← Back to Collect

Privacy Policy

Last updated: March 9, 2026

1. Introduction

Collect ("we," "our," or "us") operates the website at usecollect.co and the Collect platform. This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you use our service.

2. Information We Collect

Account Information: When you create an account, we collect your name, email address, business name, and address. If you sign in with Google, we receive your name, email, and profile picture from Google.

Invoice & Client Data: You provide invoice details (amounts, dates, descriptions) and client information (name, email, company) to use our dispute resolution service. This data is stored encrypted at rest.

Payment Information: Payments are processed by Stripe. We do not store your credit card number. Stripe's privacy policy governs payment data handling.

Integration Data: If you connect accounting platforms (FreshBooks, QuickBooks, Xero, Wave), we store encrypted OAuth tokens and sync invoice data from those platforms. We only request read access to invoices and customers.

Usage Data: We collect anonymous analytics data including pages visited, feature usage, and device information to improve our service.

3. How We Use Your Information

  • To provide and operate the Collect platform, including sending escalation emails on your behalf
  • To sync invoices from connected accounting platforms
  • To process payments via Stripe
  • To generate demand letters and small claims court documents using information you provide
  • To send you service notifications (dispute updates, sync results, payment confirmations)
  • To improve our service through anonymized usage analytics

4. Emails Sent on Your Behalf

When you activate a dispute, Collect sends escalation emails to your client on your behalf. These emails are sent from our platform email address or your configured SMTP credentials. You are responsible for the accuracy of information included in these emails.

5. Data Security

We use industry-standard security measures to protect your data, including AES-256-GCM encryption for sensitive credentials (OAuth tokens, SMTP passwords), encrypted database connections, and secure HTTPS transport for all communications.

6. Data Sharing

We do not sell your personal information. We share data only with:

  • Stripe — for payment processing
  • Resend — for transactional email delivery
  • Google Analytics — for anonymized usage analytics
  • Connected accounting platforms — only the data necessary for OAuth authentication (we read from these platforms; we do not write to them)

7. Data Retention & Deletion

Your data is retained as long as your account is active. You can delete your account at any time from Settings, which will permanently remove all your personal data, invoices, clients, disputes, and integration tokens. Deleted data cannot be recovered.

8. Cookies

We use essential cookies for authentication (session management) and optional analytics cookies via Google Analytics. No advertising cookies are used.

9. Your Rights

You have the right to:

  • Access all personal data we store about you
  • Export your data
  • Correct inaccurate information
  • Delete your account and all associated data
  • Disconnect any connected accounting integrations at any time

10. Children's Privacy

Collect is not intended for use by anyone under the age of 18. We do not knowingly collect personal information from children.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via email or an in-app notification. Continued use of the service after changes constitutes acceptance of the updated policy.

12. Contact

If you have questions about this Privacy Policy, contact us at support@usecollect.co.