We take the protection of your personal data seriously. This policy explains what data we collect, why, and how we use it. We process all personal data in accordance with the EU General Data Protection Regulation (GDPR).
MyPrettyPapery, Anna-Valeska Liesche, Erikastr. 81a
20251 Hamburg, Germany. Email: hello@myprettypapery.com.
Server log files: When you visit our website, our hosting provider Vercel automatically collects technical data (IP address, browser, operating system, referrer URL, time of access). This data is necessary for security and stable operation. Legal basis: Art. 6 (1) (f) GDPR (legitimate interest). Retention: up to 30 days. Data processing may involve servers located in the United States. We ensure compliance with GDPR through the EU-US Data Privacy Framework or Standard Contractual Clauses.
Email subscriptions: When you sign up for our 12-month wedding planning checklist or newsletter, we store your email address. We use Resend (Resend Inc., USA) as our email delivery provider; if we add subscribers to our newsletter audience, the email is also stored with Resend for sending future newsletters. By subscribing, you acknowledge that your information will be transferred to Resend for processing. Legal basis: Art. 6 (1) (a) GDPR (consent). You can unsubscribe at any time via the link in every email.
Purchase data: When you buy a template, the transaction is processed by Paddle.com Market Ltd. (Merchant of Record, registered in the United Kingdom). Paddle collects billing information to fulfil the order and handle global VAT. See Paddle's privacy policy.
Pinterest tracking: Only after you accept the cookie banner, we load Pinterest's Save button and Pinterest Tag. These set cookies in your browser to track which products are saved or viewed and to measure conversion attribution. Legal basis: Art. 6 (1) (a) GDPR (consent). See Pinterest's privacy policy.
We distinguish four categories:
Strictly necessary (no consent needed): Vercel hosting may set technical cookies for stability and security. Paddle sets cookies during checkout to process payments and prevent fraud. Legal basis: Art. 6 (1) (b) GDPR (contract initiation).
Pinterest Save button (passive UI widget, no consent needed): Our product pages display a small "Pin it" overlay on hover, powered by Pinterest's pinit.js. This script renders the button only — it does not set first-party tracking cookies on our domain. Once you click the button and are taken to pinterest.com, Pinterest's own cookies apply (see their privacy policy). Legal basis: Art. 6 (1) (f) GDPR (legitimate interest in providing a sharing affordance).
Marketing — only after your consent: Pinterest Tag (s.pinimg.com/ct/core.js) sets cookies to measure conversion attribution from saved pins to purchases. Legal basis: Art. 6 (1) (a) GDPR (consent).
Cookieless analytics (no consent needed): Vercel Web Analytics + Vercel Speed Insights run without cookies. They use an in-memory hashed identifier only for the current session, never written to a cookie. No cross-site tracking.
You can withdraw your consent for marketing cookies at any time by clicking the "Cookie Settings" link in the footer of our website, or by using your browser's privacy/incognito mode.
We use Vercel Web Analytics and Vercel Speed Insights (provider: Vercel Inc., USA) to understand how our site is used and to monitor performance. Both products are explicitly cookieless: they use an in-memory hashed identifier only for the current session. No personal data is collected, no cross-site profiles built. Legal basis: Art. 6 (1) (f) GDPR (legitimate interest). See Vercel's privacy policy.
Data processing may involve servers located in the United States. We ensure compliance with GDPR through the EU-US Data Privacy Framework or Standard Contractual Clauses where applicable.
Under GDPR you have the right to: access (Art. 15), rectification (Art. 16), erasure (Art. 17), restriction of processing (Art. 18), data portability (Art. 20), and to object (Art. 21). To exercise any of these rights, contact us at hello@myprettypapery.com.
You also have the right to lodge a complaint with a supervisory authority — typically the data protection authority in the German federal state where you reside.
Our website is served exclusively over HTTPS with TLS encryption. We use industry-standard security measures to protect data against loss, misuse, or unauthorised access.
We may update this policy occasionally. The current version is always available at this URL.