Collectra helps businesses recover outstanding payments with transparent customer communication and secure payment links. This policy explains what data we collect, how we use it, and the choices you have.
- Account data: name, email, company workspace details.
- Customer & transactional data: debts, invoices, payment attempts, statuses.
- Communication data: emails and support messages.
- Usage & analytics: logs, performance metrics, and aggregated usage data.
We use data to operate the service, process payments, send collection emails, provide support, and improve product features. We do not sell personal data.
We use cookies for authentication (HTTP-only), session management, and analytics. Authentication cookies are required to access your workspace and are not readable by JavaScript. Below is a summary of cookies used by Collectra.
| Name | Purpose | Retention |
|---|---|---|
| access_token | HTTP-only auth token for API requests | Short-lived (session) |
| refresh_token | Long-lived token to refresh sessions | 30 days |
| _collectra_session | UI preferences and non-sensitive flags | 1 year |
We retain account and transactional data as required to provide the service and to meet legal obligations. You can request deletion of your account and associated data by contacting us; some data necessary for accounting or legal reasons may be retained as required by law.
We use third-party providers for hosting, email delivery, analytics, and payment processing (for example, Supabase, Stripe, Brevo). These providers have their own privacy practices — we ensure contracts require appropriate data protection.
- Access and portability of your personal information.
- Correction of inaccurate information.
- Request deletion of your account (subject to legal retention requirements).
To exercise your rights, email privacy@collectra.xyz.
We use administrative, technical, and physical safeguards to protect data. We regularly review our practices and maintain access controls for production systems.