Is Knots & Bells free to use?

Yes! Our Starter plan is free forever, supporting up to 50 guests and 1 active event with all core features included.

Can I share access with my co-host or planner?

Yes. Invite a co-host, event planner, or coordinator to collaborate with role-based access controls.

How does the guest RSVP process work?

Guests create a quick free account, then RSVP via your event page, add sub-guests, specify dietary needs, and message the planning team.

What's the difference between Host and Planner?

Host suits individuals managing up to 3 events with 150 guests. Planner is built for professionals handling up to 5 large-scale events with 200+ guests.

What kinds of events work with Knots & Bells?

Any celebration: weddings, quinceañeras, anniversaries, corporate gatherings, milestone birthdays, family reunions, and more.

Privacy Policy

Last updated: May 6, 2026

Short version: We collect only what we need to run your events. We never sell your data. Guest information you enter on behalf of others is handled with extra care and shared with no one except the guests themselves. You can request deletion at any time.

1. Who we are

Knots & Bells ("Knots & Bells", "we", "our", or "us") operates the marketing website at knotsandbells.com and the event planning platform at events.knotsandbells.com (collectively, the "Services").

For questions about this policy, contact us at privacy@knotsandbells.com.

2. Information we collect

2.1 Information you provide as a host or planner

Account details: your name, email address, and hashed password when you register
Event details: event name, type, dates, venue, description, cover photo, and custom event-page content you create
Guest list data: names, email addresses, RSVP status, dietary requirements, accessibility needs, sub-guest counts, and seating assignments you enter for your guests
Scrapbook and media: photos, images, and files you upload to the shared scrapbook or event page
Notes and budget: vendor notes, expense records, to-do items, and payment status you enter in the planning notebook
Messages: communications sent through the platform between hosts, coordinators, and guests
Seating and layout data: canvas layouts, table configurations, and chair-level guest assignments stored in the layout studio
Payment details: processed entirely by Stripe. We store only your Stripe customer ID and subscription status. We never see or store your card number, CVV, or bank details.
Beta access codes: if you redeem a beta access code, we record the redemption to apply the correct plan tier

2.2 Information guests provide

When a guest RSVPs through an event page, they provide their name, email address, RSVP response, dietary needs, sub-guest details, and any messages sent to the host. Some event pages are protected by a PIN or passphrase set by the host; guests must enter this credential to access the page.

2.3 Information collected automatically

Log data: IP address, browser type, pages visited, and timestamps when you interact with our Services
Device information: device type, operating system, and screen resolution
Cookies and session tokens: see Section 8 for details
Newsletter subscribers: if you submit your email address on knotsandbells.com, we store that address to send planning content and product updates

3. How we use your information

We use the information we collect to:

Deliver the Services: create and manage your events, process RSVPs, render event pages, store scrapbook media, send guest invitations and reminders
Process payments: create Stripe checkout sessions, manage subscription billing, and verify plan entitlements
Communicate with you: send transactional emails (RSVP confirmations, event updates, account notifications) and, where you have opted in, product news and planning guides
Improve the platform: analyse aggregate usage patterns, diagnose errors, and develop new features
Enforce these policies: detect, investigate, and prevent abuse, fraud, or violations of our Terms of Service
Comply with legal obligations: respond to lawful requests from courts, regulators, or law enforcement

We do not use your data to train AI or machine-learning models, and we do not use guest dietary or accessibility information for any purpose other than delivering it to the host and displaying it within the platform.

4. Guest data and host responsibilities

When you use Knots & Bells as a host or planner, you collect personal data on behalf of your guests (names, emails, dietary information, etc.). In data-protection terms, you are the data controller for your guests' data, and Knots & Bells acts as a data processor on your behalf.

As a host, you are responsible for:

Having an appropriate basis (e.g., legitimate interest or explicit consent) to collect and enter your guests' personal data into the platform
Informing your guests that their RSVP and dietary information will be processed through Knots & Bells
Responding to your guests' requests to access or delete their data

We will never use your guests' data for our own marketing or share it with third parties outside the scope of delivering the Services.

5. Data sharing and third-party processors

We do not sell, rent, or trade your personal data. We share data only with the following service providers under strict contractual obligations:

Supabase (database, authentication, and file storage) - your account data, event data, and uploaded media are stored in Supabase-hosted infrastructure
Cloudflare (media delivery) - scrapbook photos and event images are served via Cloudflare's CDN for performance and reliability
Stripe (payment processing) - payment card data is collected and stored by Stripe directly; we receive only subscription status and a customer reference ID
Resend (transactional and marketing email) - your email address and event-related notification content are passed to Resend to deliver messages

We may also disclose data where required by law, court order, or to protect the safety of our users or the public. We will notify you of such disclosure where legally permitted to do so.

6. Data retention

Active accounts: we retain your data for as long as your account remains active
Account deletion: when you delete your account, we remove your personal data within 30 days. Event data may be retained in anonymised form for aggregate analytics
Guest data: guest RSVP data is retained for the lifetime of the associated event. Hosts may delete individual guest records at any time from the guest management panel
Billing records: invoices and payment records are retained for 7 years as required by financial regulations
Newsletter subscribers: retained until you unsubscribe. You can unsubscribe at any time via the link in any marketing email

7. Your rights

Depending on your location, you may have the following rights regarding your personal data:

Access: request a copy of the personal data we hold about you
Rectification: correct inaccurate or incomplete data
Erasure: request deletion of your data, subject to legal retention obligations
Portability: receive your data in a structured, machine-readable format
Objection: object to processing based on legitimate interest
Withdrawal of consent: withdraw consent for marketing emails at any time via the unsubscribe link or by contacting us
Restriction: request that we restrict processing of your data while a complaint is investigated

To exercise any of these rights, email privacy@knotsandbells.com. We will respond within 30 days. We may need to verify your identity before fulfilling the request.

8. Cookies and session management

We use cookies and related technologies to operate the Services securely and effectively.

Essential cookies (cannot be disabled)

Session tokens are stored in HTTPOnly, Secure cookies managed by Supabase SSR. These are required for authentication and cannot be disabled without breaking the platform. They contain no personally identifying information beyond an opaque session reference.

Analytics cookies (opt-out available)

We may collect anonymised, aggregate analytics (pages visited, feature usage) to understand how the platform is used. This data is never linked to identifiable individuals. You may opt out by adjusting your browser's cookie settings.

9. Security

We take reasonable and appropriate technical and organisational measures to protect your data, including:

Encryption of all data in transit via TLS/HTTPS
Row-level security (RLS) enforced at the database layer on every table, ensuring users can only access data they are authorised to see
Authentication enforced via auth.uid() in all database policies; no hardcoded user IDs or bypass paths
Session tokens stored in HTTPOnly, Secure cookies; never in localStorage or sessionStorage
All user input validated with Zod schemas before reaching the database
Payment card data handled exclusively by Stripe; we never see or store card details

No system is perfectly secure. If you discover a vulnerability, please disclose it responsibly to privacy@knotsandbells.com.

10. Children's privacy

The Services are not directed at children under 16. We do not knowingly collect personal data from anyone under 16 years of age. If you believe a child under 16 has provided us with personal data, please contact privacy@knotsandbells.com and we will delete it promptly. Guests attending events managed through the platform may be any age; their data is controlled by the host under the host's own legal basis.

11. International data transfers

Our infrastructure is hosted on servers in the United States. If you access the Services from outside the United States, your data will be transferred to and processed in the US. We rely on standard contractual clauses and the data processing agreements of our sub-processors (Supabase, Stripe, Resend, Cloudflare) to provide appropriate safeguards for such transfers.

12. Changes to this policy

We may update this policy as the platform evolves. For material changes, we will notify you by email at least 14 days before the change takes effect. Minor changes (clarifications, corrections) will be posted here with an updated date. Continued use of the Services after the effective date constitutes acceptance of the revised policy.

13. Contact us

For privacy questions, data requests, or to report a concern, contact us at: privacy@knotsandbells.com. We aim to respond to all requests within 5 business days.