Privacy Policy

1. Introduction

Kollaber, Inc. ("Kollaber", "we", "our", or "us") operates the Kollaber platform, a shared timeline and collaboration tool for infrastructure teams. This Privacy Policy explains how we collect, use, share, and protect information about you when you use our website and services (collectively, the "Service"). By using the Service you agree to the practices described here.

2. Information We Collect

• Account information: When you register, we collect your email address, name, and password (stored as a salted hash). Organization and team details you provide during onboarding are also stored.
• Usage and event data: We collect infrastructure events you submit — deploys, alerts, and notes — along with associated metadata (service name, environment, version, timestamps). This is the core data the Service is built to store.
• Log and technical data: We automatically collect IP addresses, browser type, device identifiers, and pages visited for security, debugging, and analytics purposes.
• Communications: If you contact us by email or in-app, we retain those communications to resolve your request.
• Payment information: Billing details are handled by Stripe. We do not store your full card number or CVV — only Stripe's tokenized reference.

3. How We Use Your Information

We use the information we collect to: (a) provide, maintain, and improve the Service; (b) authenticate you and protect account security; (c) process payments and send billing receipts; (d) send transactional and product update emails; (e) respond to your support requests; (f) detect abuse, fraud, and security incidents; (g) comply with legal obligations. We do not sell your personal information or use it for advertising.

4. Data Sharing

We share your information only with: (a) service providers who help us operate the Service (e.g., cloud infrastructure, email delivery, payment processing) under strict data processing agreements; (b) other members of your Kollaber organization, to the extent you have shared data with them within the platform; (c) law enforcement or government authorities when required by applicable law or valid legal process; (d) a successor entity in connection with a merger, acquisition, or sale of assets, with advance notice to you. We do not share your data with third parties for their independent marketing purposes.

5. Data Retention

We retain your account data for as long as your account is active. Event data is retained according to your plan's history limits (30 days on Free, unlimited on Team/Pro/Enterprise). When you delete your account, we delete your personal data within 30 days, except where we are legally required to retain it. Anonymized, aggregated data may be retained indefinitely for analytics.

6. Data Security

We implement industry-standard security measures including TLS encryption in transit, AES-256 encryption at rest, access controls, and regular security reviews. However, no method of transmission over the Internet is 100% secure. We will notify you and relevant authorities of a data breach as required by applicable law.

7. Cookies and Tracking

We use strictly necessary cookies to maintain your authenticated session. We do not use third-party advertising or behavioral tracking cookies. We may use a minimal analytics tool to understand aggregate usage patterns; such data is not linked to identifiable individuals. You can disable cookies in your browser settings, though this may break authentication.

8. Your Rights

Depending on your location, you may have the right to: access a copy of the personal data we hold about you; correct inaccurate data; request deletion of your data; restrict or object to certain processing; and receive your data in a portable format. To exercise these rights, email privacy@kollaber.io. We will respond within 30 days. Residents of the European Economic Area, United Kingdom, and California have additional rights under GDPR, UK GDPR, and the CCPA respectively; please contact us for details.

9. Children's Privacy

The Service is not directed to individuals under the age of 16. We do not knowingly collect personal information from children. If you believe we have inadvertently collected such information, please contact us immediately and we will delete it.

10. International Transfers

Kollaber is headquartered in the United States. If you access the Service from outside the US, your information may be transferred to and processed in the US or other countries where our service providers operate. We rely on standard contractual clauses and other approved transfer mechanisms to protect data transferred out of the EEA or UK.

11. Third-Party Links

The Service may contain links to third-party websites or integrations. This Privacy Policy does not apply to those third-party services, and we are not responsible for their privacy practices. We encourage you to review their privacy policies.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or a prominent notice in the Service at least 14 days before the change takes effect. The "Effective date" at the top of this page will always reflect the date of the latest revision.

13. Contact Us

For privacy-related questions, requests, or concerns, contact our privacy team at privacy@kollaber.io or by mail at: Kollaber Inc., 2093 Philadelphia Pike #7418, Claymont, DE 19703, United States.