GDPR Compliant

    Privacy Policy

    Your privacy matters. Here's how we protect your information.

    Last updated:

    1. Introduction

    Collecty ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your personal information when you use our website and services. We are fully compliant with the General Data Protection Regulation (GDPR) and hold ISO 27001 certification for information security management.

    2. Information We Collect

    We collect information only when you voluntarily provide it:

    • Contact Form Submissions: Name, email address, company name, phone number, and message content when you reach out to us.
    • Case Information: Details about outstanding invoices and debtor information when you engage our services.
    • Communication Records: Emails and chat transcripts from our support interactions.

    3. How We Use Your Information

    We use your information solely for legitimate business purposes:

    • To respond to your enquiries and provide requested services
    • To process and manage debt recovery cases
    • To communicate case updates and important information
    • To comply with legal obligations and regulatory requirements

    4. Data Protection & Security

    We implement robust security measures to protect your data:

    ISO 27001 Certified

    Internationally recognized information security management standards.

    Encrypted Communications

    All data transmitted via TLS/SSL encryption.

    Access Controls

    Strict role-based access to sensitive information.

    Regular Audits

    Continuous security assessments and penetration testing.

    5. Data Retention

    We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by law. Contact form submissions are retained for 2 years. Case-related data is retained for 7 years following case closure to comply with financial regulations. Upon request, we can delete your data earlier unless legal obligations require retention.

    6. Your Rights Under GDPR

    You have the following rights regarding your personal data:

    • Right of Access: Request a copy of the personal data we hold about you.
    • Right to Rectification: Request correction of inaccurate or incomplete data.
    • Right to Erasure: Request deletion of your personal data ("right to be forgotten").
    • Right to Portability: Receive your data in a structured, machine-readable format.
    • Right to Object: Object to processing based on legitimate interests.

    7. Third-Party Services

    We may use third-party services to support our operations, such as live chat support (Tawk.to). These services process data according to their own privacy policies and are selected for their compliance with data protection regulations. We do not sell or share your personal information with third parties for marketing purposes.

    8. International Data Transfers

    Given our global operations across 160+ countries, your data may be transferred internationally. We ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) and adequacy decisions, to protect your data during any international transfers.

    Privacy Enquiries

    For any questions about this policy or to exercise your rights, contact our Data Protection Officer.