Reu Privacy Policy

Effective date: April 28, 2026

Reu is a social invite and event planning app. This policy explains what information Reu collects, how it is used, and the choices hosts and guests have.

Information We Collect

• Host account data: email address, display name, home city, language, plan entitlement, notification preferences, and sign-in session data.
• Event data: invite title, date, time, location, cover image, host note, theme, vibe, dress guidance, safety note, guest limit, contribution note, planning checklist, timeline, budget rows, vendors, vibe board items, ways to help, and gift ideas.
• Guest-pass data: guest display name, RSVP status, plus-one choice, comments, reactions, task claims, gift claims, and local guest-session token.
• Invite recipient data: only contacts the host selects for an event, including display name, phone number, normalized phone number, delivery method, and invite status.
• Optional device data: contacts, photo library items, calendar access, and local notification permission only when the user grants platform permission.
• Optional image-generation data: when a host requests an AI cover, Reu sends the invite title, theme, vibe, city, venue, and similar prompt context to the server-side image generation provider. Reu does not send the host's full contact list for cover generation.
• Payment and subscription data: subscription status, plan entitlement, Apple App Store or Google Play product identifiers, transaction identifiers, hashed purchase tokens, environment, and verification status needed to manage Free vs Pro. Full card numbers are handled by Apple or Google, not Reu.
• Technical data: public invite share code, app version, basic request metadata, and service logs needed to operate and secure the app.

Reu does not upload a host's full address book. Only selected recipients are saved for the event invite queue.

How We Use Information

Reu uses information to:

• Create and share public invite links.
• Let guests RSVP, react, comment, claim ways to help, and claim gifts.
• Help hosts track invite recipients, RSVPs, planning readiness, tasks, gifts, and vibe boards.
• Generate WhatsApp-ready invite messages and optional QR codes.
• Import link metadata from public URLs such as Pinterest, Amazon, Mercado Libre, or image pages.
• Generate optional AI invite covers when the host requests them.
• Manage Free vs Pro entitlements, store purchase verification, subscription renewals, failed payments, cancellations, refunds, and grace-period states.
• Add events to a device calendar when requested.
• Schedule local reminders when notifications are enabled.
• Protect host-only actions and guest-owned actions through Supabase permissions and guest-pass checks.

Public Invites

Invite pages are public to anyone with the share link. Public invite data may include event details, cover image, host name, guest preview, comments, reactions, ways to help, vibe/theme inspiration, gift availability, and RSVP counts. Host-only planning internals are not intended to be visible to public invite viewers.

Gift Claim Privacy

Gift claims are designed to avoid duplicate purchases while keeping claimant identity hidden from the host before the event. Guests may see item availability. Hosts may see whether items are available or claimed, but should not receive claimant identity through host views or invite payloads.

Contacts, WhatsApp, Calendar, Photos, and Notifications

• Contacts: used locally so hosts can select invite recipients. Reu stores only selected recipients per event.
• WhatsApp: personal queue sends open WhatsApp or `wa.me` with a prefilled message. The host controls sending inside WhatsApp. WhatsApp Business API sending is server-configurable and uses server-only Meta credentials when enabled.
• Calendar: used only to add an event to the device calendar after the user requests it.
• Photos: used only when a host chooses a cover, profile photo, or vibe board image. Uploaded images are stored so invite links and other guests' apps can load them later.
• AI covers: generated through server-side providers when configured. Secrets stay on the server, and the prompt context is limited to event details needed to create the cover.
• Notifications: local reminders can be enabled or disabled from Profile.

Data Sharing

Reu uses Supabase for authentication, database, and storage, Railway for web/API hosting, Apple App Store and Google Play for paid digital subscriptions, and server-side image generation providers for optional AI covers. Public URL metadata import may request the URL supplied by the user. WhatsApp messages and external shopping links are handled by their respective third-party services when opened by the user.

Reu does not sell personal data.

Data Retention and Deletion

Hosts can edit or remove event content in the app and can request account deletion or deactivation from Settings > Account. Guests can stop using a guest pass by removing local app data. Production support tooling should be used to delete account or event records on request until full self-service deletion is available.

Children

Reu is not intended for children under 13. Hosts are responsible for using Reu only where they are legally permitted to create and share invites.

Security

Reu uses Supabase authentication, row-level security policies, server-side API proxies for secret-backed services, and guest-pass tokens for lightweight guest actions. No app can guarantee perfect security, but Reu is built to limit host-only and guest-owned data access.

Contact

For privacy requests, contact `privacy@reuinvita.com`.