GuestRoll
Log In Get Started
Introductory price — just £19.99 per event. Limited time only.

Legal

Privacy & Cookie Policy

Last updated: 10 March 2026  ·  Effective: 10 March 2026

GuestRoll is committed to protecting your personal data. This policy explains what information we collect, why we collect it, how we use it, and your rights under UK GDPR. It also covers how we use cookies on this website.

1. Who We Are

GuestRoll is operated by MJF Digital Ltd, a company registered in England and Wales. References to "GuestRoll", "we", "us" or "our" in this policy refer to MJF Digital Ltd.

We are the data controller for personal data collected through this website and the GuestRoll platform. If you have any questions about this policy or how we handle your data, please contact us at hello@guestroll.app.

2. Data We Collect

We collect the following categories of personal data:

  • Account information — your name and email address when you register for GuestRoll. If you sign in with Google, we receive your name, email address, and profile picture from Google as part of the authentication process.
  • Event details — information you provide when creating an event, such as the event name and date.
  • Photos — images uploaded to your event by you or your guests. Guest uploads are anonymous unless a guest chooses to provide their name.
  • Payment information — when you purchase a GuestRoll event, your payment is processed securely by Stripe. We do not store your card number, expiry date, or CVV — only a record of the transaction (amount, date, and Stripe transaction ID).
  • Usage data — anonymised analytics data about how visitors use our website, collected via Google Analytics (see Section 6).

We do not collect any special category data (such as health information, ethnicity, or biometric data).

3. How We Use Your Data

We use your personal data for the following purposes:

  • To create and manage your GuestRoll account.
  • To provide the GuestRoll service — hosting your event and making your photo gallery available.
  • To process your payment and send you a receipt.
  • To send you important service-related communications, such as account confirmations and support responses.
  • To improve our website and service using anonymised analytics data.

We do not sell your personal data to third parties. We do not use your data for automated decision-making or profiling.

4. Legal Basis for Processing

Under UK GDPR, we rely on the following legal bases:

  • Contract — processing your account and payment data is necessary to provide the service you have purchased.
  • Legitimate interests — we use anonymised analytics data to understand how our website is used and to improve it. This does not override your rights and freedoms.
  • Consent — we only set analytics cookies with your consent. You may withdraw consent at any time via the Cookie Preferences link in our website footer.

5. Data Storage and Security

All GuestRoll data is stored on servers located in the United Kingdom, hosted on Amazon Web Services (AWS) in the London region (eu-west-1). We do not transfer your personal data outside the UK or EEA.

We take reasonable technical and organisational measures to protect your data against unauthorised access, loss, or disclosure. These include encrypted connections (HTTPS), access controls, and secure credential storage.

6. Cookies

This website uses cookies. A cookie is a small text file stored on your device when you visit a website. We use the following cookies:

  • Google Analytics (GA4) — we use Google Analytics to collect anonymised information about how visitors use our website (pages visited, time on site, general location). This helps us improve GuestRoll. GA4 cookies are only set with your consent. You can accept or decline cookies when you first visit the site, and change your preference at any time using the Cookie Preferences link in the footer.
  • Cookie consent preference — we store your cookie preference (accepted or declined) in your browser's local storage so we do not ask again on future visits. This does not track you.

You can also control cookies through your browser settings. Note that disabling all cookies may affect the functionality of some websites.

For more information on how Google uses data collected via Analytics, see Google's Privacy Policy.

7. Third-Party Services

We use the following third-party services to operate GuestRoll:

  • Stripe — payment processing. Stripe is PCI-DSS compliant and handles all card data on your behalf. See Stripe's Privacy Policy.
  • Amazon Web Services (AWS) — cloud hosting and file storage for photos and event data, in the UK (London) region.
  • Google Analytics — website analytics, with your consent. Data is anonymised and does not personally identify you.
  • Google Sign-In — if you choose to sign in with Google, your authentication is handled by Google. We receive your name, email address, and profile picture from Google solely to create and identify your account. See Google's Privacy Policy.

Each of these providers acts as a data processor on our behalf and is contractually obligated to handle your data securely and in accordance with UK GDPR.

8. Data Retention

We retain your personal data for as long as your account is active or as needed to provide the service. Specifically:

  • Account data (name, email) — retained while your account is active. Deleted within 30 days of account closure.
  • Event photos — retained for the duration specified at the time of your event purchase. You may delete your event and all associated photos at any time from your dashboard.
  • Payment records — retained for 7 years in accordance with UK financial record-keeping requirements.
  • Analytics data — anonymised and retained by Google Analytics per their standard data retention settings.

9. Your Rights

Under UK GDPR, you have the following rights regarding your personal data:

  • Right of access — you can request a copy of the personal data we hold about you.
  • Right to rectification — you can ask us to correct inaccurate or incomplete data.
  • Right to erasure — you can ask us to delete your personal data, subject to legal obligations.
  • Right to restrict processing — you can ask us to limit how we use your data in certain circumstances.
  • Right to data portability — you can request your data in a structured, machine-readable format.
  • Right to object — you can object to processing based on legitimate interests.
  • Right to withdraw consent — where processing is based on consent (e.g. analytics cookies), you can withdraw it at any time without affecting the lawfulness of prior processing.

To exercise any of these rights, please contact us at hello@guestroll.app. We will respond within 30 days. If you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner's Office (ICO).

10. Changes to This Policy

We may update this policy from time to time. When we do, we will update the "Last updated" date at the top of this page. If changes are significant, we will notify you by email or via a notice on our website. Your continued use of GuestRoll after changes are posted constitutes acceptance of the updated policy.

11. Contact

If you have any questions, concerns, or requests regarding this policy or your personal data, please contact us:

MJF Digital Ltd (GuestRoll)
Email: hello@guestroll.app

We use cookies to understand how visitors use our site. This helps us improve GuestRoll for everyone. Learn more.