Privacy Policy

We built BirthdayPro because we genuinely love the moment a friend feels remembered. That only works if you trust us with the data that makes those moments possible. This policy explains what we collect, why we collect it, and the controls you have. Plain English, no hand-waving.

Who we are

BirthdayPro is a freemium web app that helps you remember the birthdays of the people who matter, pulls those birthdays in from the tools you already use, and drafts personalized wishes with AI. When this policy says "we," "us," or "BirthdayPro," we mean Pri's Ventures LLC, an Illinois limited liability company operating the service at birthdaypro.io. You can reach the humans behind it anytime at hello@birthdaypro.io.

What we collect

We only collect what we need to run the service. Specifically:

Account data. Your email address, a hashed password (or OAuth identifier if you sign in with Google), your display name, your subscription tier, and your notification preferences.

Birthday data. The names, birth dates, relationship notes, tone preferences, and any optional context you save for each person you track. This is the heart of the product and it stays tied to your account.

Integration tokens. When you connect Google Contacts, Outlook, iCloud, Facebook, LinkedIn, Snapchat, or optional beta integrations you explicitly enable, we store the OAuth access and refresh tokens securely so we can pull in your birthdays on a schedule. For CSV and vCard imports, we process the file you upload. We only ever request the minimum scopes needed to read contacts or the specific fields you ask us to read.

Usage analytics. Basic product telemetry such as which pages you visit, which features you use, timing of reminders, and whether a message was approved or edited. We use this to improve the product. We do not sell this data and we do not run third-party advertising trackers.

Billing metadata. If you subscribe, Stripe processes your card details — we never see your card number. We receive a customer ID, subscription status, country, and the last four digits of your card for receipts.

How we use it

We use your data to deliver the service you signed up for: storing and deduplicating your contacts, sending reminder emails and push notifications before a birthday, generating personalized message drafts with AI, auto-sending wishes if you opted in, enforcing plan limits, responding to support requests, and keeping the product secure. We do not use your birthday data, relationship notes, or contact lists for advertising, profiling, or training foundational AI models.

Who we share it with

We work with a small set of infrastructure providers who process data on our behalf under strict contracts. We do not sell your personal data to anyone, ever.

Supabase hosts our Postgres database and handles authentication. Your account and birthday records live here.

Vercel serves the web app and runs our API routes at the edge.

Stripe processes payments for Pro and Lifetime plans. They act as an independent controller for payment data under their own privacy policy.

Resend delivers reminder emails and transactional messages like password resets.

Google Gemini generates the AI birthday message drafts. When you ask for a draft, we send the relevant person's name, your relationship notes, and your tone preference to Google's API. Google has committed to not using API inputs to train its models.

Sentry captures error traces and stack information so we can fix bugs quickly. We scrub email addresses and personal names from stack traces where possible.

Where your data lives

Our primary database and serverless functions run in the United States. If you access BirthdayPro from outside the US, your data will be transferred to and processed in the US. We rely on Standard Contractual Clauses with our sub-processors where applicable to protect international transfers.

How long we keep it

We hold onto your account data and the birthdays you've added for as long as your account is active. If you delete your account from /settings, we remove your personal data from our production database within 7 days and from encrypted backups within 30 days. Server logs that contain IP addresses and request metadata roll off after 30 days. Billing records are retained for 7 years to meet tax and accounting obligations.

Your rights and controls

You have the right to access, correct, export, and delete your personal data. Most of these controls live directly in /settings — you can export your birthdays as CSV, disconnect any integration, revoke OAuth tokens, or delete your account with a single click. If you'd rather have a human help, email hello@birthdaypro.io and we'll respond within 7 days.

Cookies

We set a small number of essential cookies to keep you signed in and remember your subscription tier during a session. We do not use Google Analytics, Facebook Pixel, advertising cookies, or any third-party tracking pixels. For the full story, see our Cookie Notice.

GDPR (for visitors in the EEA and UK)

Our lawful basis for processing your personal data is the performance of the contract you entered into by signing up (Article 6(1)(b)) for core features, and our legitimate interest (Article 6(1)(f)) for product improvement, fraud prevention, and security. For marketing emails beyond transactional messages, we rely on your consent, which you can withdraw at any time.

Under the GDPR and UK GDPR you have the right to access, rectify, erase, restrict, and port your data, and to object to processing. You can exercise these rights at /settings or by emailing hello@birthdaypro.io. We do not have a statutorily required Data Protection Officer, but privacy questions go to the same address and are handled by a named person on our team. If you believe we've mishandled your data, you have the right to lodge a complaint with your local supervisory authority.

CCPA (for California residents)

Under the California Consumer Privacy Act, you have the right to know what personal information we collect, to delete it, to correct inaccurate information, and to opt out of the "sale" or "sharing" of personal information. We do not sell or share your personal information as those terms are defined under the CCPA, and we do not use or disclose sensitive personal information for purposes that would trigger the right to limit. We will not discriminate against you for exercising any of these rights.

Children's privacy

BirthdayPro is built for adults and older teens. You must be at least 13 years old to create an account. We do not knowingly collect personal data from children under 13. If you believe a child has signed up, email us and we will delete the account.

Changes to this policy

If we make material changes, we'll email active users at least 14 days before the new policy takes effect. Smaller edits get a new "Last updated" date at the top of this page.

Contact us

Privacy questions, requests, or concerns? Email hello@birthdaypro.io and a real human on our team will get back to you within 7 days.