Privacy Policy

We do not sell your data, and we do not use guest data (names, notes, RSVP status) for advertising.

Both cookies are essential to the app's operation and are not used for advertising or cross-site tracking.

We do not sell or rent your personal information to third parties.

We keep your account and guest data for as long as your account is active. Session tokens expire automatically after 7 days of inactivity. If you delete an event or your account, the associated data is removed as described above.

Passwords are hashed with PBKDF2-SHA256 (100,000 iterations) and a unique salt per account — we never store plain-text passwords. Session cookies are HttpOnly, marked Secure, and restricted with SameSite=Lax. Session tokens are verified using constant-time comparison to guard against timing attacks.

Seatedly is not directed at children under 16, and we do not knowingly collect personal information from them.

If we make material changes to this policy, we will update the date at the top of this page.

Questions about this policy? Email us at support@seatedly.app.