Said & Kept
Start your keepsake

Legal

Privacy policy

Last updated: 24 May 2026

This policy explains what personal data Moken Digital Ltd, trading as Said & Kept (“we”, “us”, “our”), collects when you use the service, why we collect it, and what your rights are. We are the data controller for the information described below.

What we collect

From you, when you create an account

  • Your name and email address.
  • Your wedding details (names, date, location) — only what you choose to share.
  • Account password (stored hashed, never in plain text).

From your guests, when they leave a message

  • Their name (or whatever they choose to sign as).
  • The message they wrote.
  • Basic technical data (IP address, browser) to help us prevent abuse.

When you pay

Payment is handled by Paddle.com Market Ltd. We don’t see or store your card details. Paddle shares limited information with us so we can link your purchase to your account (your name, email, country, the amount paid). See Paddle’s privacy notice for details.

Automatically, when you use the site

  • Approximate location (country) from your IP address, used only to show you the right currency.
  • Basic analytics so we can understand how the service is used.

Why we use it

  • To run your account and your wedding message page.
  • To process your purchase and send purchase confirmations.
  • To send service emails (e.g. password resets).
  • To keep the service secure and prevent abuse.
  • To meet our legal obligations (e.g. tax records).

Legal basis

We rely on the following lawful bases under UK GDPR: contract (to provide the service you paid for), legitimate interests (to keep the service secure and improve it), consent (where we ask for it, e.g. marketing emails), and legal obligation (e.g. accounting records).

Who we share it with

We use a small number of trusted suppliers to run Said & Kept. They only handle data on our behalf:

  • Supabase — database and authentication hosting.
  • Vercel — application and analytics hosting.
  • Paddle — payment processor and merchant of record.

We don’t sell your data or your guests’ messages, and we don’t share it with advertisers.

Where it’s stored

Your data is stored on servers in the European Union and the United Kingdom. Where any supplier transfers data outside the UK/EU, they do so under safeguards approved by the UK Information Commissioner’s Office.

How long we keep it

  • Account and message data: for as long as your account is active. You can delete your account at any time and we’ll remove the data.
  • Purchase records: kept for 7 years to meet UK tax-record requirements.

Your rights

Under UK GDPR you can ask us to:

  • Tell you what data we hold about you.
  • Correct any data that’s wrong.
  • Delete your data (subject to legal record-keeping).
  • Restrict or object to how we use it.
  • Send a copy of your data to another provider.

To exercise any of these, email hello@saidandkept.com. You can also complain to the UK Information Commissioner’s Office at ico.org.uk.

Cookies

We use a small number of essential cookies to keep you signed in. We don’t use advertising cookies. Paddle may set cookies during checkout — see Paddle’s privacy notice for details.

Changes to this policy

We may update this policy from time to time. The “Last updated” date at the top tells you when it last changed. We’ll flag material changes by email.

Contact

Questions about your data? Email hello@saidandkept.com.

Company details

Moken Digital Ltd is a company registered in England and Wales.
Company number: 12831534.
Registered office: Apollo House, Hallam Way, Whitehills Business Park, Blackpool, England, FY4 5FS.