Privacy Policy
Last updated: December 24, 2025
Introduction
Birrday ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our birthday tracking application and related services.
Information We Collect
Account Information
When you create an account, we collect:
- Email address (from Google OAuth)
- Name (from your Google profile)
- Profile picture (optional, from your Google profile)
- Phone number (optional, for SMS reminders)
Birthday Data
To provide our core service, we store:
- Names and birthdays of friends you add
- Reminder preferences (how many days before to notify you)
- Notes you add about friends
Chrome Extension Data
If you use our Chrome extension to import birthdays from Facebook:
- The extension only accesses the Facebook birthdays page when you explicitly click "Import"
- We collect only friend names and birthday dates from the Facebook page
- No Facebook credentials or private messages are accessed
- Data is transmitted securely via HTTPS to our servers
- You can review and select which birthdays to import before they are saved
Payment Information
Payment processing is handled entirely by Stripe. We never store your credit card details. We only receive confirmation of successful payments and subscription status.
How We Use Your Information
- Send birthday reminders via email or SMS based on your preferences
- Display your friends' upcoming birthdays in the app
- Process payments and manage your subscription
- Send birthday wishes on your behalf (Pro feature)
- Improve our services based on usage patterns
- Communicate important updates about the service
Data Sharing
We do not sell your personal information. We share data only with:
- Supabase: Our database and authentication provider
- Stripe: For payment processing
- Resend: For sending email notifications
- Twilio: For sending SMS notifications (if enabled)
- PostHog: For privacy-friendly analytics
Data Security
We implement industry-standard security measures including:
- Encrypted data transmission (HTTPS/TLS)
- Row-level security in our database
- Secure OAuth authentication
- Regular security audits
Your Rights (GDPR & Privacy Laws)
Under GDPR and other privacy laws, you have the following rights:
Right to Access
You can request a copy of all personal data we hold about you. Visit Settings to download your complete data export in JSON format.
Right to Rectification
You can update your profile information, birthday data, and preferences anytime through your Settings page.
Right to Erasure ("Right to be Forgotten")
You can permanently delete your account and all associated data via Settings. This action is immediate and irreversible. All your friends, reminders, and personal information will be permanently deleted from our systems.
Right to Data Portability
Download your data in a structured, machine-readable JSON format via Settings. This allows you to transfer your data to another service if desired.
Right to Object
You can object to certain types of data processing by contacting us at support@birrday.com. You can also manage cookie preferences to opt out of analytics.
Right to Restrict Processing
You can request that we temporarily restrict processing of your data while we investigate a concern. Contact us at support@birrday.com.
Right to Withdraw Consent
You can withdraw consent for optional features like SMS reminders, analytics cookies, or email notifications at any time through your settings.
Right to Lodge a Complaint
If you believe we have not handled your data properly, you have the right to lodge a complaint with your local data protection authority.
Note: Most of these rights can be exercised directly through your account settings. For requests requiring manual assistance, contact us at support@birrday.com. We will respond within 30 days as required by GDPR.
Legal Basis for Processing (GDPR)
We process your personal data based on the following legal grounds:
- Contract Performance: To provide birthday reminders and core app functionality
- Legitimate Interests: For analytics, security, and service improvement
- Consent: For optional features like SMS notifications and analytics cookies
- Legal Obligations: For tax records and compliance requirements
Cookies & Tracking
Essential Cookies (Required)
These cookies are necessary for the website to function and cannot be disabled:
- Authentication and session management
- Security and fraud prevention
- Cookie consent preferences
Analytics Cookies (Optional)
With your consent, we use privacy-friendly analytics to improve our service:
- PostHog: Privacy-first analytics that respects Do Not Track settings
- No personally identifiable information is collected
- You can opt out via the cookie consent banner or Settings
Manage your cookie preferences through the banner that appears on your first visit, or update them anytime in your account settings.
Data Retention
We retain your data as long as your account is active. When you delete your account, all personal data is permanently removed within 30 days. Some anonymized analytics data may be retained for service improvement.
Children's Privacy
Birrday is not intended for children under 13. We do not knowingly collect personal information from children under 13. If you believe we have collected such information, please contact us immediately.
Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of any significant changes by email or through the app. Your continued use of Birrday after changes constitutes acceptance of the updated policy.
Contact Us
If you have any questions about this Privacy Policy, please contact us at: support@birrday.com