WeddingShark
WeddingSharkDownload

Privacy Policy

Last updated: April 23, 2026

WeddingShark (“we,” “us,” or “our”) is a wedding vendor CRM mobile application operated by Tom Matthews, a sole proprietor based in New York, United States. This Privacy Policy explains how we collect, use, share, and protect your information when you use the WeddingShark mobile application (the “App”) and related services.

By using WeddingShark, you agree to the practices described in this policy.

1. Information we collect

Information you provide

  • Account information: your name, partner’s name, email address, wedding date, wedding location
  • Vendor information: vendors you research, save, and correspond with through the App
  • Messages: subject lines, body content, and metadata of emails you send to or receive from vendors through the App
  • Budget information: quotes, payments, and budget details you enter
  • Photos and documents: any images or contracts you upload to vendor records

Information collected automatically

  • Device information: device type, operating system, and App version
  • Usage data: features used, screens visited, and interactions within the App
  • Log data: error reports and diagnostic information

Google user data (when you connect your Gmail account)

If you choose to connect your Google account, we access specific Gmail data via Google’s OAuth 2.0 and the Gmail API. Specifically:

  • Your connected Gmail address, used to send emails from your account on your behalf
  • Email messages you send to vendors through WeddingShark, via users.messages.send
  • Email messages vendors reply to you, accessed via the Gmail API specifically to thread responses with your vendor conversations in the App
  • A refresh token, stored securely on our servers, so we can maintain the connection without requiring you to re-authenticate constantly

We only access messages related to vendor conversations you initiated through WeddingShark. We do not read, index, or store unrelated messages from your Gmail inbox.

2. How we use your information

  • To provide and operate the App’s core functionality (vendor tracking, messaging, CRM features)
  • To send emails to vendors on your behalf (when you connect Gmail)
  • To parse vendor replies and surface pricing, availability, and next steps in your vendor pipeline
  • To improve the App’s features, performance, and reliability
  • To communicate with you about your account, updates, or support requests
  • To comply with legal obligations

Google API Services User Data — Limited Use

WeddingShark’s use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

Specifically:

  • We use Google user data only to provide the user-facing features of WeddingShark (sending vendor emails from your Gmail, tracking replies, and displaying them in your vendor conversations).
  • We do not use Google user data for advertising.
  • We do not sell or transfer Google user data to third parties except as necessary to provide the service, comply with applicable law, or as part of a merger, acquisition, or sale of assets with appropriate notice.
  • We do not allow humans to read Google user data, except (a) with your explicit consent for specific messages, (b) where necessary for security (investigating abuse), (c) to comply with applicable law, or (d) where data has been de-identified and aggregated for internal operations.
  • We do not use Google user data to train generalized machine learning or AI models. We do use Anthropic’s Claude AI to help summarize individual vendor messages you have received, to display that summary inside the App for your own use. These summaries are generated on a per-message basis and are not used to train any models.

3. How we share information

We do not sell your personal information. We share information only in the following limited cases:

  • Service providers that help us operate WeddingShark, including:
    • Supabase (database, authentication, file storage)
    • Resend (outbound and inbound email for users who have not connected Gmail)
    • Anthropic (AI-powered email summaries and drafting assistance)
    • Google Places and Yelp (vendor discovery data)
    • Vercel (hosting our website and API)
    Each service provider is contractually obligated to protect your information.
  • Legal compliance, when required by law, court order, or to respond to valid legal requests
  • Business transfers, if WeddingShark is acquired or merged; you will be notified with an opportunity to delete your data before any transfer
  • With your consent, for any purpose we disclose to you at the time

4. How long we keep your information

We retain your information for as long as your account is active. If you delete your account, we delete your personal information within 30 days, except where retention is required for legal, tax, or fraud-prevention purposes.

If you disconnect your Gmail account, we delete the stored refresh token immediately. Messages already synced to the App remain in your vendor conversations until you delete them individually or delete your account.

5. Your rights and choices

You can:

  • Access or update your information by editing your profile in the App
  • Delete your account at any time in Settings — this removes all personal information associated with your account
  • Disconnect Gmail at any time in Settings — this revokes our access to your Gmail account and deletes the stored refresh token
  • Export your data by emailing support@weddingshark.co; we will provide a copy within 30 days
  • Object to processing or restrict processing where permitted by law

If you are a resident of the European Union, United Kingdom, or California, you have additional rights under GDPR and the CCPA, including the right to know what personal information we have collected, the right to delete personal information, and the right not to be discriminated against for exercising these rights. To exercise any of these rights, email support@weddingshark.co.

6. Security

We use industry-standard security practices including encrypted connections (TLS), encrypted data storage, and access controls. Refresh tokens and other secrets are stored in encrypted form and are never exposed to client applications.

No system is perfectly secure. If we become aware of a security breach affecting your personal information, we will notify you as required by applicable law.

7. Children

WeddingShark is not intended for children under 16. We do not knowingly collect information from children under 16. If you believe a child has provided us with personal information, please contact support@weddingshark.co and we will delete it.

8. International users

WeddingShark is operated from the United States. If you access the App from outside the United States, your information will be transferred to, stored, and processed in the United States, which may have data protection laws different from your country. By using the App, you consent to this transfer.

9. Changes to this policy

We may update this Privacy Policy from time to time. When we do, we will post the updated version with a new “Last updated” date. If changes are material, we will notify you through the App or by email. Your continued use of the App after changes are posted constitutes your acceptance of the updated policy.

10. Contact

Questions about this Privacy Policy or about your personal information? Email us at support@weddingshark.co.

Effective date: April 23, 2026