Privacy Policy

Last updated: July 2026

Who we are

UbiFrui Seating is a product of Ubifrui, a UK-based software business. We provide a web-based tool that helps event hosts build seating plans for weddings, dinners, and other gatherings.

If you have questions about this policy or your data, contact us at hello@ubifrui.com.

What data we collect

If you are a host (someone who creates an account and runs an event):

If you are a guest (someone who registers via an event link):

Technical data (collected automatically):

How we use your data

For hosts, we use your data to provide the service: creating and managing your account, running your events, and storing your seating plans.

For guests, your responses are used solely to help the host build a seating plan for the event you registered for. Your data is not used for any other purpose, is not shared across events, and is not used to build any profile beyond the event itself.

AI processing and inference

We use AI to help hosts create better seating plans. This is what that means in practice.

When a host runs AI analysis on their guest list, our system reads the responses each guest has provided and infers attributes that are useful for seating decisions. These may include conversational style (whether someone is likely to be a strong initiator or a quieter participant), how familiar guests are likely to be with each other, and which guests might benefit from being seated near certain others.

These inferences are suggestions only. They are shown to the host as guidance when building their seating plan. The host can override every suggestion, change any placement, and disregard any inference entirely.

Guests do not receive these inferences and they have no direct effect on guests beyond informing the host's seating decisions. This is assistive AI, not automated decision-making with legal or similarly significant effects.

AI processing runs entirely on our own self-hosted infrastructure, not a third-party AI provider. Guest data used for this analysis never leaves systems we control.

Legal bases

We process host data on the basis of contract: it is necessary to provide the service you have signed up for.

We process guest data on the basis of legitimate interests: the event host has a legitimate interest in organising their event effectively, and processing guest-provided information for seating purposes is a reasonable and proportionate way to support that.

Dietary requirements are different. What a guest writes there can reveal health information (an allergy, a medical condition) or religious belief (halal, kosher), which UK GDPR treats as special category data. Legitimate interests isn't a valid basis for that. Instead, we rely on explicit consent: a guest who types their dietary requirements into the form is choosing to give us that information for the stated purpose of catering and seating, and can ask us to delete it at any time by contacting the host or us directly.

Hosts as data controllers

When you use UbiFrui Seating as a host, you are the data controller for your guests' personal information. We act as a data processor on your behalf.

By creating an account, you agree to our Data Processing Agreement, which sets out our obligations when handling guest data on your behalf, including security, confidentiality, sub-processors, and deletion.

As the data controller, you are responsible for having a lawful basis to collect your guests' information and for letting them know how it will be used. The guest registration form tells guests their responses will be used to help build the event seating plan.

Data sharing

We share data only where necessary to run the service:

We do not sell data. We do not share data with advertisers. We do not use data for marketing purposes.

Data retention

You can request deletion of your data or any event at any time by contacting us.

Your rights

Under UK GDPR, you have the right to:

To exercise any of these rights, contact hello@ubifrui.com. We will respond within 30 days.

Cookies

We use one cookie: a session cookie that keeps you logged in. It's strictly necessary for the site to work, so it doesn't require the consent banner other cookies would. We do not use tracking cookies, advertising cookies, or any analytics that follow you across sites.

Security

Passwords are hashed and never stored in plain text. All data is transmitted over HTTPS. Access to production data is restricted and logged. No system is perfectly secure, but we take reasonable and appropriate measures to protect personal data from unauthorised access, disclosure, or loss.

In the event of a data breach that poses a risk to individuals, we will notify the ICO within 72 hours and inform affected users where the risk is significant.

Children

UbiFrui Seating is not intended for use by anyone under 13. If we become aware that we have collected personal data from a child under 13, we will delete it promptly. If you believe this has happened, please contact us.

Changes to this policy

If we make material changes to this policy, we will update the date at the top and notify active users by email where appropriate.

Contact

Ubifrui
hello@ubifrui.com

If you have a complaint about how we handle your data and we have not resolved it to your satisfaction, you have the right to contact the Information Commissioner's Office.