Legal
Privacy policy
Effective date: April 27, 2026 · Last updated: April 27, 2026
Introduction
Build My Moment LLC, a limited liability company organized under the laws of the State of Missouri ("Build My Moment," "we," "us," or "our"), operates the website at https://buildmymoment.com and the connected event vendor marketplace (the "Service"). This privacy policy explains what information we collect about visitors, event planners, and vendors, how that information is used, with whom we share it, and the rights available to you under applicable law. Our Service is offered to residents of Missouri, with current city coverage in Kansas City, St. Louis, Columbia, Springfield, and Jefferson City. By creating an account or otherwise interacting with the Service, you agree to the terms described below.
Information we collect
We collect information you provide directly to us, information generated through your use of the Service, and information from a small set of trusted third-party processors that help us operate the platform.
Account and profile information
When you register, we collect your name, email address, phone number, password (stored as a salted hash), city, role (planner or vendor), and any optional profile fields you choose to share. Vendors additionally provide business name, service category, service area, portfolio media, package descriptions, pricing, availability, and a PayPal email used for payouts.
Booking and event information
When you request or complete a booking, we collect event date, location, guest count, package selection, special requests, the messages exchanged between planner and vendor, and the booking status timeline. This information is essential to the Service.
Payment information
All payment processing for deposits and vendor subscriptions is handled by PayPal. When you pay a deposit or sign up for a Pro subscription, you interact with PayPal directly. We receive a limited summary of the transaction (order identifier, amount in cents, status, payer email, and the last redirect result) but do not see, store, or process full card numbers, bank credentials, or security codes. PayPal's own privacy policy governs the data they collect during checkout.
Communications
If you email us, fill out a contact form, request support, leave a review, or send messages to a vendor, we retain those communications so we can respond, resolve disputes, improve the Service, and meet legal obligations.
Cookies and technical data
Like most modern websites, we collect technical data automatically: IP address, user agent, device type, referring URL, language preference, screen size, the pages you visit, and timestamps. We use essential session cookies (authentication and security) and preference cookies (theme and saved city). For aggregate usage measurement we rely on first-party server logs from our hosting provider rather than a third-party analytics product or tracking pixels. See our cookie policy for the full breakdown.
How we use information
We use the information described above to:
- Create and operate your account and authenticate sessions.
- Match planners with appropriate vendors and process bookings.
- Collect 50% deposits via PayPal, deduct the flat $25 booking fee, and route the vendor share through the PayPal Payouts API.
- Send transactional email such as receipts, booking confirmations, calendar reminders, and dispute notifications.
- Provide customer support and respond to inquiries.
- Detect, prevent, and respond to fraud, abuse, security incidents, and policy violations.
- Comply with legal obligations, court orders, tax reporting, and lawful requests from public authorities.
- Improve the Service through aggregate usage data from server logs and direct review of support submissions you send to us.
We do not sell your personal information. We do not rent or share your data with advertising networks. We do not use your data to train third-party AI models. Content you voluntarily submit to our support channels may be used to improve the Service, fix defects, and refine our internal documentation.
Service providers and disclosures
We rely on a small group of vetted service providers ("sub-processors") to operate the Service. Each operates under a written agreement that requires appropriate confidentiality and security controls.
- Supabase provides our database, authentication, and file storage. Booking, account, and content data is stored with Supabase.
- PayPal processes deposits, captures booking fees, and routes vendor payouts. PayPal acts as an independent controller of payment data.
- Resend delivers transactional email such as receipts, password resets, and booking notifications.
- Google reCAPTCHA (v3) protects sign-up, login, password reset, and contact forms from bots and automated abuse. Use of reCAPTCHA is subject to the Google Privacy Policy and Terms of Service.
- Vercel hosts the application and runs our serverless functions. Vercel generates standard server logs (such as request timestamps and IP addresses) that we use only in aggregate to keep the Service running, secure, and performant.
We may also disclose information when required by law, to enforce our Terms of Service, to protect the rights, property, or safety of Build My Moment, our users, or the public, or in connection with a merger, acquisition, financing, or sale of assets, in which case we will provide notice before your data becomes subject to a different privacy policy.
Data retention
We keep account, booking, and financial records for as long as your account is active and for a reasonable period afterward to satisfy tax, accounting, dispute resolution, and legal obligations. Booking records are typically retained for seven years from the event date. Support tickets and abuse reports may be retained longer where necessary to investigate repeat issues. When information is no longer needed, we delete it or anonymize it so it can no longer be associated with you.
Your privacy rights
Depending on where you live, you may have rights to access, correct, delete, restrict, or port the personal information we hold about you, and to object to certain uses. Missouri residents and other United States users may exercise rights similar to those granted under the California Consumer Privacy Act (CCPA), and visitors in the European Economic Area or United Kingdom may exercise rights under the GDPR. To make a request, email buildmymoment@gmail.com from the address associated with your account. We will verify your request and respond within 45 days. We do not discriminate against users who exercise privacy rights.
Security
We use industry-standard administrative, technical, and physical safeguards designed to protect your information. These include transport encryption (TLS 1.2 or higher), encryption at rest for our database, role-based access controls, audit logging, hardened third-party processors, and limited employee access on a need-to-know basis. No method of transmission over the internet is perfectly secure, and we cannot guarantee absolute security.
Children
Build My Moment is intended for users 18 and older. We do not knowingly collect personal information from children under 13. If you believe a child has provided us personal information, contact us and we will delete it promptly.
International users
The Service is operated from the United States. If you access the Service from outside the United States, you consent to your information being transferred to and processed in the United States and other jurisdictions where our service providers operate.
Changes to this policy
We may update this privacy policy from time to time. When we make material changes, we will revise the effective date above and, where appropriate, notify you by email or through the platform. Your continued use of the Service after the effective date of an update constitutes acceptance of the revised policy.
Contact
Questions, requests, or complaints about this privacy policy may be directed to: