Collect Sisu

Privacy Policy

Last Updated: April 2, 2026

Introduction

Collect Sisu ("we," "our," or "us") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our party and event rental marketplace platform ("Platform"). By using the Platform, you agree to the practices described in this policy.

1. Information We Collect

1.1 Information You Provide

  • Account Information: Name, email address, password, phone number
  • Profile Information: Profile photo, bio, location
  • Billing Address: Your billing address, stored securely in your account settings as protected data, used for tax calculation purposes
  • Listing Information: Item and service descriptions, photos, pricing, availability, and provider availability preferences (such as blocked dates)
  • Transaction Information: Rental and service history, reviews, ratings
  • Condition Documentation: Photos uploaded during item exchange and return to document item condition
  • Payment Information: Payment methods (processed securely through Stripe)
  • Communications: Messages between users, support inquiries

1.2 Automatically Collected Information

  • Device Information: IP address, browser type, operating system
  • Usage Data: Pages visited, features used, time spent on Platform
  • Location Data: Approximate location based on IP address
  • Error Data: Anonymized error reports collected for platform stability monitoring (see Section 3.2)
  • Cookies: We use cookies to enhance your experience (see Cookie Policy)

1.3 Third-Party Information

  • Identity Verification: Information from identity verification services
  • Social Media: If you connect social media accounts, we receive profile information

1.4 AI-Generated Content

  • AI-Assisted Listing Creation: When you use AI-assisted features to create or improve listings, the text you provide is processed by Google Gemini. No personal data beyond your text input is sent to the AI service.
  • Site Chatbot: Our AI-powered chatbot uses Google Gemini to help answer your questions. Only the content of your chat messages is sent to the AI service — no account details or personal data are included.

2. How We Use Your Information

We use your information to:

  • Provide and maintain the Platform
  • Process transactions and send notifications
  • Calculate applicable taxes using your billing address via Stripe Tax
  • Verify user identity and prevent fraud
  • Store condition documentation photos for dispute resolution and accountability
  • Communicate with you about your account and transactions
  • Send marketing communications (with your consent)
  • Improve and personalize user experience
  • Power AI-assisted features such as listing creation tools and the site chatbot
  • Monitor platform stability and diagnose errors
  • Analyze usage patterns and trends
  • Comply with legal obligations
  • Resolve disputes and enforce our policies

3. How We Share Your Information

3.1 With Other Users

  • Your public profile information is visible to other users
  • Transaction details are shared between renters and item or service providers
  • Reviews and ratings are publicly displayed
  • Condition documentation photos are shared between transaction parties for dispute resolution

3.2 With Service Providers

  • Payment Processing & Tax Calculation: Stripe (for payment processing and Stripe Tax for calculating applicable sales taxes based on your billing address)
  • Hosting: Heroku (for application hosting)
  • Cloud Storage: Google Firebase (for condition photo storage, featured event data, and transaction audit logs)
  • Analytics: Google Analytics (for usage analytics)
  • Error Monitoring: Sentry (for anonymized error tracking at a 20% sample rate to maintain platform stability — no personal data is included in error reports)
  • AI Services: Google Gemini (for AI-assisted listing creation and site chatbot — receives only text input, no personal data)
  • Email: Email service providers (for transactional emails)
  • Maps: Mapbox (for location services)

3.3 For Legal Reasons

  • To comply with legal obligations
  • To protect our rights and safety
  • To investigate fraud or security issues
  • In connection with business transfers

3.4 With Your Consent

  • Other situations where you provide explicit consent

4. Data Security

We implement appropriate technical and organizational measures to protect your data, including:

  • Encryption of data in transit (HTTPS/TLS)
  • Secure password hashing
  • Billing address stored as protected data (not publicly accessible)
  • Regular security assessments
  • Limited access to personal data
  • Secure payment processing through Stripe
  • Anonymized error monitoring (no personal data in error reports)
  • Firebase security rules restricting access to condition photos and audit logs

However, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security.

5. Your Privacy Rights

Depending on your location, you may have the following rights:

5.1 Access and Portability

  • Request a copy of your personal data
  • Receive your data in a portable format

5.2 Correction

  • Update or correct inaccurate information
  • Update your profile and billing address at any time through account settings

5.3 Deletion

  • Request deletion of your account and data
  • Condition documentation photos and audit logs may be retained for a limited period for legal and dispute resolution purposes
  • Some information may be retained for legal purposes

5.4 Objection

  • Object to certain data processing activities
  • Opt out of marketing communications

5.5 Restriction

  • Request limitation of how we use your data

To exercise these rights, contact us at support@collectsisu.com.

6. Data Retention

We retain your personal data for as long as your account is active or as needed to provide services. Specific retention periods include:

  • Account data: Retained while your account is active and for a reasonable period afterward
  • Transaction records: Retained as required by tax and financial regulations
  • Condition documentation photos: Retained in Firebase Storage for the duration of any applicable dispute window, then deleted
  • Audit logs: Retained in Firebase for compliance and dispute resolution purposes
  • Error monitoring data: Automatically expired per Sentry's retention schedule (anonymized)

We may retain certain information after account deletion for:

  • Legal compliance
  • Tax record requirements
  • Fraud prevention
  • Resolving disputes
  • Enforcing our agreements

7. Age Requirement

The Platform is intended for users who are 18 years of age or older. You must be at least 18 to create an account, list items or services, or make bookings on the Platform. We do not knowingly collect personal data from anyone under the age of 18. If we learn that we have collected personal data from a person under 18, we will take steps to delete that information promptly. If you believe someone under 18 has provided us with personal data, please contact us immediately at support@collectsisu.com.

8. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence, including the United States. We ensure appropriate safeguards are in place for such transfers, including reliance on standard contractual clauses where applicable.

9. Cookies and Tracking

We use cookies and similar tracking technologies to:

  • Remember your preferences
  • Understand how you use the Platform
  • Improve Platform functionality
  • Deliver relevant advertising

You can control cookies through your browser settings. Disabling cookies may affect Platform functionality.

10. Third-Party Links

The Platform may contain links to third-party websites. We are not responsible for the privacy practices of these websites. Please review their privacy policies before providing them with any personal information.

11. California Privacy Rights (CCPA)

California residents have additional rights under the California Consumer Privacy Act:

  • Right to Know: What personal information is collected, used, and shared
  • Right to Delete: Request deletion of your personal information
  • Right to Opt-Out: Opt out of the sale of personal information
  • Right to Non-Discrimination: Equal service and pricing regardless of exercising CCPA rights

We do not sell your personal information. To submit a CCPA request, contact us at support@collectsisu.com.

12. European Privacy Rights (GDPR)

If you are located in the European Economic Area, you have additional rights under the General Data Protection Regulation:

  • Right to access your personal data
  • Right to rectification
  • Right to erasure ("right to be forgotten")
  • Right to restrict processing
  • Right to data portability
  • Right to object to processing
  • Right to lodge a complaint with a supervisory authority

Our lawful basis for processing your data includes:

  • Performance of a contract: Providing Platform services, processing transactions, calculating taxes
  • Legitimate interests: Improving services, fraud prevention, platform stability monitoring
  • Consent: Marketing communications, AI-assisted features
  • Legal obligations: Compliance with tax, financial, and other applicable laws

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by:

  • Posting the updated policy on the Platform
  • Sending an email to your registered email address
  • Displaying a notice on the Platform

The "Last Updated" date at the top of this policy indicates when it was last revised. Continued use after changes constitutes acceptance of the updated policy.

14. Contact Us

For questions, concerns, or requests regarding this Privacy Policy:

Email: support@collectsisu.com Mail: Collect Sisu Privacy Team Website: https://collectsisu.com/privacy-policy

For data protection inquiries (EU/EEA residents): Data Protection Officer: support@collectsisu.com