VowLens Privacy Policy

Privacy Policy

Last updated: June 2026

This Privacy Policy explains how VowLens collects, uses, stores and shares personal data.

VowLens is a UK wedding technology service for couples who want to collect candid guest-captured wedding memories in one private place. The service helps couples gather photos, short videos and, depending on the package, written or voice messages from their wedding guests.

This Privacy Policy applies to:

• couples who buy or enquire about VowLens;
• guests who use a VowLens QR code, upload page or gallery;
• people shown, heard or identified in uploaded wedding content;
• website visitors;
• anyone who contacts VowLens.

Please read this Privacy Policy carefully. It should be read together with our Terms of Service and Cookies Policy.

1. Who we are

VowLens is the legal and trading name of a sole trader business established in Scotland.

For data protection purposes, VowLens is the controller of personal data collected and used through the VowLens website, ordering process, customer relationship, service operation, guest upload pages, private galleries, business administration and support communications, unless this Privacy Policy says otherwise.

You can contact us using the details below:

Email: hello@vowlens.co.uk
Website: https://vowlens.co.uk

2. What VowLens does

VowLens gives couples a wedding-specific QR code, guest upload page and private gallery.

Guests can use the QR code or upload link to submit photos, short videos, written messages and, depending on the package, voice messages. Those uploads are then made available to the couple in their private gallery.

Some packages may include printed materials or printed keepsake items.

3. Important roles: VowLens, couples and guests

VowLens is generally the controller for the personal data processed through the VowLens service. This includes data used to provide accounts, process orders, host guest uploads, operate galleries, maintain security, provide support, send service emails and manage business records.

Couples also make important decisions about their own wedding gallery. For example, couples decide:

• to use VowLens for their wedding;
• who receives the QR code or gallery link;
• what guidance is given to guests;
• whether gallery access details are shared more widely;
• whether uploaded content is downloaded, reused or shared outside VowLens;
• whether unwanted uploads are deleted using the available gallery tools.

Guests decide what they upload, subject to our Terms of Service and any guidance given by the couple.

Where a couple downloads content from VowLens and uses it outside the VowLens service, the couple is responsible for that further use.

5. How we use personal data and our lawful bases

UK data protection law requires us to have a lawful basis for using personal data. The main lawful bases we rely on are contract, legitimate interests, legal obligation and consent.

5.1 Providing VowLens to couples

We use couple/customer data to:

• process orders;
• provide the selected package;
• create the wedding-specific QR code;
• create the upload page;
• create and operate the private gallery;
• send setup and service emails;
• provide downloads;
• provide customer support;
• manage postponement or service requests;
• fulfil printed items where included.

Our lawful basis is usually contract, because we need this information to provide the service the customer has bought.

5.2 Guest uploads and private galleries

We use guest upload data to:

• receive uploads;
• store uploads;
• display uploads in the couple’s private gallery;
• make uploads available for download by the couple;
• support gallery operation;
• prevent abuse;
• investigate technical issues;
• remove unlawful or inappropriate content where needed.

Our lawful basis is usually legitimate interests. The legitimate interests are the couple’s interest in collecting private wedding memories, guests’ interest in contributing to the couple’s wedding gallery, and VowLens’ interest in providing and securing the service.

Where processing is closely connected with providing the package bought by the couple, it may also be necessary for VowLens to perform its contract with the couple.

We balance these interests against the rights and freedoms of guests and other people shown, heard or identified in uploaded content.

5.3 Payments and billing

We use payment and billing information to:

• process payment;
• confirm orders;
• issue receipts;
• manage refunds or disputes;
• keep accounting and tax records;
• prevent fraud.

Our lawful bases are contract, legal obligation and legitimate interests.

5.4 Customer support and enquiries

We use enquiry and support information to:

• respond to messages;
• resolve issues;
• keep records of support decisions;
• protect VowLens if a dispute arises.

Our lawful bases are usually contract where the enquiry relates to an order, and legitimate interests for general business correspondence and dispute handling.

5.5 Security, fraud prevention and technical logs

We use technical data to:

• keep the website and service secure;
• prevent spam, misuse, fraud and unauthorised access;
• investigate faults;
• maintain service reliability;
• protect VowLens, customers and guests.

Our lawful basis is legitimate interests.

5.6 Legal, tax and accounting records

We use necessary records to:

• comply with tax obligations;
• keep accounting records;
• respond to legal claims;
• comply with regulatory duties;
• protect legal rights.

Our lawful bases are legal obligation and legitimate interests.

5.7 Marketing

We may use customer contact details to send marketing where we have a lawful basis to do so.

This may be based on consent, or in some limited circumstances legitimate interests, where permitted by law. We will not send electronic marketing where PECR requires consent unless that consent has been obtained.

You can unsubscribe from marketing at any time.

Service emails about orders, setup, access, security, storage, expiry, support or legal updates are not marketing emails and may still be sent where necessary.

8. How long we keep personal data

We do not keep personal data for longer than reasonably necessary.

8.1 Gallery content

Unless your order confirmation says otherwise, gallery content is retained according to the package storage period:

• Keepsake: 3 months from the wedding date;
• Signature: 6 months from the wedding date;
• Heirloom: 12 months from the wedding date.

After the relevant storage period ends, we may delete, disable, archive or make unavailable gallery content.

Couples should download gallery content before the storage period ends.

8.2 Order and business records

We may keep order, payment, tax, accounting and basic customer records for as long as required for legal, tax, accounting, audit, complaint, fraud prevention or dispute purposes.

8.3 Support and enquiry records

We keep support and enquiry records for as long as needed to deal with the issue and maintain reasonable business records.

8.4 Technical logs

Technical logs are kept for a limited period where possible, unless longer retention is needed for security, abuse prevention, investigation, legal compliance or dispute handling.

8.5 Marketing preferences

We may keep marketing consent, unsubscribe and suppression records so that we can respect preferences and avoid contacting people who have opted out.

8.6 Backups

Some data may remain in encrypted or restricted backups for a limited period after deletion from live systems. Backup data is not used for ordinary business purposes and is deleted or overwritten according to backup cycles unless it must be retained for legal, security or dispute reasons.

9. Who we share personal data with

We share personal data only where reasonably necessary for the purposes described in this Privacy Policy.

We may share data with:

• hosting, storage, security and infrastructure providers;
• payment processors;
• email delivery providers;
• print fulfilment providers;
• analytics or cookie providers, if used;
• professional advisers, such as accountants or legal advisers;
• regulators, courts, law enforcement or public authorities where required or appropriate;
• service providers who help us operate, secure and support VowLens.

We do not sell guest uploads.

We do not use guest uploads in public marketing unless appropriate permission has been obtained.

10. Main service providers

VowLens currently expects to use the following types of providers.

10.1 Cloudflare

Cloudflare may provide hosting, storage, security, content delivery, serverless infrastructure, technical logs and related infrastructure services.

Personal data processed through Cloudflare may include website requests, upload data, gallery content, IP addresses, technical logs and security information.

10.2 Stripe

Stripe processes payments and may handle payment, billing, fraud prevention, authentication, transaction and dispute information.

VowLens does not store full card numbers.

10.3 Resend

Resend may provide transactional email services, including order emails, setup emails, gallery emails, support emails and service communications.

10.4 Print partners

Where a package includes printed items, we may share the information required to produce and deliver those items with a print partner. This may include names, wedding details, selected images, layout proofs and delivery information.

10.5 Other providers

We may add or replace providers where reasonably necessary to operate VowLens. Where a change materially affects how personal data is used, we will update this Privacy Policy where appropriate.

11. International transfers

Some providers may process personal data outside the United Kingdom.

Where personal data is transferred or made accessible outside the UK, we will rely on a lawful transfer mechanism where required. This may include UK adequacy regulations, the UK International Data Transfer Agreement, the UK Addendum to the EU Standard Contractual Clauses, Standard Contractual Clauses, the UK-US Data Bridge where applicable, or another lawful mechanism.

The ICO explains that UK GDPR contains rules for restricted transfers where personal information is sent or made accessible outside the UK.

15. Your data protection rights

Depending on the circumstances, individuals may have the right to:

• request access to their personal data;
• request correction of inaccurate personal data;
• request deletion of personal data;
• restrict how personal data is used;
• object to certain processing;
• request portability of certain data;
• withdraw consent where processing is based on consent;
• complain to the Information Commissioner’s Office;
• not be subject to solely automated decisions with legal or similarly significant effects, where applicable.

These rights are not absolute. They may depend on the type of data, the reason we use it, legal exemptions, the rights of other people and whether we need the data for legal, security or dispute reasons.

The ICO confirms that the right to erasure is not absolute and applies only in certain circumstances.

VowLens does not currently use solely automated decision-making that produces legal or similarly significant effects.

16. How to exercise your rights

To exercise your rights, contact: hello@vowlens.co.uk

Please include enough information to help us identify the relevant data, such as:

• your name;
• your email address;
• whether you are a couple, guest, website visitor or another individual;
• the wedding or gallery involved, if relevant;
• the approximate date of the upload or interaction;
• a description of the content or data involved;
• what right you want to exercise.

We may need to verify your identity before responding.

We will usually respond within one month. If a request is complex or you have made several requests, we may extend the response period where the law allows.

17. Guest removal requests

Guests who want an upload removed should usually contact the couple first, because the couple has access to gallery tools and controls the wedding gallery experience.

However, guests and other individuals may also contact VowLens directly at hello@vowlens.co.uk.

We may ask for information needed to identify the relevant wedding, gallery, upload or individual.

We may remove, restrict or retain content depending on the circumstances, including:

• the rights of the person making the request;
• the rights and freedoms of other people shown, heard or identified;
• the couple’s rights and interests;
• whether the content is unlawful, harmful or inappropriate;
• whether legal, security or dispute reasons require retention;
• whether the request is valid under data protection law.

Where we cannot identify the relevant content from the information provided, we may be unable to act on the request.

18. Objections to processing

Where we rely on legitimate interests, individuals may object to the processing of their personal data.

If you object, we will consider the objection and whether we have compelling legitimate grounds to continue processing, or whether the data is needed for legal claims.

In some cases, we may remove or restrict content. In other cases, we may need to retain certain information for legal, security, accounting, tax, fraud prevention or dispute purposes.

19. Marketing rights

You can unsubscribe from marketing emails at any time by using the unsubscribe link or contacting hello@vowlens.co.uk.

Withdrawing marketing consent does not affect service emails needed for an order, gallery, security matter, legal notice or support request.

We will not use guest uploads in public marketing unless appropriate permission has been obtained.

Couples should not publish, advertise or commercially reuse guest uploads unless they have considered the rights and permissions of the people shown, heard or identified.