Privacy Policy
Last updated: 17 July 2026
This policy explains how Vulpine Works Ltd (“we”, “us”), the operator of Seatly at seatly.net, collects and uses personal data. We are the data controller for the information described below, and we handle it in line with UK data protection law (UK GDPR and the Data Protection Act 2018).
What we collect
- Account details — your email address, name, and sign-in method, provided when you create an account.
- Your content — the seating plans you create, including any guest details you add (names, groupings, dietary requirements, accessibility notes). You control what you enter here.
- Billing information — if you buy a paid plan, our payment provider Stripe collects your payment details. We never see or store full card numbers; we keep only your subscription status and a Stripe customer reference.
- Technical basics — logs necessary to run and secure the service (such as IP addresses in server logs). We do not run advertising trackers.
Guest data — a note for plan owners and for guests
Guest lists typically contain personal data about people other than the account holder. If you are a plan owner, you are responsible for using that information appropriately — we process it only to provide the service to you. If you are a guest whose details appear in someone’s seating plan: that data was entered by the event organiser, who is responsible for it; contact them in the first instance, or reach us at hello@seatly.net and we will help.
How we use data
- To provide the service — storing plans, showing them to you and people you share them with, generating exports (performance of our contract with you).
- To take payment and manage subscriptions (performance of contract, legal obligations).
- To send service emails such as team invitations or billing warnings (legitimate interests / performance of contract). We do not send marketing email without your consent.
- To keep the service secure and diagnose problems (legitimate interests).
Who processes data for us
We use a small number of specialist providers, each processing data only on our instructions:
- Clerk — sign-in and account management
- Supabase — database hosting (EU region)
- Vercel — application hosting
- Stripe — payment processing
- Resend — transactional email delivery
Some providers process data outside the UK/EEA (for example in the United States); where they do, transfers are protected by recognised safeguards such as the UK Extension to the EU–US Data Privacy Framework or standard contractual clauses. We do not sell personal data to anyone.
Cookies
Seatly uses only essential cookies — those needed to keep you signed in and the service secure. We do not use advertising or cross-site tracking cookies.
How long we keep data
Your account and content are kept while your account exists. If you delete your account, your plans and guest data are deleted from the live database; residual copies in encrypted backups expire on a rolling basis shortly after. Billing records are retained as long as tax law requires.
Your rights
Under UK GDPR you can ask for access to, correction of, deletion of, or a portable copy of your personal data, and you can object to or ask us to restrict certain processing. Email hello@seatly.net and we will respond within a month. You also have the right to complain to the Information Commissioner’s Office (ico.org.uk).
Changes to this policy
If we make material changes we will notify you (by email or in the app) before they take effect. The date at the top shows when this policy was last updated.
Contact
Vulpine Works Ltd — hello@seatly.net