Your Privacy Matters
We believe party planning should be fun — not worrying about your data. Here's exactly how we handle your information.
Effective Date: February 28, 2026 · Last Updated: April 28, 2026
Data We Collect
We collect only the data necessary to provide you with a great party planning experience:
🔐 Account Information
- Email address — used for login and optional notifications
- Display name — shown to collaborators you invite
- Authentication method — Google, Apple, or email/password
🎉 Event Data
- Event details — event type, date, location, guest count, theme, budget
- Guest lists — names, email addresses, RSVP statuses, dietary restrictions
- AI-generated plans — timelines, vendor suggestions, budget breakdowns
- Moodboards & themes — color palettes, style preferences
📊 Usage Data
- Page views & navigation — which pages you visit (anonymized)
- Feature usage — which tools you engage with most
- Session data — duration and frequency of visits
- Error logs — technical errors to improve the platform
📱 Device & Contact Data
- Phone contacts — names, phone numbers, and email addresses imported from your device, only if you explicitly grant permission and use the import feature
- Push notification tokens — a device-specific identifier used to deliver event reminders and RSVP updates (only if you enable notifications)
💳 Payment Data
- Card details — collected and stored exclusively by Stripe, our payment processor. PartyPal never receives or stores your full card number, CVC, or expiry.
- Purchase history — Stripe payment IDs, amount, currency, credit pack purchased, and timestamps are stored in your PartyPal account so we can grant credits and reconcile receipts.
- Receipts — Stripe sends an email receipt for each successful purchase using the email on your PartyPal account.
📍 Location Data
- Precise location — your device's GPS coordinates, requested on-demand only when you search for nearby vendors or venues
- Approximate location — your city, region, and country, derived from your IP address to suggest a default location in search
How We Use Your Data
Provide Services
Store your events, generate AI plans, manage guests, and facilitate RSVPs.
Personalize AI
Your event data (stored in your account) helps AI generate tailored plans and recommendations. Additionally, behavioral preferences are learned locally in your browser.
Improve Platform
Aggregated, anonymized usage data helps us build better features.
Security
Monitor for errors, abuse, and unauthorized access to protect your account.
AI & Your Privacy
PartyPal uses AI to generate party plans, vendor suggestions, and personalized recommendations. Your AI experience is powered by two types of data:
Event Data Powers Recommendations
Your event details (event type, date, guest count, budget, theme, guest lists) are stored securely in your PartyPal account on our servers. The AI uses this context to generate personalized plans, vendor suggestions, and recommendations tailored to your specific event. This data is accessible only to you (and any collaborators you invite) and is deleted when you delete your account.
Behavioral Preferences Stay Local
As you interact with PartyPal, the app learns your style preferences (planning style, budget tendency, tone preference, favorite categories). These behavioral signals are stored exclusively in your browser's local storage and are never sent to our servers. Even admins cannot access this data.
Your Data is Never Shared
Neither your event data nor your behavioral preferences are shared with other users, sold to third parties, or used to build advertising profiles. Admins can see aggregate analytics only (total events, page views) — never individual event details or personal context.
AI Request Processing
When you generate a plan or use AI features, your event details are sent to Google Gemini AI to generate responses. This data is processed to fulfill your request and is subject to Google's AI terms. We do not use your data to train custom AI models.
Data Storage & Security
☁️ Cloud Storage
Account data, events, and guest lists are stored securely in Google Firebase / Firestore, which provides enterprise-grade encryption at rest and in transit (TLS 1.2+).
💻 Browser Storage
Some data is also cached in your browser's local storage for performance and offline access, including AI behavioral preferences, vendor shortlists, and planning checklists. This cached data supplements — but does not replace — the server-side copies.
🔑 Authentication
Passwords are never stored by PartyPal. Authentication is handled entirely by Firebase Authentication using industry-standard hashing and secure token management.
🌐 Data Location
All data is stored and processed on Google Cloud Platform infrastructure via Firebase and Vercel.
🔔 Push Notification Tokens
If you enable notifications, a device-specific token from Apple Push Notification service or Firebase Cloud Messaging is stored in your PartyPal account so we can deliver event reminders and RSVP updates. Tokens are never used for advertising and are removed when you delete your account.
Analytics & Cookies
We use a first-party analytics system — we do not use Google Analytics, Facebook Pixel, or other third-party tracking scripts for analytics purposes.
What we track
- Page views and navigation patterns (stored alongside your Firebase user ID while your account is active; anonymized and unlinked from you on account deletion)
- Feature usage counts (plan generation, vendor searches, etc.)
- Error occurrences for debugging
- Session-level engagement metrics (time on page, pages visited)
What we DON'T do
- ❌ No cross-site tracking
- ❌ No fingerprinting
- ❌ No selling your personal data to third parties
Firebase Auth uses token-based authentication stored in your browser (IndexedDB).
SMS Communications
PartyPal offers an optional text-message channel for event-related updates. Messages are transactional — we do not send marketing or promotional SMS. Joining the SMS channel is always your choice and always reversible.
How you opt in
You opt in to SMS by entering your mobile number on a PartyPal-hosted opt-in page (for example, partypal.social/sms-consent/[code]) and explicitly checking the unchecked consent box. The disclosure shown to you at that moment describes the message types, the typical frequency (3–5 messages per event), the carrier rates note, and links back to this Privacy Policy and our Terms. PartyPal will not text you at all unless you complete this step yourself.
What we record when you opt in
- Your mobile number, in E.164 format
- The event you opted in for, and your name (if provided)
- The exact disclosure text and version you saw
- The timestamp of your opt-in
- Your IP address and browser user-agent string
We collect these technical artifacts because U.S. SMS carriers and The Campaign Registry can request proof that consent was a deliberate user action; we keep them so we can answer that audit accurately.
What we send
- RSVP confirmation after you respond to an event
- Event reminders leading up to the event date
- Updates from the host (e.g. location change, time change)
- For event hosts: notifications when guests RSVP to your event
How you opt out
Reply STOP (or UNSUBSCRIBE, CANCEL, QUIT, END) to any PartyPal text message and you will be added to our opt-out list immediately. You will receive no further texts from PartyPal. Reply HELP at any time and we will respond with support contact information. You can also email support@partypal.social to be removed manually.
We do not sell, rent, or share your phone number with third parties for their own marketing. Phone numbers are shared with our messaging provider (sent.dm) solely to deliver the messages you opted in to. Standard carrier message and data rates may apply; PartyPal is not responsible for delays or failures in delivery caused by carriers.
Your Rights
You have full control over your data:
Access
View all data associated with your account at any time through your dashboard.
Correction
Edit or update your event details, guest information, and profile at any time.
Portability
Request a copy of your data in a standard format by contacting us.
Deletion
Delete your account and all associated personal data permanently.
Objection
Object to data processing by contacting us — we'll honor your request.
Withdraw Consent
Opt out of optional communications at any time via your account settings.
Account Deletion
You can delete your account at any time from your profile dropdown menu. Here's exactly what happens:
Personal Data Removed
Your profile, email, display name, and authentication credentials are permanently deleted.
Events Deleted
All events you created, including guest lists, RSVPs, plans, and associated data are permanently removed.
AI Preferences Cleared
Your browser-side AI behavioral preferences are cleared from local storage. These preferences were never stored on our servers.
Analytics Preserved (Anonymized)
Aggregated analytics data (daily page view counts, feature usage counts) is retained in anonymized form. Your user ID is removed from individual analytics entries. This anonymized data cannot be linked back to you and is used solely for platform improvement.
Third-Party Services
We use the following trusted third-party services:
Authentication and database storage. Privacy Policy →
AI-powered plan generation, guest invitations, and vendor summaries. Terms →
Website hosting and deployment. Privacy Policy →
Location search for venues and vendor discovery. Search queries and location data are sent to Google. Privacy Policy →
Payment processing for credit pack purchases. Card details are entered directly into Stripe's hosted Checkout — PartyPal never receives or stores full card numbers. Privacy Policy →
Email delivery service used for RSVP notifications, collaboration invites, and other transactional emails. Email addresses are shared with Resend to deliver messages. Privacy Policy →
Sign in with Apple authentication provider. If you choose Apple login, your identity is verified through Apple's servers. Privacy Policy →
Used to deliver WhatsApp event invitations and track their delivery status. When you send a WhatsApp invite, the recipient's phone number and event details are transmitted to Meta. Privacy Policy →
Used to generate event passes you can add to your Wallet. Pass files contain your event name, date, time, and location. These are generated on our servers and handed to your device — no separate service call is made to Apple or Google when you add the pass.
Used to determine an approximate default city from your IP address so location searches work out of the box. Your IP address is sent to ipapi.co; no account data is shared. Privacy Policy →
Children's Privacy
PartyPal is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If we discover that a child under 13 has provided us with personal information, we will promptly delete it. If you believe a child has provided us with personal data, please contact us.
Policy Changes
We may update this Privacy Policy from time to time. When we make significant changes, we will notify users through a banner on the website and update the "Last Updated" date at the top of this page. We encourage you to review this policy periodically.
Contact Us
If you have any questions about this Privacy Policy or your data, please contact us:
📧 Email: privacy@partypal.social
🌐 Website: Contact Us Page