Privacy Policy

Last updated: May 14, 2026 · Effective: May 14, 2026

Collab.Code ("we", "our", "us") operates collabcode.dev. This Privacy Policy explains what information we collect, how we use it, and the choices you have. We've tried to write it plainly — if something is unclear, email us at privacy@collabcode.dev.

1. Information we collect

Account information: When you register, we collect your email address, username, and a hashed password. We never store your plaintext password.

Usage data: We collect information about how you use the service — pages visited, features used, session duration, and error events. This is used to improve the product.

Code content: Code you write in rooms is stored temporarily to enable real-time collaboration. Snapshots you explicitly save are stored persistently until you delete them.

Payment information: Payments are processed by Wise. We store only the transaction reference, amount, and payment status. We never see or store your full card or bank details.

AI interactions: Code you send for AI review or generation is forwarded to Anthropic's API. It is not used to train AI models. See Anthropic's privacy policy for their data handling.

Technical data: IP address, browser type, operating system, and referring URL — collected for security and analytics.

2. How we use your data

• ·To provide and operate the Collab.Code service
• ·To authenticate your account and prevent unauthorised access
• ·To process your monthly subscription payment and send receipts
• ·To send you product updates, incident notifications, and responses to your support requests
• ·To improve the product through aggregate, anonymised analytics
• ·To detect and prevent fraud, abuse, and security threats

We do not sell your personal data. We do not use your code for advertising. We do not share your data with third parties except as described in section 3.

3. Data sharing

We share data with a small number of sub-processors necessary to operate the service. See our full sub-processor list. We require each sub-processor to maintain appropriate security standards and process data only on our instructions.

We will disclose data to law enforcement only when required by a valid legal order and where legally permissible will notify you before disclosure.

4. Data retention

• ·Account data: retained until you delete your account
• ·Room code: retained until you delete the room or your account
• ·Transient session data (WebSocket messages, CRDT deltas): not persisted beyond the active session
• ·Payment records: retained for 7 years (legal requirement)
• ·Log data: retained for 90 days

5. Your rights

Depending on your location, you may have the following rights:

• ·Access: Request a copy of your personal data
• ·Correction: Ask us to correct inaccurate data
• ·Deletion: Request deletion of your account and associated data
• ·Portability: Receive your data in a machine-readable format
• ·Objection: Object to certain processing activities
• ·Withdraw consent: Where processing is based on consent, withdraw it at any time

To exercise any right, email privacy@collabcode.dev. We respond within 30 days.

6. Cookies

We use strictly necessary cookies for authentication (session JWT). We do not use advertising cookies or third-party tracking cookies. We use Plausible Analytics (cookie-free, GDPR-compliant) for aggregate usage statistics.

7. Security

We use industry-standard security measures including TLS 1.3 in transit, AES-256-GCM at rest, and regular penetration testing. See our Security page for full details.

8. Children

Collab.Code is not directed at children under 13. We do not knowingly collect personal data from children under 13. If you believe a child under 13 has provided us data, contact us and we will delete it.

9. Changes to this policy

We may update this policy. Material changes will be communicated by email or prominent notice in the app at least 30 days before taking effect. Continued use after that date constitutes acceptance.

10. Contact

Questions or complaints: privacy@collabcode.dev · Collab.Code Ltd · London, UK

EU residents may also contact their national data protection authority.