Privacy Policy

SimchaMaker (simchamaker.com) is operated by SimchaMaker LLC, a New York limited liability company (“we,” “us,” or “our”). This Privacy Policy explains how we collect, use, share, and protect personal information when you use SimchaMaker to design invitations, manage guest lists, send invitations via email and SMS, and collect RSVPs.

This policy applies to two groups:

• Hosts: people who create a SimchaMaker account to plan an event.
• Guests: people whose contact information a host adds to their guest list, and who may receive invitations or reminders from a host through our platform.

By using SimchaMaker, you agree to the practices described here. If you don't agree, please don't use the service.

1. What SimchaMaker Does

SimchaMaker is an event invitation platform. Hosts use it to design invitations, upload or import guest lists, and send invitations and reminders by email and SMS. Guests use it to view their invitation and submit RSVPs. Hosts purchase credits to send messages; SimchaMaker provides the technical infrastructure that delivers them.

For guest contact information that a host provides to us (names, phone numbers, email addresses), the host is the data controller and SimchaMaker acts as a processor, sending messages on the host's behalf and at the host's direction. Hosts represent in our Terms of Service that they have the consent necessary to add each guest to their list.

2. Information We Collect

A. From Hosts

Account information. When you create an account, we collect your name, email address, and password (stored only as a salted hash). If you sign in with Google, we receive your name, email, and profile picture from Google and store authentication tokens to maintain your session.

Event and invitation content. Information you enter while designing an invitation or setting up an event: couple or honoree names (Hebrew and English), event date and time, calculated Hebrew dates, venue name and address, parent and grandparent names, registry links, custom text, color and font selections, monogram images, and event settings.

Guest list data you provide. Names, phone numbers, email addresses, group/relationship labels, and any notes you add for each guest. We also store data generated through use of the service: which invitations were sent, when, delivery status, RSVP responses, custom question answers, and message history per guest.

Payment information. Payments are processed by Stripe. We do not store full card numbers, expiration dates, or CVCs. We retain the Stripe customer ID, session ID, and payment intent ID to track credit purchases and order history.

Technical information. IP address, browser user-agent, and session cookies for security. Pages visited and interactions via Google Analytics and the Meta Pixel (see Section 6).

B. From Guests

RSVP responses. When you respond to an invitation, we collect your response (attending, declining, attending count), your selections for any custom questions or event parts the host configured, and any optional message you include for the host. This information is shared with the host of the event.

Contact information from the host. The name, phone number, and email address used to send your invitation were provided to us by the host who invited you, not collected directly from you.

Technical information. When you visit your invitation link, we log basic technical data (IP address, user-agent, the short code of the invitation) for security and to detect abuse, and we record analytics events (see Section 6).

SMS delivery status. Our SMS provider reports back delivery status (delivered, failed, opted-out) which we store against your guest record so the host knows whether to follow up.

3. How We Use Information

We use the information we collect to:

• Create and operate host accounts and host events.
• Render and deliver invitations as images, web pages, PDFs, and printable files.
• Send invitations, reminders, and RSVP confirmations by email and SMS at the host's direction.
• Track delivery and RSVP status, and show that information back to the host.
• Process credit purchases and other payments through Stripe.
• Send transactional account emails (welcome, password reset, RSVP notifications, receipts).
• Provide AI-assisted features (guest list import via Smart Paste, AI-generated monograms) at the host's request.
• Detect, prevent, and respond to fraud, abuse, spam, or violations of our Terms.
• Maintain security, including blocking recipients who reply STOP from receiving further SMS.
• Improve the service, templates, and user experience.
• Comply with our legal obligations.

We do not use guest contact information (names, phone numbers, email addresses provided by a host) to market SimchaMaker to those guests. We do not send guests promotional messages from SimchaMaker.

4. SMS and Text Messaging

When a host sends an invitation or reminder via SMS through SimchaMaker, our SMS provider transmits the message to the recipient's mobile carrier on the host's behalf. The following disclosures apply to all SMS messages sent through the platform:

• No sharing of mobile information. Mobile phone numbers and SMS opt-in data are never shared with third parties or affiliates for marketing or promotional purposes. Phone numbers are used only to deliver the messages the host has sent and to honor opt-outs. We share phone numbers with our SMS delivery provider strictly to transmit the host's messages, and with no one else for marketing.
• Message frequency. Message frequency varies by event and host. A typical recipient will receive one invitation message and may receive up to two reminder messages (an RSVP reminder if they have not responded, and a pre-event reminder) per event. Frequency is controlled by the host of the event you were invited to.
• Message and data rates may apply. Standard message and data rates from your mobile carrier may apply to messages you receive or send in response. SimchaMaker does not charge recipients for messages.
• Opt-out. Reply STOP to any SMS message from SimchaMaker to opt out of further messages. We automatically block opted-out numbers from receiving further messages through the platform.
• Help. Reply HELP for assistance, or contact us at support@simchamaker.com.
• Supported carriers. Messages are supported on major U.S. carriers. Carriers are not liable for delayed or undelivered messages.

5. Data Storage and Security

Personal data is stored in cloud-hosted databases and object storage operated by our infrastructure providers in the United States. We use industry-standard security measures including encrypted connections (HTTPS/TLS), hashed passwords, and signed session tokens. Access to production data is restricted to authorized personnel. No system can be guaranteed 100% secure, and we cannot promise absolute security.

Generated invitation files (PDF, PNG, and addressed envelope images) are rendered on demand. Permanent storage is limited to assets the host has saved to their event (such as uploaded monogram images).

6. Analytics and Cookies

We use Google Analytics to understand how visitors use our website. Google Analytics collects information such as pages visited, time on site, browser type, device type, and approximate geographic location. This data is aggregated and does not personally identify you.

We also use the Meta (Facebook) Pixel to measure the effectiveness of our advertising and understand how visitors interact with our site. The Meta Pixel may collect information such as pages visited, actions taken, and device information, and may use cookies to serve relevant ads on Facebook and Instagram. You can manage your ad preferences through your Facebook Ad Settings.

Google Analytics and the Meta Pixel set cookies on your browser. You can opt out of Google Analytics by installing the Google Analytics Opt-out Browser Add-on.

We also use session cookies to keep you logged in. These are essential for the service to function and cannot be disabled while using an account.

7. Third-Party Services and Sub-Processors

We share data with the following service providers to operate SimchaMaker. Each is governed by its own privacy policy.

We do not sell personal information. We do not share information with third parties for their own marketing, and we do not share mobile phone numbers or SMS opt-in data with any third party or affiliate for marketing or promotional purposes.

We may add, remove, or change providers from time to time as the service evolves. The list above describes the categories of providers we use and identifies the providers required to be named for compliance or transparency reasons.

8. Data Retention

• Host account, event, and guest data is retained for as long as the host's account exists. If a host deletes their account, associated event and guest data is deleted within 30 days, except where retention is required by law or for fraud prevention.
• Sessions expire after a period of inactivity.
• Password reset tokens expire after a short window and are not retained.
• Delivery logs (records of which messages were sent, delivery status, and timestamps) are retained for service operations, troubleshooting, billing reconciliation, and compliance.
• SMS opt-out records are retained indefinitely so that we continue to honor STOP requests even if a guest is later re-added to a list.
• Payment records are retained as required by tax, accounting, and consumer-protection laws.

Hosts can delete their account at any time by contacting us at support@simchamaker.com. See Section 9 for guest deletion requests.

9. Your Rights

Depending on your location, you may have the right to:

• Access the personal data we hold about you.
• Correct inaccurate or incomplete data.
• Delete your data.
• Object to or restrict certain processing.
• Data portability: receive a copy of your data in a structured format.
• Opt out of SMS messages by replying STOP, and opt out of email by using the unsubscribe link or by contacting us.

Hosts can exercise these rights by managing their account or by contacting support@simchamaker.com.

Guests who want their contact information removed can reply STOP to any SMS, use the unsubscribe link in an email, or contact us at support@simchamaker.com with the name of the event or the host who invited them. Because guest data is provided to us by hosts, we will also notify or forward the request to the host where appropriate; for broader access, correction, or deletion requests, we may direct you to the host as the controller of your data on their guest list.

10. Children's Privacy

Accounts are limited to users 13 and older, as set out in our Terms of Service. SimchaMaker is not directed to children under 13, and we do not knowingly collect their personal information. If you believe we have collected information from a child under 13, please contact us and we will promptly delete it.

11. International Users

SimchaMaker is operated from the United States and our infrastructure providers store data in the United States. If you access the service from outside the U.S., you understand that your information will be transferred to and processed in the U.S., which may have data protection laws different from those in your jurisdiction.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will post the updated policy on this page with a revised “Last updated” date and, for material changes, notify hosts by email or through the platform. Continued use of SimchaMaker after changes take effect constitutes acceptance of the updated policy.

13. Contact Us

Questions about this Privacy Policy, or want to exercise a privacy right? Contact us at:

SimchaMaker LLC
418 Broadway, Ste N
Albany, NY 12207
support@simchamaker.com