Login Book a Demo
Try for Free Book a Demo
RSVPify Privacy Policy

RSVPify Privacy Policy

Table of Contents

Last Updated: April 9, 2026

RSVPify Inc. (referred to as the “Company,” “we,” “us” or “our”) respects your privacy and is committed to protecting your personal information. This Privacy Policy explains how we collect, use, share, and protect information about you when you use our website at https://rsvpify.com (the “Website”) and our event management platform and related services (collectively, the “Services”).

This Privacy Policy applies to all users of the Website and Services, including event organizers, event guests, and visitors to our marketing site. It does not apply to the data practices of third parties we do not own or control.

If this Privacy Policy is not acceptable to you, you should discontinue using the Services.

1. International Data Transfers: EU-U.S. Data Privacy Framework

RSVPify Inc. complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. Data Privacy Framework (UK Extension), and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF), as set forth by the U.S. Department of Commerce.

RSVPify has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. DPF Principles, the UK Extension Principles, and the Swiss-U.S. DPF Principles with regard to the processing of personal data received from the European Union, the United Kingdom, and Switzerland respectively. If there is any conflict between the terms of this Privacy Policy and the applicable DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework Program and to view our certification, please visit https://www.dataprivacyframework.gov/.

In compliance with the EU-U.S. DPF, the UK Extension, and the Swiss-U.S. DPF, RSVPify commits to resolve DPF Principles-related complaints about our collection and use of your personal information. EU, UK, and Swiss individuals with inquiries or complaints should first contact RSVPify at: [email protected].

RSVPify is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC) with respect to our DPF obligations.

In the event that we are unable to resolve a privacy concern, you may contact JAMS, an independent third-party dispute resolution provider based in the United States, free of charge at https://www.jamsadr.com/DPF-Dispute-Resolution. As a last resort, binding arbitration is available to EU individuals under the Data Privacy Framework Panel for complaints not resolved through other means.

RSVPify remains accountable for personal data it transfers to third parties under the DPF Principles, including for onward transfers to sub-processors. We may also rely on Standard Contractual Clauses (SCCs) or other approved transfer mechanisms where applicable.

2. Our Role: Data Controller and Data Processor

RSVPify operates in two distinct capacities depending on context:

  • As a Data Controller: When we collect and process personal information for our own business purposes — such as account registration, billing, marketing communications, and platform analytics — RSVPify determines the purposes and means of processing and acts as the data controller.
  • As a Data Processor: When event organizers use our platform to collect and manage data about their event guests and attendees, RSVPify processes that data on behalf of the organizer, who acts as the data controller. In this capacity, our processing is governed by our Data Processing Agreement (DPA) with the organizer.

If you are an event guest and have questions about how your personal data was collected or used for a specific event, please contact the event organizer directly, as they are the controller of that data.

3. Children’s Privacy

Our Services are not directed to children under the age of 13. We do not knowingly collect personal information from children under 13. If you are under 13, do not register for the Services, make any purchases, or provide any personal information to us.

If we learn that we have collected personal information from a child under 13 without verified parental consent, we will promptly delete that information. If you believe we may have information from or about a child under 13, please contact us at [email protected].

California residents under 16 years of age may have additional rights regarding the collection and sale of their personal information. Please see Section 11 (California Privacy Rights) for more information.

4. Information We Collect

4a. Information You Provide Directly

We collect personal information you voluntarily provide, including when you:

  • Register for an account (name, email address, password)
  • Create or manage an event (event details, organizer contact information)
  • Purchase a subscription or ticket (billing name, address, and payment information processed via our payment processor)
  • Respond to an event invitation as a guest (name, email address, responses to questions set by the event organizer)
  • Contact our support team or submit feedback
  • Sign up for marketing communications

4b. Information Collected Automatically

When you visit our Website or use our Services, we automatically collect certain information. This may include, but is not limited to:

  • Technical data: IP address, browser type and version, device identifiers, operating system
  • Usage data: pages visited, links clicked, features used, time spent on pages, referring URLs
  • Session recordings: on certain parts of the platform, we may record user sessions to help us understand how the Services are used and to improve the user experience. Session recordings may capture mouse movements, clicks, scrolling, and interactions with on-screen elements. Sensitive fields such as passwords and payment information are masked and are not recorded.
  • Cookie and tracking data: as described in Section 9 below

4c. Information from Third Parties

We may receive information about you from third-party services you connect to our platform (such as Salesforce, HubSpot, or Google), social login providers, or payment processors. This information is used only as necessary to provide the Services.

5. How We Use Your Information

We use the information we collect for the following purposes:

  • To provide, operate, maintain, and improve our Services
  • To process registrations, transactions, and payments
  • To communicate with you about your account, including service updates and security notices
  • To send marketing and promotional communications about RSVPify products and services (you may opt out at any time)
  • To show you targeted advertisements for RSVPify products and services on third-party platforms, using hashed email addresses and tracking pixels (you may opt out as described in Section 9)
  • To generate aggregated, anonymized analytics about platform usage
  • To comply with legal obligations and enforce our Terms of Service
  • To prevent fraud, abuse, and security incidents
  • For any other purpose with your consent
  • To scan outbound email communications and monitor platform activity for security purposes, including threat detection and abuse prevention, using AI-powered tools provided by third-party processors (OpenAI and Anthropic). This scanning is limited strictly to outbound email content and platform-level abuse signals — it does not have access to customer or guest data. Security scanning is applied at a platform level and cannot be disabled by workspace administrators.

We do not sell your personal information. We do not use your personal data to target advertising for any company other than RSVPify.

6. How We Share Your Information

6a. Service Providers and Sub-Processors

We share personal data with trusted third-party vendors who help us operate our business and deliver the Services. These include:

  • Payment processors (for billing and transaction processing)
  • Email delivery providers (for transactional and marketing communications)
  • Cloud infrastructure and hosting providers
  • Analytics and performance monitoring tools
  • Customer support platforms
  • Identity and access management (IAM) providers
  • Advertising platforms (for RSVPify retargeting campaigns, using hashed identifiers only)

All service providers are contractually required to handle personal data only as directed by RSVPify and in accordance with applicable privacy laws. For a full list of our sub-processors, see our Sub-Processor List. EU and UK customers subject to GDPR or UK GDPR may additionally access our Data Processing Agreement (DPA). To inquire about a specific sub-processor or data sharing arrangement, contact us at [email protected].

6b. Legal Requirements

We may disclose personal data to law enforcement, government authorities, or other parties when required by applicable law, court order, or other legal process, or when we believe in good faith that disclosure is necessary to protect our rights, your safety, or the safety of others.

6c. Business Transfers

If RSVPify is involved in a merger, acquisition, or sale of assets, your personal data may be transferred as part of that transaction. We will notify you of any material change as described in Section 13 of this Policy.

6d. With Your Consent

We may share your information with third parties for purposes not described in this Policy with your prior consent.

7. Data Security

We implement industry-standard technical and organizational measures to protect your personal data against unauthorized access, loss, misuse, or disclosure, including:

  • Encryption of data in transit (TLS/SSL) and at rest
  • Access controls and role-based permissions
  • Regular security assessments and monitoring
  • Incident response procedures

When you enter sensitive information such as payment details, we encrypt the transmission using SSL. You are responsible for keeping your account credentials confidential. Please notify us immediately at [email protected] if you suspect any unauthorized access to your account.

No method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your personal data, we cannot guarantee its absolute security.

8. Data Retention

We retain personal data for as long as necessary to provide the Services and fulfill the purposes described in this Policy, or as required by law. Specific retention periods by data type:

  • Account data: retained for the duration of your active account, plus a reasonable period thereafter in case you wish to reactivate. You may request deletion at any time.
  • Event guest data processed on behalf of organizers: retained per our DPA with the organizer and applicable law.
  • Billing and transaction records: retained for as long as required for business, legal, and tax compliance purposes. Billing data is stored via Stripe and our internal database and is retained in accordance with applicable financial regulations.
  • Encrypted backup copies: retained for up to 90 days before permanent deletion.

Upon account deletion or receipt of a valid deletion request, we will delete or anonymize your personal data, except where retention is required for legal, regulatory, fraud prevention, or dispute resolution purposes.

9. Cookies, Tracking Technologies, and Advertising Opt-Out

We use cookies and similar tracking technologies on our Website and Services to improve your experience, analyze usage, and support our marketing efforts.

9a. Types of Cookies We Use

  • Essential cookies: required for the Website and Services to function (authentication, security, session management)
  • Analytics cookies: help us understand how users interact with our platform (e.g., page views, feature usage)
  • Advertising cookies and pixels: used to deliver targeted advertisements for RSVPify products and services on third-party platforms such as Google, Meta, and LinkedIn, including through the use of hashed email addresses
  • Preference cookies: remember your settings and preferences

9b. Consent Mechanisms

Marketing site visitors (rsvpify.com): a cookie consent banner is displayed to visitors in regions where such consent is required by law (including the EU, EEA, and UK). By clicking to accept, you consent to the use of non-essential cookies, including advertising cookies. We maintain digital logs of consent. You may modify your preferences at any time via the cookie settings link in our website footer.

Registered platform users: by accepting our Terms of Service at account creation, you consent to our use of cookies and tracking technologies as described in this Policy.

9c. Do Not Sell or Share My Personal Information

Under the California Consumer Privacy Act (CPRA) and similar state laws, the use of hashed email addresses and tracking pixels for cross-context behavioral advertising may constitute “sharing” of personal information. You have the right to opt out of this activity.

To opt out: click the “Do Not Sell or Share My Personal Information” link in the footer of our website, or adjust your cookie preferences via the cookie settings link. You may also signal your opt-out preference by enabling the Global Privacy Control (GPC) in your browser, which we honor automatically. We will honor opt-out requests within 15 business days.

Opting out will suppress advertising cookies and pixel-based retargeting. It does not affect essential or analytics cookies, and it does not affect your ability to use the Services.

9d. Managing Cookies

You can configure your browser to decline cookies. Note that disabling essential cookies may affect your ability to use the Services. For more information about managing cookies, visit www.allaboutcookies.org.

9e. Third-Party Tracking

Our Website integrates with third-party tools including Google Analytics, Google Ads, Meta Pixel, and LinkedIn Insight Tag. These providers may set their own cookies. Their data practices are governed by their own privacy policies, which we encourage you to review.

10. Your European Economic Area (EEA) Rights

If you are a resident of the European Economic Area (EEA), you have rights under the General Data Protection Regulation (GDPR), including:

  • Right of access: request a copy of the personal data we hold about you
  • Right to rectification: request correction of inaccurate or incomplete data
  • Right to erasure: request deletion of your personal data
  • Right to restriction: request that we limit how we process your data
  • Right to data portability: receive your data in a structured, machine-readable format
  • Right to object: object to processing based on legitimate interests or for direct marketing
  • Right to withdraw consent: where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing

To exercise any of these rights, please contact us at [email protected]. We will respond to all verified requests within 30 days. If you are not satisfied with our response, you have the right to lodge a complaint with your local supervisory authority.

For full details of your GDPR rights and how we process EEA data,

11. U.S. State Privacy Rights

11a. California (CCPA/CPRA)

California residents have rights under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), including the right to:

  • Know what personal information we collect, use, disclose, and share
  • Delete personal information we have collected from you (subject to certain exceptions)
  • Correct inaccurate personal information
  • Opt out of the sale or sharing of personal information (including for cross-context behavioral advertising)
  • Limit use of sensitive personal information
  • Non-discrimination for exercising your privacy rights

We do not sell your personal information. We do share personal information (hashed email addresses) with advertising platforms for the purpose of advertising RSVPify’s own products and services, which may constitute “sharing” under CPRA. You may opt out as described in Section 9c above.

To exercise your California rights, contact us at [email protected]. Requests are subject to identity verification. We will not fulfill any request without first verifying your identity. Only you, or an authorized agent registered with the California Secretary of State, may make a verifiable consumer request on your behalf. Authorized agents may submit requests on behalf of California residents with appropriate documentation.

California residents may also request information regarding our disclosure of personal information to third parties for their direct marketing purposes under California’s “Shine the Light” law (Civil Code § 1798.83) by contacting us at [email protected] or writing to RSVPify Inc., Attention: Privacy, 4803 N Milwaukee Ave, Suite B #325, Chicago, IL 60630. California residents may also request information regarding our disclosure of personal information to third parties for their direct marketing purposes under California’s “Shine the Light” law (Civil Code § 1798.83) by contacting us at [email protected] or writing to RSVPify Inc., Attention: Privacy, 4803 N Milwaukee Ave, Suite B #325, Chicago, IL 60630. We will respond to verifiable consumer requests within 45 days, with one possible 45-day extension where necessary.

11b. Other U.S. States

Residents of Colorado, Connecticut, Virginia, Texas, and other states with active comprehensive privacy laws have similar rights, including rights to access, correct, delete, and opt out of certain data processing. As of April 2026, comprehensive privacy laws are in effect in approximately 20 U.S. states.

To submit a privacy rights request under any applicable state law, contact us at [email protected] or visit https://rsvpify.com/contact/. We will respond within the timeframe required by your state’s law, typically 30–45 days.

12. Third-Party Services and Links

Our Services integrate with or contain links to third-party services. RSVPify is not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies. Key integrations include:

Links to other websites on our platform are governed by those sites’ own privacy policies and are not under our control.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we do, we will update the “Last Updated” date at the top of this page. For material changes that affect how we collect, use, or share your personal data, we will provide additional notice, which may include a prominent notice on our Website or a prompt to review and accept the updated Policy at your next sign-in.

Your continued use of the Services after we post changes constitutes your acceptance of those changes. If you do not agree to the updated Policy, you should discontinue using the Services.

14. Contact Us

If you have questions, concerns, or requests related to this Privacy Policy or our data practices, please contact us:

Email: [email protected]

Web: https://rsvpify.com/contact/

Mail:

RSVPify Inc., Attention: Privacy

4803 N Milwaukee Ave, Suite B #325

Chicago, IL 60630

  • 4.7
  • 4.8
  • 4.8
© 2026 RSVPify Inc. All rights reserved.