (Payment Processing)

We use Stripe to securely process payments. Stripe has access to the payment information necessary to process transactions. See Stripe's Privacy Policy for more information.

4.2 Supabase (Authentication and Database)

We use Supabase for user authentication and data storage. Supabase complies with SOC 2 Type II security standards. See Supabase's Privacy Policy.

4.3 Cloudflare R2 (Image Storage)

Images and multimedia files are stored on Cloudflare R2. See Cloudflare's Privacy Policy.

4.4 Information Sharing

We do not sell or rent your personal information to third parties. We only share information when:

• It is necessary to provide the service (providers mentioned above)
• We have your explicit consent
• It is required by law or legal process
• It is necessary to protect our rights or safety

5. Data Security

We implement technical and organizational security measures to protect your information:

• Encryption: All passwords are encrypted using secure algorithms
• HTTPS: All communications are protected with SSL/TLS
• Access control: Row-level security (RLS) policies in the database
• Secure authentication: Secure session tokens and robust authentication management
• Monitoring: Continuous monitoring to detect suspicious activities

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee its absolute security.

6. Your Rights

You have the following rights regarding your personal information:

• Access: Request a copy of the information we have about you
• Correction: Update or correct inaccurate information
• Deletion: Request deletion of your account and associated data
• Portability: Receive your data in a structured, readable format
• Objection: Object to certain uses of your information
• Restriction: Request limitation of processing of your data

To exercise these rights, you can manage your information from your account settings or contact us directly (see Contact section).

7. Cookies and Similar Technologies

We use cookies and similar technologies to:

• Authentication: Keep your session active securely
• Preferences: Remember your language and display settings
• Analytics: Understand how the platform is used to improve it
• Security: Protect against fraudulent activities

You can control cookies through your browser settings. Note that disabling certain cookies may affect site functionality.

8. Children's Privacy

Our service is not directed to children under 13 years of age. We do not knowingly collect personal information from children under 13. If we discover that we have collected information from a child under 13 without verification of parental consent, we will delete that information immediately.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us so we can take necessary action.

9. Changes to this Policy

We may update this Privacy Policy occasionally. We will notify you of significant changes by posting the new policy on this page and updating the "Last updated" date at the top.

We recommend reviewing this policy periodically to stay informed about how we protect your information.

10. Contact

If you have questions, comments, or concerns about this Privacy Policy or our privacy practices, you can contact us through:

• Email: hola@invitafiestas.com
• Contact form: Available in your user dashboard

We are committed to responding to your inquiries in a timely manner and working with you to resolve any privacy concerns.