Privacy Policy
Last updated: 1 March 2026
PrezziePop (“we”, “us”, “our”) is committed to protecting your privacy and complying with the Australian Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). This policy explains how we collect, use, store, and disclose your personal information.
1. Information We Collect
Information you provide
- Account details: Name, email address, mobile number, profile photo.
- Family members: Names, birthdays, relationships, interests, photos, and notes for your family members (including children).
- Contacts: Names, phone numbers, email addresses, birthdays, and notes for people in your address book.
- Party details: Event names, dates, locations, guest lists, RSVP responses, and cover images.
- Gift records: Gift names, descriptions, prices, store names, URLs, and tracking status (idea, given, received).
Information collected automatically
- Usage data: Pages visited, features used, and timestamps.
- Device information: Browser type, operating system, and screen size.
- IP address: Used for rate limiting and security purposes only.
2. How We Use Your Information
We use your information to:
- Provide and improve the PrezziePop service.
- Send party invitations and RSVP notifications on your behalf.
- Display gift lists to invited guests.
- Send you transactional emails (welcome, password reset, party updates).
- Prevent fraud, abuse, and enforce our Terms of Service.
We do not use your information for targeted advertising, sell it to third parties, or share it with data brokers.
3. Information About Children
PrezziePop allows parents and guardians to store information about their children (names, birthdays, interests) for the purpose of gift tracking and party planning. This information is:
- Only visible to the account holder and guests they explicitly invite.
- Never shared with advertisers or third parties.
- Deleted when the account holder removes the child’s profile or deletes their account.
Children under 18 cannot create their own PrezziePop accounts. Only parents or legal guardians may manage children’s information.
4. How We Share Your Information
We share personal information only in these limited circumstances:
| Recipient | Purpose | Data shared |
|---|---|---|
| Invited guests | Viewing party details and gift lists | Party info, birthday child names/interests (if shared), gift list items |
| Supabase (database) | Data storage and authentication | All account data (encrypted at rest) |
| Resend (email) | Transactional emails | Email address, name |
| Twilio (SMS) | SMS invitations | Mobile number |
| Vercel (hosting) | Application hosting | IP address, request logs |
All third-party providers are bound by their own privacy policies and data processing agreements. Data is hosted in regions that provide adequate data protection.
5. Data Security
- All data is transmitted over HTTPS (TLS 1.2+).
- Passwords are hashed using bcrypt — we never store plain-text passwords.
- Database access is protected by Row Level Security (RLS) — users can only access their own data.
- API endpoints are rate-limited to prevent abuse.
- File uploads (photos) are stored in private buckets with authenticated access.
6. Data Retention
- Active accounts: Data is retained for as long as your account is active.
- Deleted accounts: Data is permanently deleted within 30 days of account deletion.
- Party data: Archived parties are retained until the account holder deletes them.
- Server logs: Automatically purged after 30 days.
7. Your Rights
Under the Australian Privacy Act, you have the right to:
- Access the personal information we hold about you.
- Correct inaccurate or outdated information.
- Delete your account and all associated data.
- Complain to the Office of the Australian Information Commissioner (OAIC) if you believe we have breached the APPs.
To exercise any of these rights, email us at hello@prezziepop.com.
8. Cookies & Local Storage
PrezziePop uses essential cookies and browser local storage for authentication sessions, user preferences, and form draft auto-save. We do not use advertising cookies, tracking pixels, or analytics cookies. No third-party cookie consent banner is required.
9. Changes to This Policy
We may update this Privacy Policy from time to time. If we make material changes, we will notify you via email or in-app notification. The “Last updated” date at the top reflects the most recent revision.
10. Contact Us
If you have questions or concerns about your privacy, contact our Privacy Officer:
- Email: hello@prezziepop.com
- Website: prezziepop.com
You can also contact the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au if you wish to make a formal complaint.
See also our Terms of Service.