embrr is built and operated by Donal Doherty, a sole trader based in Northern Ireland, United Kingdom. In this policy, "embrr", "we", "our" and "us" refer to Donal Doherty trading as embrr. For the purposes of UK data protection law, embrr is the data controller in respect of photographer account information, and a data processor in respect of couple enquiry data that photographers handle through the platform. Section 10 explains this in more detail.
Contact: hello@embrr.app
This policy covers two groups of people:
When a photographer creates an account we collect and store: name, email address, business name, photography pricing information, venue preferences, gallery URLs, follow-up preferences, and the Google account email that is connected to embrr for Gmail access.
Once a photographer connects their Gmail account, embrr accesses emails in that inbox that relate to wedding enquiries. This includes the full body and metadata of those emails (sender, recipient, subject, date, headers, message content), so that embrr can understand the enquiry, draft a reply, and send the reply on the photographer's behalf. embrr does not access, read, or store emails that are unrelated to wedding enquiries (for example, personal email, newsletters, or other business correspondence), beyond what is necessary to identify and filter for wedding enquiries.
With the photographer's consent, embrr reads event titles and dates from the photographer's Google Calendar to check whether a couple's wedding date is already booked. embrr does not modify, delete, or create calendar events, and does not read event descriptions, attendees, or locations.
When a couple sends an enquiry to a photographer that uses embrr, the following data from that enquiry is processed and stored: couple names, email address, phone number (if provided), wedding date, venue, how they heard about the photographer, photography type, and the message body. This is the same information couples already send to photographers by email. embrr does not independently collect data from couples.
When photographers use the embrr dashboard we record standard request logs (timestamps, URL paths, HTTP status codes, approximate geographic region derived from IP address). We do not use third-party analytics tools, advertising trackers, or behavioural tracking scripts.
embrr's use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. Specifically:
embrr requests the smallest set of Google OAuth scopes needed to provide the service. Specifically:
embrr uses the data described above to provide the service, specifically to:
embrr does not use photographer or couple data to develop, train, or improve generalised artificial intelligence or machine learning models, and does not sell or rent any data to anyone. Each photographer's voice profile is derived only from their own writing and is used exclusively to draft replies within their own account. Voice profiles are not combined across photographers, and are not a training input for any AI model.
To draft replies and analyse enquiries, embrr sends relevant enquiry content to Anthropic's Claude API. This processing happens under Anthropic's standard commercial API terms:
Anthropic's current data handling terms are published at anthropic.com/legal/commercial-terms and privacy.anthropic.com. No AI processing is carried out by any provider other than Anthropic.
Photographer accounts, enquiry data, and Gmail tokens are stored in a managed Postgres database hosted by Supabase, in the eu-west-2 (London, UK) region. The embrr application and serverless functions run on Vercel. WhatsApp approval messages are delivered through Twilio. Push notifications from Gmail are received through Google Cloud Pub/Sub.
embrr currently does not use any analytics platforms, advertising networks, customer data platforms, or third-party error tracking tools such as Sentry, PostHog, Datadog, or Mixpanel.
Primary data storage is in the UK. Some subprocessors listed above operate infrastructure in other regions, including the United States. Where data is transferred outside the UK or EEA, we rely on the appropriate safeguards, including Standard Contractual Clauses and the UK Addendum, together with the UK's adequacy determination for relevant jurisdictions.
Data is retained for as long as the photographer's account is active, or as needed to provide the service, and then deleted or anonymised. Specific retention windows:
Under the UK GDPR you have the right to access the personal data we hold about you, to have inaccurate data corrected, to have your data deleted, to restrict or object to how we process it, and to receive your data in a portable format. You can exercise any of these rights by emailing hello@embrr.app. We will respond within one month.
You also have the right to lodge a complaint with the UK Information Commissioner's Office. Their contact details are at ico.org.uk/make-a-complaint/.
Under UK GDPR, embrr processes photographer data on the basis of the contract between the photographer and embrr (Article 6(1)(b)). embrr processes couple data on the basis of the legitimate interests of the photographer in responding to and managing enquiries they have received (Article 6(1)(f)). Where the photographer has asked embrr to access their Google account, the photographer has provided explicit consent through the Google OAuth consent screen.
When a couple emails a wedding enquiry to a photographer, the photographer decides what to do with that enquiry. Under UK data protection law the photographer is the data controller for that enquiry. embrr is a data processor, acting on the photographer's instructions to help them draft and send replies.
For this reason, couples who want to access, correct, or delete their data should contact the photographer directly in the first instance. The photographer can delete an enquiry in their embrr dashboard at any time, which removes the associated data.
If a couple cannot reach their photographer, or prefers to contact embrr directly, they can email hello@embrr.app. We will identify the relevant photographer and forward the request, or act on it directly if appropriate.
embrr is currently in a closed beta with a small number of wedding photographers. During this phase, disconnecting Gmail and closing an account are handled by email request:
Email hello@embrr.app with "Disconnect Gmail" in the subject line. We will delete the stored OAuth refresh and access tokens within one business day. You can also revoke embrr's access at any time yourself from your Google Account at myaccount.google.com/permissions. If you revoke access directly at Google, embrr will stop being able to read or send email on your behalf immediately.
Email hello@embrr.app with "Close account" in the subject line. We will delete your photographer account and all associated data, including enquiries, drafts, voice examples, venues, pricing, and OAuth tokens, within 30 days. Residual copies in backups are removed according to the retention windows in Section 8.
Self-serve Gmail disconnect and account deletion are on the roadmap and will be available in the embrr dashboard before the product leaves beta.
Data in transit is encrypted using TLS. Data at rest in the Supabase database is encrypted at the infrastructure level by Supabase. Gmail OAuth tokens are stored in the Supabase database and are never exposed to browsers. Row-level security policies restrict access to each photographer's own data. The service role key used for privileged database access is stored as a server-side environment variable and is never exposed to client-side code.
Access to production systems is restricted to Donal Doherty as the sole operator. embrr does not have employees or contractors with access to photographer data.
If embrr becomes aware of a personal data breach that is likely to result in a risk to the rights and freedoms of affected individuals, we will notify the UK Information Commissioner's Office within 72 hours of becoming aware, as required by Article 33 of the UK GDPR. Where the breach is likely to result in a high risk to affected individuals, we will also notify those individuals directly without undue delay.
embrr is a business-to-business tool for professional wedding photographers and is not directed at children. We do not knowingly collect data about children. If you believe a child's data has been provided to embrr, please email us and we will delete it.
embrr uses the following subprocessors to provide the service:
We will update this list when we add or remove a subprocessor.
If we make material changes to this policy, we will notify active photographers by email before the changes take effect, and update the "Last updated" date at the top of this page. The previous version will remain available on request.