PlanoreePlanoree

Privacy Policy

Last updated: February 2026

Planoree is a service operated by Vedisee SRL, a company registered in Belgium under number BE 0716.960.454 ("we", "our", or "us"). Vedisee SRL is the data controller responsible for your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and website (collectively, the "Service").

1. Information We Collect

1.1 Information you provide directly

  • Account information: name, email address, profile photo, and password
  • Event content: event titles, descriptions, locations, dates, and cover images
  • User-generated content: photos, posts, comments, messages, and reviews uploaded to events
  • Guest information: names and email addresses of guests you invite
  • Payment information: subscription purchases are processed by Apple App Store, Google Play, or our web payment provider. We do not store your credit card details.

1.2 Information collected automatically

  • Device information: device type, operating system, unique device identifiers, and mobile network information
  • Usage data: pages visited, features used, time spent, and interaction patterns
  • Log data: IP address, browser type, access times, and referring URLs
  • Location data: only when you explicitly grant permission for event check-in or location-based features

2. How We Use Your Information

We use your information to:

  • Provide, maintain, and improve the Service
  • Send event-related notifications (invitations, RSVP updates, messages)
  • Process subscriptions and manage your account
  • Facilitate event features such as photo sharing, messaging, and check-ins
  • Ensure the security and integrity of the platform
  • Respond to your support requests and inquiries
  • Analyze usage patterns to improve user experience (aggregated, anonymized data only)

3. Legal Basis for Processing (GDPR)

For users in the European Economic Area (EEA), we process personal data under the following legal bases:

  • Contract performance: processing necessary to provide the Service you signed up for (account management, event features, messaging)
  • Consent: for optional features like push notifications, marketing emails, and location services. You can withdraw consent at any time.
  • Legitimate interest: for security monitoring, fraud prevention, and Service improvement
  • Legal obligation: when required to comply with applicable laws

4. Data Sharing and Disclosure

We do not sell your personal data. We share data only with:

  • Event participants: your name, profile photo, and event contributions (photos, posts, messages) are visible to other participants within the same event
  • Service providers: Supabase (database and authentication), cloud storage providers (photo hosting), and email delivery services (transactional emails)
  • Payment processors: Apple, Google, and web payment providers for subscription management
  • Legal requirements: when required by law, court order, or governmental authority

5. Data Storage and Security

Your data is stored securely using Supabase infrastructure with encryption at rest (AES-256) and in transit (TLS 1.3). We implement Row Level Security (RLS) policies on all database tables to ensure users can only access data they are authorized to view. Access to production systems is restricted to authorized personnel with multi-factor authentication.

6. Data Retention

  • Active accounts: data is retained as long as your account is active
  • Deleted accounts: personal data is deleted within 30 days of account deletion. Some anonymized data may be retained for analytics.
  • Event data: when an event is deleted by its owner, all associated data (photos, posts, messages, guest lists) is permanently removed
  • Backups: encrypted backups are retained for up to 90 days for disaster recovery purposes

7. Your Rights (GDPR and Applicable Law)

Depending on your location, you have the following rights regarding your personal data:

  • Right of access: request a copy of your personal data
  • Right to rectification: correct inaccurate or incomplete data
  • Right to erasure: request deletion of your account and associated data
  • Right to data portability: receive your data in a structured, machine-readable format
  • Right to object: object to processing based on legitimate interest
  • Right to restrict processing: request limitation of processing in certain circumstances
  • Right to withdraw consent: withdraw consent at any time for consent-based processing

To exercise any of these rights, contact our Data Protection Officer at privacy@vedisee.com. We will respond within 30 days.

8. International Data Transfers

Your data may be processed in countries outside of your country of residence. When we transfer data outside the EEA, we ensure adequate safeguards are in place, including Standard Contractual Clauses approved by the European Commission.

9. Children's Privacy

The Service is not intended for children under the age of 16. We do not knowingly collect personal data from children under 16. If we become aware that we have collected data from a child under 16, we will take steps to delete it promptly.

10. Cookies

We use essential cookies for authentication and language preferences. We do not use advertising or tracking cookies. For complete details, see our Cookie Policy.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or in-app notification. Continued use of the Service after changes constitutes acceptance of the updated policy.

12. Contact

For privacy-related inquiries, contact our Data Protection Officer:

  • Email: privacy@vedisee.com
  • For EU residents, you have the right to lodge a complaint with your local supervisory authority if you believe your data is being processed unlawfully.
Privacy Policy | Planoree