Privacy & Data Protection

Privacy Policy

Last updated: 25 January 2026

Privacy Policy

This Privacy Policy explains how ZNZ Systems Ltd. ("we," "our," "us") collects, uses, and protects your personal data when you use SeatPlan.io - our web application (the "Service").

1. Information We Collect

If you do not sign up:

  • Your seating chart is stored only in your browser's local storage. It is automatically deleted at midnight and never transmitted to our servers.

If you sign up for an account:

  • We collect the following guest information you choose to enter:
  • • Name
  • • Email address
  • • Dietary requirements
  • • Comments
  • We also collect your account details through Clerk, our authentication provider.

If you use subscription features (templates, events, collaboration):

  • Templates and events you create, including event names, dates, and room configurations.
  • Guest seating data within your templates (names, dietary requirements, table assignments).
  • Collaboration invitations: email addresses of clients you invite to view or edit your seating charts.
  • Email engagement data: when collaboration invitation emails are opened or links are clicked.

2. How We Use Your Information

We use your information to:

  • Provide and save your seating charts.
  • Allow you to manage guest lists and event planning.
  • Authenticate and secure your account.

We do not sell, rent, or share your data with advertisers.

3. How Long We Keep Your Data

Basic account data:

  • Guest data is stored for 7 days after the expiry of your access.
  • If you do not extend your account, we delete your Clerk account and all associated guest data within 7 days.
  • If you have not signed up, your data is deleted automatically at midnight from your browser.

Subscription features (templates, events, collaboration):

  • Templates and events are stored while your subscription is active, plus 7 days after expiry.
  • Collaboration tokens expire after the duration you set (1-90 days).
  • Client email addresses from collaboration invitations are deleted immediately when the collaboration token expires.
  • Email engagement data (opens and clicks) is deleted along with the collaboration token.

4. Legal Basis for Processing (GDPR)

We process personal data on the following bases:

  • Contract: to provide you with the Service when you sign up.
  • Consent: when you voluntarily enter guest details into the application.

5. Your Rights

Under GDPR, you have the right to:

  • Access a copy of your personal data.
  • Request correction or deletion.
  • Restrict or object to processing.
  • Request portability of your data.

You may exercise these rights by contacting us at hi@seatplan.io.

6. Data Security

We apply technical and organizational measures to protect your data, including encryption at rest and in transit. Authentication is handled by Clerk, and your data is stored in a secure Neon Postgres database hosted in Frankfurt.

7. Third Parties

We only share data with essential service providers acting as data processors:

  • Clerk – user authentication and account management.
  • Neon Postgres (Frankfurt) – database storage for guest information.
  • AWS Amplify (Frankfurt) – hosting and compute services.
  • Resend – email delivery for collaboration invitations. Resend may track when emails are opened and when links are clicked.
  • Ably – real-time collaboration features, including live updates and presence indicators.

All providers comply with GDPR and implement adequate safeguards.

8. Collaboration Features

If you subscribe to our service, you may invite clients to collaborate on your seating charts:

  • You invite clients by entering their email address. We send them a unique, time-limited link to access your seating chart.
  • Clients can access your seating chart without creating an account.
  • You can revoke a client's access at any time.
  • Some elements of the seating chart may be restricted by you as the organiser.
  • We log when clients access the collaboration link for security purposes.

9. International Transfers

We aim to keep your data within the EU/EEA. If data is transferred outside the EU/UK, we use Standard Contractual Clauses (SCCs) or other legally required safeguards.

10. Contact Us

For questions or to exercise your GDPR rights, contact us at:

Email: hi@seatplan.io