Privacy Policy

Overview

Welcome to Insite ("Platform"). This Privacy Policy explains how Collective Form Technologies, LLC ("Collective Form" or "we" or "us") collects, uses, protects, and shares information from users of our map-based feedback platform. Our goal is to provide transparent practices that safeguard your data while ensuring our service remains innovative and responsive. If you have any questions, please don't hesitate to reach out.

Effective Date

March 20, 2025 – Last Updated March 20, 2025

Definitions

  • Company: Collective Form Technologies, LLC (referred to as "Collective Form" or "we" or "us") - the entity that develops and operates the Platform.
  • Platform: "Insite" - the map-based feedback platform developed and operated by Collective Form.
  • Personal Data: Information that can be used to identify an individual.
  • Usage Data: Automatically collected data from your interactions with the Platform.
  • Cookies: Small files stored on your device that help improve your experience.
  • Location Data: Geographic information obtained through our Platform.
  • Feedback Data: User-submitted comments, suggestions, and interactions.
  • Map Interaction Data: Information detailing how you interact with maps (e.g., viewing, zooming, panning).
  • Feature Data: Data related to points, lines, polygons, and other map elements you create.

Information We Collect

Personal Information

When you register or interact with the Platform, we may collect:

  • Your name and contact details
  • Account credentials
  • Professional and profile information
  • Communication preferences
  • Payment information including:
    • Billing addresses
    • Payment methods
    • Subscription status and history
    • Payment processing metadata
  • Team invitation data including:
    • Email addresses of both inviter and invitee
    • Invitation timestamps, role assignments, and statuses

Automatically Collected Information

To enhance your experience and ensure service quality on the Platform, we automatically collect:

  • Device details and IP address
  • Browser type, settings, and operating system
  • Session duration and overall interaction metrics
  • Detailed map interaction data, such as:
    • View coordinates and zoom levels
    • Feature selection and events (creation, editing, deletion)
    • Viewport changes and movement patterns
    • Project configuration and view states
    • Custom map layers and styling preferences

User-Generated Content

When you use the Platform, we may also capture:

  • Feedback submissions and comments, including:
    • Comment content and metadata
    • Anonymous identifiers (when anonymous commenting is enabled)
    • Associated geographic locations
    • Timestamps and interaction data
  • Map data including:
    • Project boundaries and geographic features
    • Custom layers and styling information
    • Feature properties and metadata
    • Uploaded documents or images
  • Survey responses and engagement metrics

How We Use Your Information

Your data helps Collective Form to:

  • Provide and maintain core Platform functionality
  • Authenticate and personalize your Platform experience
  • Improve our services and develop new Platform features
  • Communicate important Platform information, updates, and offers (when consent is provided)
  • Conduct analytics and research to enhance Platform performance
  • Comply with legal obligations and security standards

Data Storage and Security

At Collective Form, we take data security seriously. Our measures include:

  • Storing data in secure, compliant environments
  • Implementing technical and organizational measures including:
    • Row-level security policies ensuring precise data access control
    • Role-based permissions and access restrictions
    • Secure handling of anonymous feedback when enabled
    • Industry-standard PostGIS for geographic data storage
  • Comprehensive backup procedures:
    • Automated daily backups with 7-day retention through our database provider
    • Point-in-Time Recovery (PITR) capability available for granular data restoration when enabled
    • Recovery Point Objective (RPO) of two minutes in worst-case scenarios with PITR
    • Regular backup monitoring and verification
  • Regular security audits and compliance monitoring
  • Retaining data only for as long as necessary
  • Regular backups and prompt breach notification procedures
  • Access controls based on user roles:
    • Customer - standard platform access
    • Internal - employee access
    • Admin - full system access

Information Sharing

Collective Form shares your information only as needed:

  • With trusted third-party service providers:
    • Stripe - for secure payment processing and subscription management
    • Supabase - for database hosting and authentication
    • Vercel - for application hosting and analytics
    • Cloud storage providers for hosting uploaded content
  • To comply with legal obligations or enforce our terms
  • During business transfers, where applicable, ensuring confidentiality is maintained
  • In aggregated form to provide insights without identifying individuals

Payment Processing

We use Stripe as our payment processor. When you make a payment or subscribe to our services:

  • Payment information is collected and processed directly by Stripe in accordance with their privacy policy and security standards
  • We store only limited payment metadata and tokens provided by Stripe to manage your subscriptions and billing
  • Your full payment details (such as complete card numbers) are never stored on our servers
  • Stripe may collect additional information as outlined in their privacy policy at stripe.com/privacy

Contact Information

For privacy inquiries, data requests, or concerns, please contact Collective Form:

  • Email: support@collectiveform.io

Last updated: March 20, 2025