Collectorlog
Back homeSign inStart free
Version 1.0

Collectorlog Privacy Policy

This Privacy Policy ("Policy") explains how Collectorlog ("Collectorlog", "we", "us", or "our") collects, uses, discloses, stores, and protects personal information in connection with the Collectorlog application, website, API, public share pages, and related communications (collectively, the "Service"). By creating an account or otherwise using the Service, you acknowledge that you have read and understood this Policy.

Version

1.0

Effective Date

17 April 2026

Last Updated

17 April 2026

For any privacy-related inquiries, please contact us at [email protected].

1. Scope of This Policy

1.1 This Policy applies exclusively to the Service operated by Collectorlog.

1.2 This Policy does not apply to:

  • the \collectorfigures.com\ storefront, which is governed by its own separate privacy policy;
  • the Collector Figures Discourse community, which is governed by its own separate policy and community rules; and
  • any third-party website, application, or service linked to or referenced from the Service.

1.3 We recommend that you review the privacy policies of those separate platforms before providing personal information to them.

2. Who We Are and Acceptance

2.1 Collectorlog is a privately-operated software service for the management of personal collectible records. The legal operator ("Operator") is [待填写 / To Be Completed], with its registered address at [待填写 / To Be Completed].

2.2 If you do not agree with any part of this Policy, you must discontinue use of the Service and, where applicable, request account deletion pursuant to Section 10.

3. Information We Collect

We collect only information reasonably necessary to provide, secure, and improve the Service. Categories collected are listed below.

3.1 Account Identity Information

  • Email address (required, unique)
  • Username (required, unique)
  • Password (stored only as a \bcrypt\ one-way hash; we never retain the plain-text value)
  • Display name (optional, used on share pages if enabled)
  • Avatar image URL (optional)
  • Email verification tokens and password reset tokens (temporary, time-limited)
  • Preferred UI language and notification language

3.2 Collector Figures Ecosystem Linkage

  • WordPress user ID issued by the Collector Figures single sign-on ("CFS SSO") provider
  • CFS account binding status and binding timestamp
  • CFS storefront email address (used to reconcile WooCommerce orders)
  • CFS loyalty tier (e.g., MASTER, SOVEREIGN)
  • Crystal loyalty-point balance (integer, read-only mirror of the CFS record)
  • Wishlist synchronization status

3.3 Subscription and Payment Information

  • Subscription tier (FREE, PLUS, PRO, or MAX) and billing cycle
  • Activation code redemption history
  • WooCommerce order identifier and webhook payload metadata (we do not store raw payment card data; card data is processed by the payment processor used by \collectorfigures.com\)
  • Payment method type (USD, Crystal, or Admin Assigned)

3.4 Collection Data

  • Item metadata you input: name, manufacturer, IP / licence, character, specifications, purchase channel, seller name, order number, tracking number, estimated arrival date, storage location, condition grade, and related notes
  • Financial fields you input: deposit, balance, shipping, tax, other fees, currency snapshot at the time of entry, locked foreign-exchange rates, total cost of ownership (computed in USD), asked price, sold price, and platform fees
  • Photographs uploaded by you (stored in Cloudflare R2)
  • Status history, condition-check history, and timestamps of state transitions

3.5 Behavioural and Preference Data

  • Notification preferences (JSON)
  • Wishlist click timestamps on outbound CFS links (used for channel analytics)
  • Badge unlock events and achievement progress
  • AI feature usage logs (for MAX subscribers: description generator, pricing suggestions, valuation analysis, regret prediction)
  • Referral code, referral click attributes (including UTM parameters), referral relationship records

3.6 Technical and Log Data

  • IP address, user-agent string, device locale, and access timestamps
  • Error traces and performance metrics collected by Sentry
  • Rate-limiting counters (per IP and per account)
  • Application logs and webhook receipt logs

4. Purposes and Legal Bases for Processing

We process your personal information on the following bases:

PurposeLegal Basis
Creating and maintaining your account, providing Service featuresPerformance of a contract between you and us
Sending transactional emails (verification, password reset, payment reminders)Performance of a contract
Sending optional marketing or product-announcement emailsYour consent (which you may withdraw at any time)
Fraud prevention, abuse detection, and securityOur legitimate interests
Product improvement, aggregated analytics, and feature planningOur legitimate interests
Complying with tax, anti-money-laundering, accounting, or other legal obligationsCompliance with a legal obligation
Defending, establishing, or exercising legal claimsOur legitimate interests

5. Third-Party Sub-Processors and Recipients

To provide the Service, we engage the following sub-processors. We require each sub-processor to provide adequate technical and organisational safeguards. You acknowledge that using the Service necessarily involves sharing data with these providers.

Sub-processorPurposeData Categories TransferredLocation
WordPress (CFS SSO)Single sign-on, account synchronisationAccount identifiers, session tokensOperator-controlled infrastructure
WooCommerce (\collectorfigures.com\)Subscription order processing, webhook deliveryEmail, subscription plan, order identifierOperator-controlled infrastructure
Discourse (\community.collectorfigures.com\)"Want to Sell" listing publication (only when you initiate it)Item title, item photos, asked price, usernameOperator-controlled infrastructure
Cloudflare R2Object storage for uploaded photographsImage files, object keysGlobal Cloudflare edge network
Cloudflare (network)CDN, DDoS protection, TLS terminationIP address, request metadataGlobal Cloudflare edge network
SentryError and performance monitoringError traces, user agent, IP, limited request contextUnited States
OpenAIAI features for MAX subscribers onlyText prompts containing item metadata you submitUnited States
SMTP email providerDelivery of transactional and preference-based emailsEmail address, message contentProvider's operating region
Bull + Redis (self-hosted)Asynchronous job queue for remindersJob payloads containing user IDs and reminder metadataOperator-controlled infrastructure

We reserve the right to add, replace, or remove sub-processors as operationally necessary. Material changes that expand the scope of data sharing will be notified pursuant to Section 13.

6. International Data Transfers

6.1 Because certain sub-processors (including OpenAI and Sentry) operate in the United States, and because Cloudflare services utilise a global edge network, your personal information may be transferred to, stored in, and processed in jurisdictions other than your own, including jurisdictions whose data-protection laws differ from those of your country of residence.

6.2 We rely on reasonable commercial measures to protect such transfers, including transport-layer encryption, contractual obligations imposed on sub-processors, and access-control measures. We do not warrant or guarantee any specific encryption strength, cryptographic standard, or data-residency outcome, and you accept the inherent risks associated with cross-border electronic communication.

7. Cookies and Similar Technologies

7.1 Strictly necessary cookies: session cookies, CSRF tokens, and preference cookies required for the Service to function. These cannot be disabled without breaking core functionality.

7.2 Analytics cookies and equivalent storage mechanisms: used to record Wishlist outbound click timestamps and referral attribution (UTM parameters). These are first-party and are used internally.

7.3 We do not serve third-party advertising cookies and we do not sell your personal information to advertising networks.

7.4 You may configure your browser to refuse cookies; however, doing so may render portions of the Service unusable.

8. Financial Data — Heightened Privacy Controls

8.1 Financial fields (including but not limited to deposit amounts, balance amounts, shipping, tax, other fees, total cost of ownership, asked price, sold price, profit, and loss) are stored with row-level isolation in our database. They are accessible only to your authenticated session.

8.2 Financial fields are automatically redacted before any response to a public endpoint, including public share pages, the Wishlist sync channel, and public badge displays.

8.3 Notwithstanding our controls, you are solely responsible for the accuracy and appropriateness of any financial information you choose to enter. Collectorlog is a personal record-keeping aid and does not verify, audit, or attest to any financial record.

9. Data Retention

CategoryRetention
Active account dataRetained for the duration your account remains active
Data after account deletion requestProcessed within thirty (30) days of a verified request; residual copies in backup systems automatically purged within ninety (90) days thereafter
Financial and transaction recordsRetained for up to seven (7) years following the transaction, even after account deletion, to comply with applicable tax, accounting, and anti-money-laundering laws
Sentry error logsUp to ninety (90) days
Application logsUp to one hundred eighty (180) days
Webhook logsUp to twelve (12) months
Unverified email-verification recordsAutomatically purged after thirty (30) days of inactivity
Expired subscription historyRetained for business, dispute, and regulatory purposes

10. Your Rights

10.1 Subject to applicable law, you may exercise the following rights with respect to your personal information:

  • Right of access
  • Right of rectification
  • Right of erasure (subject to the retention exceptions in Section 9)
  • Right to restrict processing
  • Right to data portability (provided in a commonly used machine-readable format)
  • Right to object to processing based on our legitimate interests
  • Right to withdraw consent where processing relies on consent

10.2 To exercise any of these rights, send a written request to [email protected]. We will respond within thirty (30) days of receiving a verified request.

10.3 We reserve the right, to the maximum extent permitted by law, to:

  • require reasonable identity verification before acting on a request;
  • refuse or defer requests that are manifestly unfounded, repetitive, or excessive;
  • refuse requests whose grant would infringe the rights and freedoms of other persons, breach confidentiality obligations, or obstruct legitimate investigations; and
  • charge a reasonable fee to cover administrative costs where a request is manifestly excessive or repetitive, or to provide additional copies beyond the first.

10.4 European Economic Area, United Kingdom, and Switzerland residents additionally have the right to lodge a complaint with a competent supervisory authority.

10.5 California residents additionally have the rights afforded by the California Consumer Privacy Act (as amended by the California Privacy Rights Act), including the right to know, the right to correct, the right to delete, the right to opt out of sale or sharing (we do not sell or share personal information as those terms are defined under CCPA/CPRA), and the right to non-discrimination.

11. Children

11.1 The Service is not intended for, nor directed at, persons under the age of eighteen (18) years, or such higher age of majority as may apply in your jurisdiction.

11.2 We do not knowingly collect personal information from persons below the minimum age. If we learn that we have collected personal information from such a person, we will delete that information as soon as reasonably practicable.

11.3 We are not liable, to the maximum extent permitted by law, for any loss, damage, or claim arising from a user's false declaration of age or capacity. Responsibility for false declarations rests solely with the person making the declaration and, where applicable, their legal guardian.

12. Security Measures

12.1 We implement reasonable and industry-standard technical and organisational measures to protect personal information, including \bcrypt\ password hashing, HMAC-SHA256 webhook signature verification, row-level security for collection items, TLS encryption of data in transit, and principle-of-least-privilege access controls.

12.2 No method of transmission or storage over the Internet is 100 % secure. You acknowledge that the foregoing measures are descriptive only and do not constitute a warranty, guarantee, or contractual promise of any specific security outcome, cryptographic strength, or breach-free operation. You assume all inherent risks of electronic communication.

12.3 In the event of a personal data breach that poses a material risk to you, we will notify you within the time frame required by applicable law.

13. Changes to This Policy

13.1 We reserve the right to modify this Policy at any time, at our sole discretion.

13.2 Where modifications are material, we will provide at least seven (7) days' advance notice through in-application notification or email to your registered address before the revised Policy takes effect.

13.3 Continued use of the Service after the effective date of the revised Policy constitutes your acceptance of the revised Policy. If you do not accept the revised Policy, your sole remedy is to discontinue use of the Service and request account deletion.

14. Contact Us

In the event of any conflict or inconsistency between the English-language version of this Policy and any translation into another language, the English-language version shall prevail.

This document is Version 1.0, effective 17 April 2026. The authoritative, machine-generated text is stored at the repository root as \PRIVACY.md\.