Privacy Policy

This is an English translation for your convenience. The German version is legally binding.

1. Privacy at a Glance

General Information

The following notes provide a simple overview of what happens to your personal data when you visit this website. Personal data is any data that can be used to personally identify you. Detailed information on the subject of data protection can be found in our privacy policy set out below.

2. Data Controller

KnipsGlück

Owner: Joshua Dormann

Hellertalstraße 4

57562 Herdorf

Germany

Email: kontakt@knipsglueck.de

3. What Data Do We Collect?

3.1 Upon Registration

  • Name and email address
  • Password (stored encrypted)
  • Time of registration

3.2 When Using Our Service

  • Uploaded photos and images
  • Name of the uploader (for guests)
  • Time of upload
  • IP address (for abuse prevention, e.g. rate limiting, and in server logs)

3.3 Automatically Collected Data

  • Browser type and version
  • Operating system used
  • Referrer URL
  • Hostname of the accessing device
  • Time of the server request

4. Purpose of Data Processing

We process your data for the following purposes:

  • Providing our online wedding album service
  • User account management
  • Payment processing via Stripe
  • Sending transactional and invitation emails (e.g. registration, password reset, RSVP invitations)
  • Technical security, error diagnostics and operations
  • Customer support

5. Legal Basis

The processing of your data is based on:

  • Art. 6(1)(a) GDPR: Consent (e.g. upon registration)
  • Art. 6(1)(b) GDPR: Performance of a contract (providing the service)
  • Art. 6(1)(f) GDPR: Legitimate interest (security, operations)

6. Cookies

Our website uses cookies. Cookies are small text files that are stored on your device. We use:

  • Necessary cookies: for the functionality of the website (login, session)
  • Preference cookies: to store your settings

You can configure your browser to notify you when cookies are set and to only allow them on a case-by-case basis.

7. Third Parties and External Services

7.1 Stripe (Payment Processing)

We use Stripe to process payments. When you make a payment, your payment data is transmitted directly to Stripe. Stripe's privacy policy is available at: https://stripe.com/privacy

7.2 Resend (Email Delivery)

We use the service Resend (Resend, Inc., USA) to send transactional emails (e.g. registration confirmation, password reset, expiration reminders) as well as RSVP invitation emails to wedding guests. This involves transmitting the names and email addresses of users and — in the case of RSVP invitations — of guests to Resend. Transfer to the USA takes place on the basis of appropriate safeguards pursuant to Art. 46 GDPR (EU Standard Contractual Clauses). The legal basis is Art. 6(1)(b) GDPR (performance of a contract) and/or Art. 6(1)(f) GDPR. Resend's privacy policy: https://resend.com/legal/privacy-policy

7.3 Google (Sign in with Google)

You can optionally sign in using your Google account ("Sign in with Google", Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland). In doing so, we receive your name, email address, and possibly your profile picture from Google. Use is voluntary; the legal basis is Art. 6(1)(b) GDPR. Google's privacy policy: https://policies.google.com/privacy

7.4 Sentry (Error Diagnostics)

To detect and fix technical errors, we use the service Sentry (Functional Software, Inc.) on the server side. In the event of errors, technical data such as error messages, browser and device information, and the IP address may be processed. We use Sentry with EU data hosting (processing on servers within the European Union). The legal basis is Art. 6(1)(f) GDPR (legitimate interest in stable and secure operation). Sentry's privacy policy: https://sentry.io/privacy/

7.5 Hosting and Storage

Your uploaded photos are stored on our own servers in Germany and are subject to the GDPR.

8. Retention Period

  • Account data: For as long as your account exists. You may have your account deleted at any time in your account settings or by emailing us.
  • Photos: 12 months from the creation of the album
  • Server logs: Stored as part of technical operations and deleted regularly
  • Payment data: Pursuant to statutory retention periods (10 years)

9. Your Rights

You have the following rights regarding your personal data:

  • Right of access (Art. 15 GDPR)
  • Right to rectification (Art. 16 GDPR)
  • Right to erasure (Art. 17 GDPR)
  • Right to restriction of processing (Art. 18 GDPR)
  • Right to data portability (Art. 20 GDPR)
  • Right to object (Art. 21 GDPR)
  • Right to withdraw consent (Art. 7(3) GDPR)

To exercise your rights, please contact us at: kontakt@knipsglueck.de

10. Data Security

We employ technical and organizational security measures:

  • SSL/TLS encryption for all data transfers
  • Encrypted storage of passwords
  • Regular security updates
  • Access controls and authentication
  • Regular backups

11. Right to Lodge a Complaint

You have the right to lodge a complaint with a data protection supervisory authority regarding the processing of your personal data. The competent authority is:

The State Commissioner for Data Protection and Freedom of Information Rhineland-Palatinate

P.O. Box 30 40

55020 Mainz, Germany

www.datenschutz.rlp.de

12. Changes to This Privacy Policy

We reserve the right to amend this privacy policy to reflect changes in the law or in our service and data processing. The current version is always available on this page.

Last updated: June 11, 2026