Rosemary Events, Inc.
Privacy Policy
Last Updated: April 30, 2026
Thank you for visiting the website for Rosemary Events, Inc. Your privacy is important to us, and we are committed to protecting your personal information. This Privacy Policy outlines how we collect, use, disclose, and safeguard your information when you visit our website or engage with our services. Our services are not intended for children, and are not directed at individuals under 16 years of age.
Please read this policy carefully. By using our website and services, you agree to the terms described herein.
1. Information We Collect
We may collect personal information from you when you visit our website, engage with our services, or communicate with us. The types of information we may collect include:
• Contact Information: such as your name, email address, phone number, and mailing address.
• Event Details: information about your wedding or event, including date, location, and preferences.
• Payment Information: if you make a purchase or payment through our payment platform. Note: we do not store full payment card details; these are handled by our third-party payment processor.
• Communication Data: information provided when you contact us or interact with us through various channels.
• Usage Data: information about how you interact with our website, including IP address, browser type, pages visited, and time spent on pages, collected via Google Analytics.
• Marketing Preferences: your email address and communication preferences if you have opted in to receive marketing communications via Mailchimp.
2. How We Use Your Information
We use the information we collect for the following purposes:
• To provide and manage the services you have requested.
• To communicate with you, respond to your inquiries, and provide updates about your event.
• To send marketing communications, where you have opted in to receive them.
• To process payments for our services.
• To analyze and improve our website and services through aggregated analytics data.
• To comply with applicable laws and regulations.
3. Legal Basis for Processing (GDPR)
If you are located in the European Union or United Kingdom, we process your personal information under the following legal bases:
• Contract Performance: Processing necessary to fulfill our event planning services contract with you.
• Legitimate Interests: For website analytics and improving our services, where our interests are not overridden by your rights.
• Consent: For marketing communications via email. You may withdraw consent at any time.
• Legal Obligation: Where we are required to process data to comply with applicable law.
4. Data Retention
We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. Specifically:
• Client event data is retained for 7 years following the conclusion of our services, to comply with tax and accounting requirements.
• Marketing data is retained until you withdraw your consent or opt out.
• Website analytics data is retained in accordance with our analytics provider's (Google Analytics) standard retention settings.
• Payment records are retained as required by applicable financial and tax regulations.
When data is no longer required, we will securely delete or anonymize it.
5. Data Sharing and Disclosure
We do not sell or rent your personal information to third parties. However, we may share your information in the following circumstances:
• Service Providers: We share data with trusted third-party vendors who assist us in delivering our services, including:
◦ Google Analytics — for website usage analytics
◦ Mailchimp — for email marketing communications
◦ Payment processors — for secure payment handling
• Legal Requirements: We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., a court or government agency).
• Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.
All third-party service providers are contractually required to keep your information confidential and use it only for the purposes we specify.
6. International Data Transfers
Our service providers, including Google Analytics and Mailchimp, may transfer and process your personal data outside your country of residence, including to the United States. When transferring data from the EU/UK, we ensure appropriate safeguards are in place, including:
• Standard Contractual Clauses (SCCs) approved by the European Commission.
• Data Processing Agreements with all third-party processors.
By using our services, you acknowledge that your data may be processed in countries with different data protection laws than your own.
7. Cookies and Similar Technologies
We use cookies and similar technologies to enhance your experience on our website. The categories of cookies we use include:
• Strictly Necessary Cookies: Essential for the website to function. These cannot be disabled.
• Analytics Cookies: Used by Google Analytics to collect information about how visitors use our site (e.g., pages visited, time spent). This data is aggregated and anonymized.
• Marketing/Preference Cookies: Used to remember your preferences and tailor communications if you have opted into marketing.
You can control and manage cookies through your browser settings. However, disabling certain cookies may affect the functionality of our website. For EU/UK visitors, we will request your consent before placing non-essential cookies via our cookie consent tool.
For more information about Google Analytics and how to opt out, visit: https://tools.google.com/dlpage/gaoptout
8. Your Privacy Rights
Depending on your location, you may have the following rights regarding your personal data:
8a. Rights for All Users
• Access: Request a copy of the personal information we hold about you.
• Correction: Update or correct inaccurate information.
• Deletion: Request the deletion of your personal information, subject to applicable legal obligations.
• Opt-Out of Marketing: Unsubscribe from marketing emails at any time by clicking “Unsubscribe” in any email or contacting us directly.
8b. Additional Rights for EU/UK Residents (GDPR)
• Right to Restrict Processing: Request that we limit how we use your data.
• Right to Data Portability: Receive your personal data in a structured, commonly used, machine-readable format.
• Right to Object: Object to processing based on legitimate interests or for direct marketing.
• Right to Withdraw Consent: Where processing is based on consent, withdraw it at any time without affecting prior lawful processing.
• Right to Lodge a Complaint: You have the right to lodge a complaint with your local data protection authority (e.g., the ICO in the UK, or your EU member state’s supervisory authority).
8c. Additional Rights for California Residents (CCPA/CPRA)
If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):
• Right to Know: Know what personal information we collect, use, share, or sell.
• Right to Delete: Request deletion of personal information we have collected from you.
• Right to Correct: Request correction of inaccurate personal information.
• Right to Opt-Out of Sale or Sharing: We do not sell or share your personal information for cross-context behavioral advertising. If this practice changes, we will update this policy and provide an opt-out mechanism.
• Right to Limit Use of Sensitive Personal Information: You may direct us to limit the use of sensitive personal information to what is necessary to provide our services.
• Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA/CPRA rights.
9. How to Submit a Privacy Request
To exercise any of the rights described above, please contact us using the information in Section 12. In your request, please:
• Clearly identify yourself and describe the right you wish to exercise.
• Provide sufficient information for us to verify your identity.
We will respond to verifiable consumer requests within 45 days (CCPA) or one month (GDPR) of receipt. If we require additional time, we will notify you of the extension and reason.
10. Children’s Privacy
Our services are not directed at children under the age of 16, and we do not knowingly collect personal information from children under 13 (as defined under the Children’s Online Privacy Protection Act — COPPA). If we become aware that we have inadvertently collected personal information from a child under 13 without verifiable parental consent, we will take steps to delete that information as soon as possible. If you believe we may have collected information from a child, please contact us immediately.
11. Do Not Track
Some browsers include a “Do Not Track” (DNT) feature. Our website does not currently respond to DNT signals. However, you may opt out of Google Analytics tracking at any time using the Google Analytics Opt-out Browser Add-on.
12. Security
We take reasonable and appropriate technical and organizational measures to protect your personal information from unauthorized access, use, alteration, or disclosure. However, no method of transmission over the Internet or electronic storage is 100% secure, and we cannot guarantee absolute security.
13. Changes to This Privacy Policy
We may update this Privacy Policy periodically to reflect changes in our practices or applicable laws. When we make material changes, we will update the “Last Updated” date at the top of this policy and, where required, notify you by email or a prominent notice on our website. We encourage you to review this policy periodically.
14. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
Rosemary Events, Inc.
Email: info@rosemaryevents.com
Phone: 415.354.9685 ext. 1
Mailing Address: 835 Fifth Avenue, San Rafael, CA 94901
© 2026 Rosemary Events, Inc. All rights reserved.