Collective Privacy Policy

We collect information in three ways: information you give us directly, information we receive from services you connect to Collective, and information collected automatically when you use the Service.

Information you give us

When you create an account, set up an organization, or contact us, we collect information you choose to provide, which may include:

• Your name, email address, and phone number
• Your organization’s name, address, mission description, and tax-exempt status (for nonprofit organizations)
• Profile photos and other images you upload
• Posts, captions, comments, and other content you publish on Collective
• Payment information (handled directly by our payment processor, Stripe — we do not store full card numbers)
• Any other information you choose to provide in support requests, surveys, or community submissions

Information from connected services

Collective lets nonprofits connect third-party services to streamline their operations. When you connect a service, that provider sends us information based on the permissions you authorize. We collect only what we need to deliver the integration.

Instagram data

If your organization connects an Instagram Business or Creator account, we request a single permission (instagram_business_basic) and use it to read the following fields from Meta's Instagram Graph API:

• Profile fields: id, username, account_type, name, biography, profile_picture_url, website, media_count, followers_count
• Media fields (per post): id, caption, media_type, media_url, thumbnail_url, timestamp, permalink, like_count, comments_count
• Engagement fields, refreshed periodically: like_count, comments_count

We also store the long-lived Instagram access token your organization issues during the OAuth flow, encrypted at rest in our database, and refresh it before expiry. The integration is read-only: we do not publish, comment, message, follow, or otherwise modify any data on your Instagram account. You can disconnect at any time (see Section VI).

Other connected services

You may also connect Stripe (for payments and donor records), email providers, and other integrations from time to time. The data we receive is described in the authorization screen presented when you connect each service. We treat that data with the same protections described in this Policy.

Information collected automatically

When you visit Collective, our servers and our hosting provider automatically collect standard log information, including:

• IP address and approximate location derived from it
• Browser type and version, operating system, and device type
• Referring URL, pages visited, and time spent
• Cookies and similar technologies (see our Cookie disclosure below)

We use this information to operate the Service, prevent fraud and abuse, and improve the product. We do not use it to build advertising profiles about you.

Cookies

We use a small number of cookies and similar technologies to keep you signed in, remember your preferences (such as theme and last-used organization), and measure aggregate usage. You can disable non-essential cookies in your browser settings; essential cookies are required for sign-in.

We use the information we collect to:

• Provide, maintain, and improve the Service
• Authenticate you and protect your account
• Display your organization’s page, posts, programs, and contact information to your supporters
• Process donations, subscriptions, and other transactions through Stripe
• Send transactional messages (sign-in codes, receipts, donation confirmations, account notices)
• Send opt-in product updates and announcements that you can unsubscribe from at any time
• Detect and prevent fraud, abuse, security incidents, and violations of our Terms of Service
• Comply with legal obligations and enforce our agreements

How we use Instagram data specifically

• Display your organization’s connected Instagram profile (username, profile picture, follower count) on its Collective page so supporters can confirm they are following the right organization.
• Import your historical and ongoing Instagram posts into your Collective community feed, so you don’t have to repost the same content in two places.
• Refresh aggregate engagement counts (likes and comments) on imported posts to keep your feed accurate.
• Optionally surface new posts to your members or the public, based on the audience setting you choose for each synced post.

We do not use Instagram data for advertising, profiling, training machine learning models, or any purpose unrelated to running the Collective experience your organization opted into.

We do not sell your personal information, and we do not share Instagram data with third parties for their own purposes. We share information only in the limited circumstances described below.

Sub-processors

We rely on a small number of vetted vendors to operate the Service. They are contractually bound to handle your information only on our instructions, with security and confidentiality obligations equivalent to ours.

• Google Cloud / Firebase: primary cloud infrastructure for authentication, database (Firestore), file storage, and serverless functions.
• Vercel: web hosting and content delivery for getcollective.org.
• Stripe: payment processing for donations and subscriptions. Card details are submitted directly to Stripe; Collective does not see or store full card numbers.
• SendGrid / Resend: transactional and announcement email delivery.
• Sentry: application error monitoring (we strip personally identifying fields from error reports).
• Datadog / Google Cloud Logging: aggregated server logs and performance monitoring.

Public content

Posts, programs, public profile information, and other content your organization publishes on its Collective page are visible to anyone with the link, including search engines, unless you have configured them as members-only. Imported Instagram posts respect the audience setting you choose at sync time (everyone or members only).

Legal requirements

We may disclose information when required to do so by law, subpoena, or court order, or when we believe in good faith that disclosure is necessary to protect the rights, property, or safety of Collective, our users, or the public. We will challenge overbroad requests where reasonable and notify affected users where permitted.

Business transfers

If Collective is involved in a merger, acquisition, financing, or sale of assets, your information may be transferred as part of that transaction. We will notify you before your information becomes subject to a different privacy policy.

Aggregated and de-identified data

We may share aggregated or de-identified information that cannot reasonably be used to identify you. For example, total donation volume across the platform, or the number of organizations using a particular feature.

We take reasonable and appropriate measures to protect personal information, including:

• Encryption in transit (TLS) for all traffic to and from the Service
• Encryption at rest for our primary databases and storage buckets
• Principle-of-least-privilege Firestore security rules that prevent users from reading or modifying records that don’t belong to their organization
• HMAC-SHA256 signature verification on Meta deauthorization and webhook callbacks
• Restricted, audited access to production systems
• Regular dependency updates and security review of new integrations

No system is perfectly secure. If we discover a security incident that affects your information, we will notify you in accordance with applicable law.

Collective pages may contain links to third-party websites or services. We are not responsible for the privacy practices of those third parties. We encourage you to review their privacy policies before sharing personal information with them.

You can review and update most of your information at any time by signing in to Collective. To request a full export, correction, or deletion of your data, email team@getcollective.io from the email address associated with your account. We will respond within 30 days and may verify your identity before acting on the request.

Disconnecting Instagram

You can revoke Collective's access to your Instagram account in three ways:

1. From inside Collective: open Settings → Social Media → Disconnect Instagram. Your access token, Instagram profile fields, and any synced posts are cleared from your organization's record within minutes.
2. From Instagram: visit instagram.com → Settings → Apps and Websites and remove Collective from the Active list. Meta will send a signed deauthorization request to our endpoint at https://us-central1-collective-rp8rwq.cloudfunctions.net/instagramDataDeletion, which clears tokens and disables sync within 30 days and returns a confirmation URL.
3. By email: if either of the above is unavailable, email team@getcollective.io and we will process your request within 30 days.

Marketing communications

You can opt out of product announcements and other non-transactional emails at any time by clicking the unsubscribe link in the footer of those messages, or by emailing team@getcollective.io with the subject line “UNSUBSCRIBE.” Transactional messages (sign-in codes, receipts, account notices) are required for the operation of the Service and cannot be opted out of while your account is active.

Account deletion

You may delete your Collective account at any time from your account settings or by emailing team@getcollective.io. On deletion, we remove personal information associated with your account within 30 days, except where retention is required by law (for example, donation records required for tax reporting) or necessary to resolve disputes and enforce our agreements.

Collective is not directed at children under 13, and we do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided personal information to Collective, please contact us at team@getcollective.io and we will delete it.

California residents (CCPA / CPRA)

If you are a California resident, you have the right to (i) know what personal information we collect, use, and share about you; (ii) request deletion of your personal information; (iii) correct inaccurate personal information; (iv) opt out of the “sale” or “sharing” of your personal information for cross-context behavioral advertising; and (v) limit the use of sensitive personal information. Collective does not sell or share personal information for cross-context behavioral advertising as those terms are defined under the CCPA/CPRA.

To exercise any of these rights, email team@getcollective.io from the email address associated with your account. We will not discriminate against you for exercising your rights.

Nevada residents

Nevada residents may direct us not to sell their personal information. We do not currently sell personal information.

Colorado, Texas, and Virginia residents

Residents of these states have the right to access, correct, delete, and obtain a copy of their personal information, and to opt out of targeted advertising and the sale of personal information. We do not currently engage in either practice. To exercise these rights, email team@getcollective.io.

Connecticut, Florida, Montana, Oregon, and Utah residents

Residents of these states have rights similar to those described for Colorado, Texas, and Virginia residents above. To exercise these rights, email team@getcollective.io.

Collective is operated from the United States. If you access the Service from outside the United States, you understand that your information will be transferred to, stored, and processed in the United States, where data protection laws may differ from those in your country.

For users in the European Economic Area, the United Kingdom, or Switzerland, our legal bases for processing personal information are (a) performance of our contract with you, (b) our legitimate interests in operating and improving the Service, (c) compliance with legal obligations, and (d) where applicable, your consent. You have the right to access, rectify, erase, restrict, or object to processing of your personal information, and to data portability. To exercise these rights, contact team@getcollective.io. You also have the right to lodge a complaint with your local supervisory authority.

We may update this Privacy Policy from time to time. When we do, we will update the “Last updated” date at the bottom of this page and, for material changes, notify account holders by email or through the Service before the change takes effect. Your continued use of the Service after the updated Policy is posted constitutes acceptance of the updated Policy.

If you have questions about this Privacy Policy or our data practices:

• Email: team@getcollective.io
• Mailing address: Collective Social Corp, 1510 W Knox St, Durham, NC 27705