Privacy Policy

Last updated: December 2025

1. Introduction

They Said Yes ("we", "us", or "our") is committed to protecting your privacy in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our event management and RSVP platform ("Service").

This Service is operated by Rhys Murray as a sole trader based in Queensland, Australia.

2. Information We Collect

2.1 Information You Provide

  • Account Information: Email address, name, phone number when you register
  • Event Information: Event details, dates, locations, and customisation preferences
  • Guest Information: Names, email addresses, phone numbers, and dietary requirements of your event guests
  • Communication Content: Messages you send through our platform
  • Photos: Images uploaded to shared photo galleries

2.2 Information Collected Automatically

  • Usage Data: Pages visited, features used, and interactions with the Service
  • Device Information: Browser type, operating system, and device identifiers
  • Log Data: IP addresses, access times, and referring URLs

2.3 Information from Third Parties

If you sign in using Google OAuth, we receive your email address and basic profile information from Google.

3. How We Use Your Information

We use the information we collect to:

  • Provide and maintain the Service
  • Send event invitations and RSVP reminders on your behalf
  • Process and track guest responses
  • Enable communication between event hosts and guests
  • Improve and personalize the Service
  • Send you service-related notifications and updates
  • Detect and prevent fraud or abuse
  • Comply with legal obligations

4. Information Sharing

We do not sell your personal information. We may share your information in the following circumstances:

  • Service Providers: We share data with third-party providers who assist in operating the Service, including ClickSend for SMS delivery and email service providers
  • Event Hosts and Guests: Guest information is shared with event hosts, and event details are shared with invited guests
  • Legal Requirements: We may disclose information if required by law or to protect our rights
  • Business Transfers: In connection with a merger, acquisition, or sale of assets

5. Data Retention

We retain your information for as long as your account is active or as needed to provide the Service. Event data may be retained for a reasonable period after event completion for your reference. You may request deletion of your data by contacting us.

6. Data Security

We implement appropriate technical and organizational measures to protect your information, including:

  • Encryption of data in transit and at rest
  • Regular security assessments
  • Access controls and authentication
  • Secure hosting infrastructure

However, no method of transmission over the Internet is 100% secure, and we cannot guarantee absolute security.

7. Your Rights

Under the Australian Privacy Principles, you have the following rights regarding your personal information:

  • Access: You may request access to the personal information we hold about you (APP 12)
  • Correction: You may request correction of personal information that is inaccurate, out-of-date, incomplete, irrelevant, or misleading (APP 13)
  • Anonymity: Where practicable, you have the option to interact with us anonymously or using a pseudonym
  • Complaint: You may lodge a complaint if you believe we have breached the Australian Privacy Principles

To exercise these rights or make a complaint, please contact us at support@theysaidyes.com.au. We will respond to access and correction requests within 30 days.

If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au.

8. Cookies and Tracking

We use cookies and similar technologies to:

  • Maintain your session and authentication
  • Remember your preferences
  • Analyze usage patterns through Google Analytics

You can control cookies through your browser settings, though some features may not function properly without them.

9. Children's Privacy

The Service is designed for use by adults. We do not permit individuals under 18 years of age to create accounts or use the Service directly.

However, the Service enables adult users to enter personal information about children when managing event guest lists. This may include names, age categories, and dietary requirements of children attending events. When you enter information about a child, you represent that:

  • You are the child's parent or guardian, or you have obtained appropriate consent from their parent or guardian to provide this information
  • You have the authority to provide the child's personal information for the purpose of event management
  • You understand this information will be used to manage event attendance, seating, and catering requirements

We handle children's personal information with the same care and security measures applied to all personal information as described in this policy.

If you are a parent or guardian and believe information about your child has been entered into the Service without your consent, please contact us at support@theysaidyes.com.au and we will promptly remove it.

10. International Transfers

Your information may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place for such transfers.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or through the Service. Your continued use after changes constitutes acceptance of the updated policy.

12. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us at:

Email: support@theysaidyes.com.au