Introduction & Commitment to Privacy

Welcome to the privacy policy for The Gilded Registry, a wedding planning application sold through Etsy and designed to run entirely within your web browser.

This privacy policy explains how the application handles information, what data exists, where it is stored, and what rights you have under various international privacy frameworks. We believe in complete transparency, even when — especially when — there is very little to disclose.

The Gilded Registry is available in eight languages (English, German, French, Spanish, Italian, Portuguese, Indonesian, and Dutch) and is sold to customers worldwide. This policy is written to address privacy regulations across all jurisdictions in which the product is available.

Data Controller Information

For the purposes of applicable data protection legislation, the data controller is:

Total Design Labs (operating as The Gilded Registry)
Website: www.totaldesignlabs.com
Product page: gildedregistry.totaldesignlabs.com
Email: [email protected]

If you have questions or concerns about this privacy policy or your data, please contact us using the details above or through Etsy messaging.

What Data the App Processes

The Gilded Registry allows you to enter and manage information related to your wedding planning. The types of data you may choose to enter include:

• Wedding event details (date, venue name, ceremony and reception information)
• Guest names, RSVP statuses, meal preferences, and table assignments
• Budget categories, estimated costs, actual expenses, and vendor names
• Task lists, timelines, and scheduling details
• Notes and personal preferences
• Partner names and wedding party member names

All of this information is entered voluntarily by you and processed exclusively within your web browser. None of this data is transmitted to any server, cloud service, or third party. The application has no network communication capabilities for user data.

How Data is Stored

The Gilded Registry stores all user-entered data exclusively in your browser's localStorage, under the key weddingPlanner. localStorage is a standard web browser feature that saves data directly on your device — your computer, tablet, or phone.

Key characteristics of this storage approach:

• Device-local only: Data exists solely on the device and browser where you use the application. It is never copied elsewhere automatically.
• No server involvement: There is no server, database, or cloud storage associated with this application. We have no infrastructure that could receive or store your data.
• Browser-specific: Data saved in one browser (e.g., Chrome) is not accessible from another browser (e.g., Firefox) on the same device, nor from the same browser on a different device.
• Persistent until cleared: Data remains in localStorage until you explicitly clear it through the app, clear your browser data, or uninstall your browser.

Data We Do NOT Collect

To be explicitly clear about our data practices, The Gilded Registry does not collect, transmit, store, or process any of the following:

• Personal identification data: No names, email addresses, phone numbers, or physical addresses are collected by us
• Analytics or usage data: No page views, click tracking, session duration, or behavioral analytics
• Cookies: The application sets no cookies of any kind — no session cookies, no tracking cookies, no preference cookies
• Device information: No device identifiers, browser fingerprints, IP addresses, or hardware specifications
• Location data: No geolocation, GPS coordinates, or location inference
• Third-party tracking: No advertising pixels, social media trackers, or marketing beacons
• Server-side storage: No databases, logs, or server records of any kind related to your usage
• Account information: No user accounts, passwords, or authentication credentials
• Financial data: No payment processing occurs within the application (your purchase was handled entirely by Etsy)

External Resources

The main wedding planner application (wedding-planner.html) makes zero external network requests. All fonts, styles, and scripts are self-contained within the file.

The accompanying user guide (README.html) loads web fonts from Google Fonts (fonts.googleapis.com). When you open the guide page, your browser makes a request to Google's servers to retrieve font files. This request may expose:

• Your IP address (to Google's font servers)
• Your browser's user agent string
• The referring page URL

This is a standard browser behavior that occurs with millions of websites. Google states that Google Fonts requests are not used for tracking and that no cookies are sent with font requests. You can review Google's privacy policy for their Fonts service at https://developers.google.com/fonts/faq/privacy.

If you prefer to avoid this external request, you can simply use the wedding planner application directly without opening the guide, or open the guide while offline (the page will function normally with fallback system fonts).

Backup Files

The Gilded Registry includes a backup/export feature that allows you to save your wedding planning data as a .json file. Important details about this feature:

• User-initiated only: Backups are created only when you explicitly choose to export your data.
• Saved locally: The exported file is saved to your device's downloads folder or a location you choose. It is not uploaded anywhere.
• Your responsibility: Once exported, the backup file is under your sole control. You decide where to store it, whether to share it, and when to delete it.
• Contains your data: The backup file includes all data you have entered into the planner in a readable JSON format. Treat it with the same care you would give any personal document.

We recommend storing backup files in a secure location and being mindful when sharing them, as they may contain names, budget details, and other personal wedding planning information.

Data Sharing with Partners

The Gilded Registry has no automatic data-sharing functionality. We do not share, sell, rent, or disclose your data to any third party because we do not have access to your data.

If you choose to share your wedding planning data with a partner, wedding coordinator, or other person, this would be done manually by you — for example, by sharing an exported backup file or by giving someone access to your device. Any such sharing is entirely your decision and under your control.

We have:

• No data-sharing agreements with third parties
• No advertising partners
• No data brokers or resellers
• No analytics providers
• No social media integrations that transmit data

Data Retention & Deletion

You have complete control over your data's lifecycle:

• Retention: Data persists in your browser's localStorage for as long as you choose to keep it there. There is no automatic expiration.
• Deletion within the app: You can clear individual sections or all data using the app's built-in reset or clear functions.
• Deletion via browser: You can delete all application data by clearing your browser's localStorage or site data for the file's origin.
• Complete removal: Clearing your browser data, resetting your browser, or uninstalling your browser will permanently remove all application data.

Because we never receive or store your data on any server, there is no need to submit a deletion request to us. You can delete your data instantly and completely at any time without contacting anyone.

Children's Privacy

The Gilded Registry is a wedding planning tool intended for adults who are planning a wedding or similar event. It is not directed at children under the age of 13 (or the applicable age of digital consent in your jurisdiction).

Because our application collects no data whatsoever — from any user of any age — there is no risk of inadvertent collection of children's personal information. No data is transmitted from the application to any server, regardless of who uses it.

This approach is consistent with the requirements of the U.S. Children's Online Privacy Protection Act (COPPA), the EU's General Data Protection Regulation provisions regarding children (Article 8), the UK Age Appropriate Design Code, and similar legislation worldwide.

Your Rights Under GDPR (EU/EEA Users)

If you are located in the European Union or European Economic Area, you are protected by the General Data Protection Regulation (EU) 2016/679. Under the GDPR, you have the following rights:

• Right of access (Article 15): You have the right to obtain confirmation of whether personal data concerning you is being processed. In our case, we process no personal data on any server or system — all data remains on your device.
• Right to rectification (Article 16): You can correct any data directly within the application at any time, as you have full edit access to all stored information.
• Right to erasure (Article 17): You can delete all data immediately by clearing your browser's localStorage. No request to us is necessary.
• Right to restriction of processing (Article 18): Since processing occurs only on your device, you control all processing by choosing when and how to use the application.
• Right to data portability (Article 20): The export/backup feature provides your data in a structured, commonly used, machine-readable format (JSON).
• Right to object (Article 21): There is no processing to object to, as we perform no data processing on our end.

Legal basis for processing: To the extent that any processing occurs (exclusively on your device), the legal basis is your explicit action of entering data into the application — effectively, performance of the contract under which you purchased and use the software (Article 6(1)(b)).

Data transfers: No data is transferred outside your device, so no cross-border data transfer issues arise from the application itself. The Google Fonts request in the README page involves a transfer to Google's servers (see Section 6 above).

If you believe your rights have been infringed, you have the right to lodge a complaint with your local supervisory authority.

Your Rights Under UK GDPR

If you are located in the United Kingdom, your data protection rights are governed by the UK General Data Protection Regulation (as incorporated into UK law by the Data Protection Act 2018 and the European Union (Withdrawal) Act 2018).

Your rights under the UK GDPR mirror those described in the GDPR section above, including rights of access, rectification, erasure, restriction, portability, and objection. The same practical outcomes apply: because your data never leaves your device, you exercise all of these rights directly and without needing to contact us.

The relevant supervisory authority in the UK is the Information Commissioner's Office (ICO). If you have concerns about data protection, you may contact the ICO at https://ico.org.uk.

Your Rights Under CCPA/CPRA (California Users)

If you are a California resident, you are protected by the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA). These laws grant you specific rights regarding your personal information:

• Right to know: You have the right to know what personal information is collected. We collect no personal information.
• Right to delete: You have the right to request deletion of personal information. Since all data is on your device, you can delete it directly at any time.
• Right to opt out of sale/sharing: We do not sell or share personal information with third parties. There is no data to sell or share.
• Right to non-discrimination: We do not discriminate against users who exercise their privacy rights.
• Right to correct: You can correct any information directly within the application.
• Right to limit use of sensitive personal information: We do not collect sensitive personal information.

Categories of personal information collected in the preceding 12 months: None.

Categories of personal information sold or shared in the preceding 12 months: None.

Categories of personal information disclosed for a business purpose: None.

Because we collect no personal information, there is no need to submit a verifiable consumer request. However, if you have questions, you may contact us at the email address provided in this policy.

Your Rights Under LGPD (Brazilian Users)

If you are located in Brazil, the Lei Geral de Proteção de Dados (LGPD, Law No. 13,709/2018) provides you with the following rights regarding personal data:

• Confirmation of processing: We confirm that no personal data processing occurs on our systems.
• Access to data: All data is accessible directly on your device within the application.
• Correction of incomplete or inaccurate data: You may edit any data within the application at any time.
• Anonymization, blocking, or deletion: You control all data and may delete it at any time by clearing browser storage.
• Data portability: The JSON export feature provides full data portability.
• Deletion of personal data: Achievable instantly through browser settings or in-app controls.
• Information about sharing: No data is shared with any public or private entities.
• Information about consent denial: No consent is required because no data collection occurs.
• Revocation of consent: You may stop using the application and delete your data at any time.

The relevant authority is the Autoridade Nacional de Proteção de Dados (ANPD). If you have concerns, you may contact the ANPD.

Your Rights Under the Australian Privacy Act

If you are located in Australia, the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs) govern how organizations handle personal information. Key principles relevant to this application:

• APP 1 (Open and transparent management): This privacy policy provides transparency about our practices. Our practice is simply that we do not collect personal information.
• APP 3 (Collection of personal information): We do not collect personal information from you. All data you enter remains on your device.
• APP 5 (Notification of collection): As we do not collect personal information, no collection notification is required. We provide this policy for transparency.
• APP 6 (Use or disclosure): We do not use or disclose personal information because we do not hold any.
• APP 8 (Cross-border disclosure): No personal information is disclosed to overseas recipients by the application.
• APP 11 (Security): Data security is maintained through the localStorage architecture, keeping data exclusively on your device.
• APP 12 (Access): You have immediate, direct access to all your data within the application.
• APP 13 (Correction): You can correct any data directly within the application at any time.

If you have a complaint, you may contact the Office of the Australian Information Commissioner (OAIC) at https://www.oaic.gov.au.

Your Rights Under PIPEDA (Canadian Users)

If you are located in Canada, the Personal Information Protection and Electronic Documents Act (PIPEDA) — and any applicable provincial privacy legislation — provides you with rights regarding your personal information. Under PIPEDA's ten fair information principles:

• Accountability: We are responsible for personal information under our control. In practice, no personal information is under our control — it remains on your device.
• Identifying purposes: The purpose of any data you enter is wedding planning, and it is used solely by you on your device.
• Consent: Your use of the application constitutes consent for local storage on your device. No further consent is needed as no data is transmitted.
• Limiting collection: We collect no personal information whatsoever.
• Limiting use, disclosure, and retention: Data is used only for the purpose you choose (wedding planning) and is retained only as long as you keep it in your browser.
• Accuracy: You maintain accuracy by directly editing your data at any time.
• Safeguards: Data is protected by your browser's built-in security mechanisms and your device's own security.
• Openness: This privacy policy provides complete transparency about our practices.
• Individual access: You have immediate, unrestricted access to all your data.
• Challenging compliance: If you have concerns, you may contact the Office of the Privacy Commissioner of Canada.

Your Rights Under the Indonesian PDP Law

If you are located in Indonesia, Law No. 27 of 2022 concerning Personal Data Protection (UU PDP) grants you rights over your personal data. Under this law:

• Right to information: You have the right to obtain information about the processing of your personal data. We inform you that no personal data processing occurs on our systems.
• Right to access: All data is stored on your device and accessible to you directly at all times.
• Right to correct: You can correct any data within the application immediately.
• Right to delete: You may delete all data by clearing your browser's localStorage at any time.
• Right to withdraw consent: You may cease using the application and delete your data at any time without consequence.
• Right to object: As no processing occurs on our end, there is nothing to object to.
• Right to data portability: The JSON export feature provides your data in a portable, machine-readable format.
• Right to lodge a complaint: You may raise concerns with the relevant Indonesian government authority overseeing personal data protection.

International Data Considerations

The Gilded Registry is sold to customers worldwide through Etsy. Regardless of where you are located, the privacy protections described in this policy apply equally to all users.

Because your data never leaves your device, there are no cross-border data transfers initiated by the application. Specifically:

• No data is transferred between countries
• No data is stored in jurisdictions other than where your device physically resides
• No adequacy decisions, Standard Contractual Clauses, or Binding Corporate Rules are necessary because no international data flows occur
• No data is processed in countries with different privacy standards

The one exception is the Google Fonts request made by the README page, which routes through Google's global infrastructure. This is limited to fetching font files and does not involve your wedding planning data.

If your jurisdiction has specific privacy requirements not addressed in this policy, please contact us and we will provide relevant information.

Security

The Gilded Registry's architecture provides inherent security advantages: since your data never traverses a network, it cannot be intercepted in transit, exposed in a data breach of our servers (we have none), or accessed by unauthorized third parties through our systems.

However, localStorage has its own security considerations that you should be aware of:

• No encryption at rest: localStorage data is not encrypted by default. Anyone with physical access to your device and browser may be able to view the stored data.
• Shared device risks: If you share your computer with others, they may be able to access your wedding planning data through the browser's developer tools or by opening the application.
• Browser vulnerabilities: While modern browsers implement strong same-origin security policies that prevent other websites from accessing your localStorage data, keeping your browser updated is important.
• Malware: Malicious software on your device could potentially access localStorage data. Maintaining good device security practices protects against this.

Our Security Recommendations

• Keep your web browser updated to the latest version
• Use your device's built-in security features (screen lock, user accounts, disk encryption)
• If using a shared device, consider clearing the application data when you are finished
• Store backup files in a secure, private location
• Be cautious about who has physical access to your device
• Use your operating system's user account system to prevent unauthorized access

Changes to This Policy

We may update this privacy policy from time to time to reflect changes in applicable law, best practices, or minor adjustments to our product. Given the nature of our application — a locally-running, zero-data-collection tool — significant changes to this policy are unlikely.

When we update this policy:

• The "Last updated" date at the top of this page will be revised
• Updated policies will be included with new versions of the product
• Material changes will be noted in our Etsy product listing updates

We encourage you to review this policy periodically. Your continued use of the application after changes constitutes acceptance of the updated policy.

Contact Information

If you have any questions, concerns, or requests regarding this privacy policy or your data, you may contact us through:

• Email: [email protected]
• Website: www.totaldesignlabs.com
• Etsy: Message us through our Etsy shop

We aim to respond to all privacy-related inquiries within 30 days. For requests made under specific privacy legislation that mandates shorter response times, we will comply with the applicable statutory deadline.