Back
Privacy Policy for Collectic
Last Updated: November 24, 2025
Thank you for using Collectic ("we," "us," or "our"). This Privacy Policy explains how we collect, use, store, and protect your information when you use our AI-powered feedback portal service available at https://collectic.com (the "Service").
By accessing or using Collectic, you agree to the terms of this Privacy Policy. If you do not agree with these practices, please do not use our Service.
1. Information We Collect
1.1 Personal Information
We collect the following personal information:
- Name and Email: Used for account creation, authentication via magic links, workspace management, and communication about your service usage.
- Payment Information: Collected through Stripe to process subscriptions ($5/month base plan and optional $9 custom domain add-on). We do not store credit card information on our servers; all payment data is securely processed and stored by Stripe.
1.2 Workspace and Feedback Data
When you use Collectic, we collect and store:
- Workspace Information: Workspace name, slug, custom domain (if applicable), branding settings (primary color, badge preferences).
- User Feedback and Ideas: Titles, descriptions, and content of ideas submitted through your feedback boards.
- Voting Data: Records of which users voted on which ideas, including voter email addresses.
- Comments: User comments on ideas and feedback.
- Usage Metrics: Vote counts, priority scores, effort estimates, and idea states (backlog, planned, in progress, released).
1.3 AI Processing Data
To provide duplicate detection and priority scoring features, we process your feedback data using:
- OpenAI Services: We send idea titles and descriptions to OpenAI to generate embeddings for similarity matching and duplicate detection. This data is processed in accordance with OpenAI's data usage policies.
1.4 Technical and Analytics Data
We automatically collect:
- Device and Browser Information: IP address, browser type, device type, operating system.
- Usage Data: Pages visited, features used, session duration, interaction patterns.
- Cookies: We use essential cookies for authentication, session management, and functional purposes. We do not use third-party advertising cookies.
2. How We Use Your Information
We use your information to:
- Provide and maintain the Service, including feedback boards, kanban boards, and workspace management.
- Authenticate users via magic link email authentication.
- Process AI-powered duplicate detection and similarity matching.
- Calculate priority scores based on votes, ARR impact, and effort estimates.
- Send transactional emails (magic links, release notifications, changelog updates).
- Process subscription payments and manage billing.
- Provide customer support and respond to inquiries.
- Improve our Service through analytics and user feedback.
- Detect, prevent, and address technical issues, fraud, or security concerns.
3. Data Sharing and Third-Party Services
We share your data with the following trusted third-party services:
3.1 Essential Service Providers
- Stripe: Payment processing for subscriptions. Subject to Stripe's Privacy Policy.
- OpenAI: AI embeddings and processing for duplicate detection. Subject to OpenAI's Privacy Policy and data usage terms.
- Resend (or configured SMTP provider): Email delivery for magic links and notifications.
- MongoDB Atlas: Database hosting for secure data storage.
3.2 Integration Services (Optional)
If you enable integrations, we may share limited data with:
- Slack/Discord: Webhook notifications for new ideas and releases.
- GitHub/Linear: Bidirectional issue syncing.
- Paddle/LemonSqueezy: ARR tracking for priority scoring (if configured).
We do not sell, rent, or trade your personal information to third parties for marketing purposes.
4. Data Retention
We retain your data for as long as:
- Your account remains active.
- Necessary to provide the Service.
- Required to comply with legal obligations, resolve disputes, or enforce agreements.
You may request data deletion by contacting us. Upon deletion, your workspace data, feedback, and personal information will be permanently removed within 30 days, except where retention is required by law.
5. Data Security
We implement industry-standard security measures to protect your data:
- Encryption in transit (HTTPS/TLS) and at rest.
- Secure authentication using JWT tokens and magic links.
- Regular security audits and monitoring.
- Access controls limiting data access to authorized personnel only.
However, no method of transmission over the internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.
6. Your Rights and Choices
Depending on your location, you may have the following rights:
- Access: Request a copy of your personal data.
- Correction: Update or correct inaccurate information.
- Deletion: Request deletion of your personal data (subject to legal retention requirements).
- Data Portability: Export your workspace data, ideas, and votes.
- Opt-Out: Unsubscribe from non-essential emails (transactional emails like magic links remain necessary for service operation).
To exercise these rights, contact us at bartzalewskidev@gmail.com.
7. International Data Transfers
Collectic is operated from the United States. If you access the Service from outside the U.S., your information may be transferred to, stored, and processed in the U.S. or other countries where our service providers operate. We ensure appropriate safeguards are in place for international data transfers.
8. Children's Privacy
Collectic is not intended for children under 13 years of age. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us immediately, and we will delete such information.
9. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or service features. We will notify you of significant changes via email and update the "Last Updated" date at the top of this policy.
10. GDPR Compliance (EU Users)
If you are located in the European Economic Area (EEA), we process your data based on:
- Consent: For optional features and communications.
- Contract Performance: To provide the Service you subscribed to.
- Legitimate Interests: To improve our Service, prevent fraud, and ensure security.
You have additional rights under GDPR, including the right to lodge a complaint with your local data protection authority.
11. Contact Information
For questions, concerns, or requests regarding this Privacy Policy or your data, contact us:
Email: bartzalewskidev@gmail.com
Website: https://collectic.com
For data subject requests (access, deletion, correction), please email us with "Privacy Request" in the subject line.
By using Collectic, you acknowledge that you have read and understood this Privacy Policy.