Arco

Privacy policy

Last updated: 18 May, 2026

PLEASE READ THIS POLICY CAREFULLY BEFORE USING: be-part-of-our.wedding (the Site) or our services

Be Part of Our Wedding cares about personal data (which we call personal information in this privacy policy). Personal information means any information about an individual which relates to that individual, if that individual is identified or identifiable.

We are registered at the Information Commissioner's Office (see ico.org.uk) with registration number ZB879386.

This privacy policy sets out how be-part-of-our.wedding collects, uses, and protects personal information.

1. Important information and who we are
1.1. We are Arco Software Ltd. (company number 15834092), with registered office at First Floor Winston House, 349 Regents Park Road, London, England, N3 1DH (referred to as we, us, or our in this policy).
1.2. This privacy policy sets out how we collect and use personal information through your use of be-part-of-our.wedding (the Site) and the services we make available through it (the Services), including personal information provided when registering an account, managing a wedding, or using any feature of the Services.
1.3. The Services are used by two distinct groups of individuals:
1.3.1. Account holders — individuals who register and manage a wedding on the platform (typically the couple or their collaborators); and
1.3.2. Guests — individuals whose personal information is added to the platform by an account holder and who may interact with the Site (for example, by submitting an RSVP or viewing a Wedding Page).
1.4. We are the sole data controller for personal information collected and processed through the Site and Services.
1.5. If you have any questions about this privacy policy or how we handle your personal information, please contact us using the details in Section 14.
2. The types of personal information we collect
2.1. We may collect, use, store, and transfer different kinds of personal information, which we have grouped as follows:
2.1.1. Identity Data — includes first name, last name, and username or similar identifier.
2.1.2. Contact Data — includes email address, telephone number, and postal address.
2.1.3. Wedding Data — includes information about a wedding entered by account holders, such as wedding details, guest lists, RSVP responses, menu selections, and content uploaded to the platform (such as photos and memories).
2.1.4. Dietary Data — includes dietary preferences and requirements submitted for guests as part of the catering management features. Dietary information may constitute special category personal data under UK GDPR to the extent it reveals health conditions or religious beliefs. We only collect and process this data on the basis of explicit consent given by the relevant individual (or, where a guest's data is entered by an account holder, on the basis that the account holder has obtained that consent from the guest on our behalf).
2.1.5. Transaction Data — includes details of subscriptions, payments, and billing history. We do not store full payment card details; card payments are processed directly by Stripe.
2.1.6. Technical Data — includes internet protocol (IP) address, login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices used to access the Site.
2.1.7. Profile Data — includes username and password, subscription plan details, account preferences, and any feedback you provide.
2.1.8. Usage Data — includes information about how you use the Site and Services.
2.1.9. Marketing and Communications Data — includes your preferences for receiving marketing from us and your communication preferences.
2.2. We also collect, use, and share aggregated data — such as statistical or demographic data — that does not directly or indirectly identify any individual. For example, we may aggregate usage data to analyse trends in how users interact with the Site, to improve our Services.
2.3. Guest data entered by account holders. Where an account holder adds personal information about guests (such as name, email, phone number, dietary requirements, or postal address) to the platform, that account holder is responsible for ensuring they have a lawful basis for sharing that information with us and that the relevant individuals are aware of how their data will be used. We process such data on behalf of the account holder to deliver the Services.
3. How do we collect personal information?
3.1. We use different methods to collect personal information, including through:
3.1.1. Direct interactions. You may give us personal information by filling in forms on the Site, creating an account, uploading wedding content, or corresponding with us by email or otherwise.
3.1.2. Automated technologies or interactions. As you interact with the Site, we automatically collect Technical Data about your equipment, browsing actions, and patterns using cookies, server logs, and similar technologies. Please see our Cookie Policy for further details.
3.1.3. Third parties. We may receive Technical and Transaction Data from service providers such as Stripe (our payment processor) and Amazon Web Services (our infrastructure and email provider), to the extent necessary to provide the Services.
3.1.4. Account holders adding guest data. Personal information about guests may be entered into the platform directly by account holders, as described in clause 2.3.
4. How we use personal information
4.1. Legal basis
4.1.1. The law requires us to have a legal basis for collecting and using personal information. We rely on one or more of the following:
(a) Performance of a contract: Where we need to perform the contract we have entered into with you (for example, providing you with access to the Services under your subscription).
(b) Legitimate interests: Where it is necessary to conduct our business and pursue our legitimate interests — for example, to prevent fraud, improve our Services, and provide you with a secure experience — provided those interests are not overridden by your rights and interests.
(c) Legal obligation: Where we need to comply with a legal obligation to which we are subject.
(d) Consent: Where you have given us your active agreement to use your personal information for a specific purpose, such as receiving marketing communications or (in the case of dietary data) processing special category information.
4.2. Purposes for which we use personal information
4.2.1. The table below sets out all the ways we use personal information and the legal basis we rely on for each purpose.
Purpose / use Type of data Legal basis
To register you as a new account holder
  • Identity
  • Contact
 Performance of a contract
To process and manage your subscription or one-time payment, including handling billing, renewals, and payment failures
  • Identity
  • Contact
  • Transaction
  1. Performance of a contract
  2. Necessary to comply with a legal obligation (financial record-keeping)
To provide you with access to the Services, including creation and management of your wedding, Wedding Page, guest list, invitations, RSVP tools, catering management, and memory sharing
  • Identity
  • Contact
  • Wedding
  • Profile
 Performance of a contract
To process and store dietary and catering information submitted for guests
  • Identity (Guest)
  • Dietary
  1. Performance of a contract
  2. Explicit consent (for special category dietary data)
To store and deliver wedding content uploaded by account holders and guests (including photos, videos, and memories) via our cloud storage infrastructure
  • Identity
  • Wedding
 Performance of a contract
To send you transactional and service-related communications (such as payment receipts, trial expiry notices, and account notifications)
  • Identity
  • Contact
 Performance of a contract
To manage our relationship with you, including handling requests, complaints, and queries
  • Identity
  • Contact
  • Profile
  • Marketing and Communications
  1. Performance of a contract
  2. Necessary to comply with a legal obligation
  3. Necessary for our legitimate interests (to keep our records updated)
To send you marketing communications about our Services, new features, and promotions
  • Identity
  • Contact
  • Profile
  • Marketing and Communications

Necessary for our legitimate interests (to develop and promote our Services)

OR

Consent, where required by law
To administer and protect our business and the Site (including troubleshooting, security monitoring, data analysis, testing, system maintenance, and hosting)
  • Identity
  • Contact
  • Technical
  1. Necessary for our legitimate interests (running our business, IT security, fraud prevention)
  2. Necessary to comply with a legal obligation
To use data analytics to improve the Site, our Services, and user experience
  • Technical
  • Usage
 Necessary for our legitimate interests (to improve our Services and inform our product development)
5. Direct marketing
5.1. We may send you marketing communications about our Services, new features, and promotions where you have registered an account with us and have not opted out of receiving such communications.
5.2. We will always give you a clear option to opt out of marketing communications at the time we collect your information and in every marketing message we send.
5.3. We may use your Identity, Contact, Profile, and Usage Data to understand which Services may be of interest to you in order to make our marketing communications more relevant.
6. Third-party marketing
6.1. We will obtain your express consent before sharing your personal information with any third party for their own direct marketing purposes. We do not currently share personal information with third parties for marketing purposes.
7. Opting out of marketing
7.1. You can ask us to stop sending marketing communications at any time by following the unsubscribe link in any marketing email we send, or by contacting us at privacy@be-part-of-our.wedding.
7.2. If you opt out of marketing communications, you will still receive essential service-related communications necessary for the operation of your account and the delivery of the Services (such as payment receipts and security notifications).
8. Cookies
8.1. For full details of the cookies we use and how to manage your preferences, please see our Cookie Policy.
9. Disclosures of personal information
9.1. We may share your personal information with the following parties where necessary for the purposes set out in the table in clause 4.2:
9.1.1. Stripe — our payment processor, which handles all card transactions. Stripe processes payment data under its own privacy policy and security standards. We share Identity, Contact, and Transaction Data with Stripe solely for the purpose of processing payments.
9.1.2. Amazon Web Services (AWS) — we use AWS to store uploaded content (photos, videos, and other media) via Amazon S3, and to send transactional and marketing emails via Amazon Simple Email Service (SES). AWS processes data on our behalf and is bound by appropriate data processing agreements.
9.1.3. Other service providers — we may engage third-party companies to perform services on our behalf (such as hosting, analytics, or security). These providers are only permitted to process personal information in accordance with our instructions and are bound by appropriate contractual obligations.
9.1.4. Business transfers — if we sell, transfer, or merge any part of our business or assets, the new owners may use personal information we hold in the same way as set out in this privacy policy.
9.1.5. Legal and regulatory obligations — we may disclose personal information where required to do so by law, court order, or regulatory authority, or where necessary to protect the rights, property, or safety of us, our users, or others.
9.2. We require all third parties to respect the security of personal information and to treat it in accordance with applicable law. We do not permit our third-party service providers to use personal information for their own purposes.
10. International transfers
10.1. Some of our service providers are based outside the UK, which means your personal information may be transferred to and processed in countries with different data protection laws. We ensure appropriate safeguards are in place for all such transfers:
10.1.1. AWS S3 (file storage) — your uploaded content is stored on AWS servers in the EU (Stockholm, Sweden). The EU/EEA has been recognised by the UK as providing an adequate level of data protection, so this transfer does not require additional safeguards.
10.1.2. AWS SES (email) and Stripe (payments) — these providers are based in the United States. We ensure appropriate safeguards are in place through standard contractual clauses approved for use in the UK (the International Data Transfer Agreement or the International Data Transfer Addendum to the European Commission's standard contractual clauses), which give your personal information the same protection it has under UK law.
10.2. To obtain a copy of the contractual safeguards we have put in place for international transfers, please contact us at privacy@be-part-of-our.wedding.
11. Data security
11.1. We have put in place appropriate technical and organisational security measures to prevent your personal information from being accidentally lost, used, accessed in an unauthorised way, altered, or disclosed. These include encrypted data storage, secure HTTPS connections, and access controls limiting who can access personal information.
11.2. We limit access to personal information to those employees, agents, contractors, and third parties who have a business need to access it. They will only process personal information on our instructions and are subject to a duty of confidentiality.
11.3. We have procedures in place to deal with any suspected personal information breach and will notify you and any applicable regulator where we are legally required to do so.
12. Data retention
12.1. We will only retain personal information for as long as necessary to fulfil the purposes for which we collected it, including to satisfy any legal, regulatory, tax, accounting, or reporting requirements. We may retain personal information for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation.
12.2. In determining the appropriate retention period, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from its unauthorised use or disclosure, the purposes for which we process it, and the applicable legal or regulatory requirements.
12.3. Specific retention periods that apply are:
12.3.1. Account and profile data — retained for the duration of your account and for 30 days after account closure, after which it will be permanently deleted. We will notify you of this window so that you may export any content you wish to keep.
12.3.2. Transaction and billing records — retained for seven years from the date of the relevant transaction, as required for tax and accounting purposes.
12.3.3. Guest data — retained for the duration of the associated wedding account and deleted when the account is closed.
12.3.4. Wedding content (photos, memories, uploads) — retained for the duration of your account and deleted within 30 days of account closure.
12.4. You may ask us to delete the personal information we hold about you earlier than the periods set out above. Please see Section 13 for further information on your rights.
12.5. In some circumstances we may anonymise personal information (so that it can no longer be associated with any individual) for research or statistical purposes, in which case we may use that anonymised data indefinitely.
13. Your legal rights
13.1. Under UK data protection law, you have a number of rights in relation to your personal information. These are summarised below.
13.2. You have the right to:
13.2.1. Request access to your personal information (a 'subject access request'). This enables you to receive a copy of the personal information we hold about you and to check that we are processing it lawfully.
13.2.2. Request correction of your personal information. This enables you to have any incomplete or inaccurate information we hold about you corrected, though we may need to verify the accuracy of the new information you provide.
13.2.3. Request erasure of your personal information in certain circumstances — for example, where there is no good reason for us to continue processing it, where you have successfully exercised your right to object, or where we have processed your information unlawfully.
13.2.4. Object to processing of your personal information where we are relying on legitimate interests (or those of a third party) as our legal basis. In some cases, we may demonstrate that we have compelling legitimate grounds that override your right to object.
13.2.5. Object at any time to processing for direct marketing purposes — see Section 7 for how to do this.
13.2.6. Request restriction of processing — this enables you to ask us to suspend processing of your personal information in certain circumstances, for example while we investigate the accuracy of information you have contested.
13.2.7. Request the transfer of your personal information to you or to a third party in a structured, commonly used, machine-readable format. This right applies to information you initially provided consent for us to use, or where we used the information to perform a contract with you.
13.2.8. Withdraw consent at any time where we are relying on consent as our legal basis — see the table in clause 4.2 for when we rely on consent. Withdrawal of consent will not affect the lawfulness of any processing carried out before you withdraw, but may mean we are unable to provide certain Services to you.
13.3. To exercise any of the rights above, please contact us at privacy@be-part-of-our.wedding.
13.4. No fee usually required. You will not usually have to pay a fee to exercise your rights. However, we may charge a reasonable fee if your request is clearly unfounded, repetitive, or excessive, or refuse to comply in such circumstances.
13.5. Verification. We may need to request specific information from you to verify your identity before we can respond to your request. This is a security measure to ensure personal information is not disclosed to someone who has no right to receive it.
13.6. Time limit to respond. We aim to respond to all legitimate requests within one month. If your request is particularly complex or you have made several requests, it may take longer. We will notify you if this is the case and keep you updated.
14. Contact details
14.1. For any questions about this privacy policy, about how we use your personal information, or to exercise any of your rights, please contact us at:
  • Email: privacy@be-part-of-our.wedding
  • Post: Data Protection, Arco Software Ltd., First Floor Winston House, 349 Regents Park Road, London, England, N3 1DH
15. Complaints
15.1. You have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK regulator for data protection (ico.org.uk). We would, however, appreciate the chance to address your concerns before you approach the ICO, so please contact us first at privacy@be-part-of-our.wedding.
16. Changes to this policy
16.1. We keep this privacy policy under regular review and will update it from time to time. Any material changes will be communicated to you by email or by a prominent notice on the Site before the change takes effect.
16.2. It is important that the personal information we hold about you is accurate and current. Please keep us informed if your personal information changes during your relationship with us — for example, a new email address — by updating your account settings or contacting us at privacy@be-part-of-our.wedding.
17. Third-party links
17.1. The Site may include links to third-party websites, plug-ins, and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. We encourage you to read the privacy policy of every website you visit.