Privacy Policy
Version 2.0.0 - Effective: 17 February 2026
1. Introduction
ShortList: Wedding Venues ("the App") is operated by PerfectDay Technologies. This privacy policy explains how we handle your data when you use the App.
We process data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
2. Our Privacy-First Approach
ShortList: Wedding Venues is designed with privacy at its core. All your venue data is stored locally on your device and is never uploaded to our servers.
- No account or login is required to use the App
- We collect optional, anonymous analytics data - but only with your explicit consent (see Section 5)
- We do not sell your data, share it with advertisers, or use it for profiling
3. Data Stored on Your Device
All of the following data is stored locally on your device using SQLite. We do not have access to this data.
3.1 Venue Data
- Venue names, addresses, phone numbers, websites, and coordinates
- Scores and questionnaire answers across 7 categories
- Photos (stored as local file references and Google Places photo references)
- Notes, quotes, capacity details, visit dates, and contact information
3.2 Comparison and Decision Data
- Picker/showdown game results and statistics
- Comparison history and dismissed insights
- Final venue decision and timeline events
3.3 App Preferences
- User settings (theme, accent colour, motion preferences)
- Subscription tier (cached locally for offline access)
- Anonymous user identifier (a random UUID used for analytics if you opt in)
3.4 Venue Deletion Queue
If you downgrade your subscription, venues exceeding your new tier limit are placed in a deletion queue. These venues are retained for 3 days to allow you to upgrade or export your data before they are permanently deleted.
4. Device Permissions
| Permission | Purpose |
|---|---|
| Internet access | Required for venue search (Google Places), subscription verification (RevenueCat), and optional analytics (PostHog) |
| Photo library | You may select photos from your device to attach to venues. Only photos you explicitly choose are accessed via the system photo picker |
| Vibration (Android) | Used for haptic feedback in the interface |
The App does not request access to: your camera, microphone, file system, or device location.
5. Analytics and Usage Data
5.1 Your Choice
Analytics data collection is entirely optional. When you first open the App, you are shown a consent prompt asking whether you wish to share anonymous usage data. You can change your choice at any time in Settings > Data & Privacy. If you decline, no analytics data is collected or sent.
5.2 What We Collect (If You Opt In)
We collect anonymous usage events such as:
- Feature interactions (e.g. venue added, comparison started, questionnaire completed)
- Screen views and app lifecycle events (app opened, backgrounded)
- Purchase and subscription events
We do not collect personally identifiable information. All events are stripped of PII before transmission. Specifically, the following fields are removed: venue names, personal names, email addresses, phone numbers, and contact details.
5.3 How Analytics Data Is Processed
- Analytics are processed by PostHog (posthog.com/privacy)
- Data is sent to PostHog's EU-hosted infrastructure for GDPR compliance
- Each user is identified only by an anonymous UUID - this cannot be linked back to you
- Session replay is disabled - we do not record your screen or interactions
5.4 Why We Collect Analytics
- To understand which features are most useful so we can improve the App
- To identify technical issues and improve stability
- To make informed decisions about future development
5.5 Legal Basis
Consent - GDPR Article 6(1)(a). You actively opt in via the consent prompt.
6. Third-Party Services
We use the following third-party services:
| Service | Purpose | Data Shared |
|---|---|---|
| Google Places API | Venue search and place details | Search queries, place detail requests (address, phone, website, coordinates, photos) - routed via our API gateway |
| PostHog | Anonymous analytics (opt-in only) | Anonymous UUID, usage events (PII stripped), device type, OS version. EU-hosted |
| RevenueCat | Subscription management | Anonymous user identifier, purchase history, subscription status, entitlements, product identifiers, expiration and renewal dates |
| Apple App Store / Google Play | App distribution and payments | Payment information handled entirely by Apple/Google |
7. What We Do NOT Collect
- No personal information (name, email address, phone number)
- No advertising identifiers or ad tracking
- No device location data (only venue coordinates retrieved from Google Places)
- No camera or microphone access
- No session recordings or screen captures
- No data is sold to third parties or shared with advertisers
8. Your Privacy Controls
8.1 Analytics Consent
You can enable or disable anonymous analytics at any time in Settings > Data & Privacy. Opting out stops all future analytics data collection immediately.
8.2 Data Export (Right to Data Portability)
You can export all your venue data as JSON, CSV, or PDF at any time via Settings. JSON export provides a complete, machine-readable copy of all your data in accordance with GDPR Article 20.
8.3 Data Deletion (Right to Erasure)
Use the "Delete All My Data" button in Settings to permanently erase all local data. Uninstalling the App also removes all local data from your device. Previously sent anonymous analytics data cannot be linked back to you and is retained per PostHog's retention policy.
8.4 Data Access (Right of Access)
You can view all your data within the App at any time. Use the export feature to obtain a portable copy in accordance with GDPR Article 15.
9. Data Export and Deletion
- Export all your data as JSON, CSV, or PDF at any time via Settings
- PDF exports include photos and scores for a printable venue comparison report
- Delete all data using "Delete All My Data" in Settings
- Uninstalling the App removes all local data from your device
10. In-App Purchases and Promotional Codes
10.1 Subscriptions
- Subscriptions are managed through Apple App Store or Google Play
- We use RevenueCat to verify purchase status and manage entitlements
- Data shared with RevenueCat includes: anonymous user identifier, purchase history, subscription status, product identifiers, expiration and renewal dates, and grace period details
- Payment information (credit card, billing address) is handled entirely by Apple/Google - we never see or store it
10.2 Promotional Codes
The App supports promotional codes that may grant access to premium features. When a code is redeemed, we store the code identifier and the access level granted. No personal information is collected when redeeming a code.
11. Data Retention
| Data Type | Retention Period |
|---|---|
| Venue data, scores, comparisons, photos | Until you delete it or uninstall the App |
| App preferences and settings | Until you delete it or uninstall the App |
| Venue deletion queue (after downgrade) | 3 days, then automatically deleted |
| Anonymous analytics data (if opted in) | Per PostHog's data retention policy |
| RevenueCat purchase records | Per RevenueCat's data retention policy |
12. Children's Privacy
The App is not directed at children under 13. We do not knowingly collect data from children. If you believe a child under 13 has provided us with personal data, please contact us and we will take steps to delete it.
13. Changes to This Policy
We may update this policy from time to time. The version number and effective date at the top of this page will be updated accordingly. Material changes will be communicated through the App. Continued use of the App after changes constitutes acceptance of the updated policy.
14. Contact Us
If you have questions about this Privacy Policy, contact us at:
Email: shortlist@perfectday-weddings.com
PerfectDay Technologies
We aim to respond to all privacy-related enquiries within 30 days.
You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk or by calling 0303 123 1113.