Privacy Policy

This Privacy Policy applies to viewtheregistry.comand the related services operated by The Registry (referred to here as “we,” “us,” or “The Registry”). It explains what information we collect, how we use it, who we share it with, how long we keep it, and the choices you have.

If something in this policy is unclear, email us at hello@viewtheregistry.com. A human will respond.

1. What we collect

From people who submit a cost

Submitting a cost on The Registry is anonymous and does not require an account. When you submit, we store:

• The information you type into the form (vendor name, location, total paid, guest count, wedding date, category-specific details, optional note to other couples).
• A SHA-256 hash of your IP address, used only for rate limiting and fraud detection. We do not store the raw IP address.
• The timestamp of your submission and the browser user-agent string.

We do not ask for your name, email, phone number, or any other directly identifying information at the point of submission. If you choose to include identifying information inside a free-text field (for example, the note to other couples), we will take reasonable steps to redact personally identifying information before publication, but your submission generally grants The Registry a license to publish the content you provided. See Section 3 of our Terms of Service for the scope of that license.

From people who browse the site

When you visit The Registry without submitting anything, our hosting provider and analytics tools record standard log data: your hashed IP, the pages you viewed, the referring URL, and basic device and browser information. We use this to understand traffic patterns and to keep the site secure and performant.

From vendors

We compile vendor listings from publicly available sources (directory sites, vendor websites, editorial roundups) and from inbound correspondence with vendors. We may store a vendor’s business name, business address, business email, business phone, public website, public pricing materials, and similar business-context information. If a vendor sends us material directly, we may also retain that correspondence for our records.

Vendors who want their listing removed or corrected can contact hello@viewtheregistry.com or use the process described on our takedown page.

From people who email us

If you email us, we keep the contents of the message and your email address so we can respond and so we have a record of the conversation.

2. What we do with it

We use the information described above for these purposes:

• To publish aggregate and individual pricing data. Submitted prices are the core of the product. They are published in aggregate (medians, ranges, distributions) and as individual data points on vendor pages and the public ledger.
• To operate the site. Logs, hashed IPs, and basic analytics let us monitor uptime, debug issues, and detect abuse.
• To prevent spam and fraud. Hashed IPs let us rate limit submissions and identify coordinated attempts to poison the data.
• To contact vendors. We may reach out to vendors using their publicly listed business contact information to request pricing, verify listings, or follow up on inquiries.
• To improve the product. Aggregated, de-identified usage data informs decisions about which categories, markets, and features to invest in.

We do not sell your personal information. We do not rent it, license it to data brokers, or include it in any commercial dataset offered to third parties.

3. Who we share it with

We share information with the following categories of service providers strictly to operate the site. Each is bound by its own privacy and security commitments:

• Hosting and infrastructure: Vercel (web hosting and edge network) and Supabase (managed Postgres database).
• Analytics: A privacy-focused analytics provider used to count page views and understand navigation patterns. Listed by name in our cookie disclosure.
• Error monitoring: An error-tracking service that receives stack traces and minimal context when something on the site crashes.
• Email delivery: A transactional email provider used for outbound vendor correspondence and for replies to people who email us.

We will also disclose information when required by law, when responding to valid legal process, or when necessary to protect the rights, safety, or property of The Registry, our users, or the public.

If The Registry is ever acquired or merged, the data we hold may transfer to the acquiring entity, which will be bound by this policy or a successor policy at least as protective.

4. How long we keep it

• Published submissions: retained indefinitely as part of the public dataset.
• Hashed IPs: retained for up to 180 days, then purged on a rolling basis.
• Raw access and error logs: retained for up to 90 days.
• Email correspondence: retained for as long as the conversation is operationally relevant, typically 24 months.

5. Your choices and rights

Depending on where you live, you may have the right to access, correct, or delete personal information we hold about you, or to object to certain processing. To exercise any of these rights, email hello@viewtheregistry.com. We will respond within 30 days.

Because submissions are anonymous by design, we usually cannot associate a published cost back to a specific person. If you remember roughly when you submitted and the vendor name, we can usually find the row and remove it on request.

California residents (CCPA / CPRA)

California residents have additional rights, including the right to know what personal information we collect, the right to delete it, the right to correct it, and the right to opt out of any “sale” or “sharing” as those terms are defined under California law. We do not sell or share personal information for cross-context behavioral advertising. To make a request, contact us at the address above.

EU and UK residents (GDPR / UK GDPR)

If you are in the EU or the UK, you have the rights of access, rectification, erasure, restriction, portability, and objection under the GDPR. The legal bases on which we rely are (a) your consent (for analytics cookies, where applicable), (b) our legitimate interests in operating and securing the service, and (c) compliance with legal obligations. You can lodge a complaint with your local data protection authority if you believe we have mishandled your data.

6. Security

We use industry-standard measures to protect data in transit (TLS) and at rest (encrypted storage with our hosting providers). Database access is restricted, secrets are stored in environment variables not in source code, and we hash IPs before they touch the database. No system is perfectly secure, and we cannot guarantee absolute security, but we treat the small amount of data we do hold with care.

If you discover a security issue, please report it to hello@viewtheregistry.comwith the subject line “Security.”

7. Minors

The Registry is intended for adults aged 18 and over. We do not knowingly collect information from anyone under 18. If you believe a minor has submitted information, contact us and we will delete it.

8. International transfers

The Registry operates in the United States. If you access the service from outside the United States, you understand that your information will be processed in the United States, where data protection law may differ from your jurisdiction.

9. Changes to this policy

When we make material changes to this policy, we will update the “last updated” date at the top and, for significant changes, post a notice on the site for at least 30 days before the new terms take effect.

10. Contact

Questions, complaints, or requests: hello@viewtheregistry.com.