Last updated: 10/11/2025
This Privacy Policy explains how Thjis, trading as Collexion (“Collexion”, “we”, “us”, or “our”), collects, uses, and protects personal data when you use our website https://collexion.io and related services (the “Service”).
We operate in accordance with the EU General Data Protection Regulation (GDPR) and Dutch data-protection law.
This Policy applies to all personal data processed by Collexion in connection with its software-as-a-service platform for business (B2B) users.
Our Service is not intended for consumers or anyone under 18 years of age.
Thjis / Collexion
Registered in: The Netherlands
Email: legal@collexion.io
Website: https://collexion.io
| Type | Examples | Source |
|---|---|---|
| Account Data | Name, business email, company name, password hash | You |
| Billing Data | Payment method details (processed by Stripe), VAT number, transaction records | You / Stripe |
| Usage Data | IP address, browser type, log files, pages visited, error reports | Automatic |
| OAuth Data | Name, email address, OAuth provider ID (Gmail / Discord) | Gmail / Discord |
| Marketing Data | Interaction with ads via Facebook Pixel and analytics | Automatic |
| Support Data | Messages or tickets you submit | You |
| Purpose | Legal Basis (GDPR Art. 6) |
|---|---|
| Providing and managing accounts | Contract (1)(b) |
| Processing payments through Stripe | Contract (1)(b) |
| Sending transactional emails via Resend | Contract (1)(b) |
| Hosting and operating the Service (Vercel + Hetzner) | Legitimate interest (1)(f) |
| Error monitoring (Sentry) | Legitimate interest (1)(f) |
| OAuth authentication (Gmail, Discord) | Contract (1)(b) |
| Marketing and analytics (Facebook Pixel) | Consent (1)(a) |
| Compliance with legal obligations | Legal obligation (1)(c) |
We rely on the following trusted third-party processors:
| Provider | Purpose | Location / Safeguards |
|---|---|---|
| Stripe, Inc. | Payment processing | EEA / US – Standard Contractual Clauses |
| Resend, Inc. | Transactional and notification emails | US – SCCs |
| Hetzner Online GmbH | Backend hosting and data storage | Germany (EEA) |
| Vercel Inc. | Frontend hosting and deployment | US / EU – SCCs |
| Sentry (GmbH) | Application error logging | Germany (EEA) |
| Google (Gmail OAuth) | Authentication | EEA / US – SCCs |
| Discord Inc. | Authentication | US – SCCs |
| Meta Platforms (Facebook Pixel) | Advertising and analytics | US – SCCs |
Each processor is bound by a Data-Processing Agreement ensuring GDPR-compliant safeguards.
We keep personal data only as long as necessary for the stated purposes or as required by law.
Account data is deleted or anonymised within 30 days after account closure unless legal retention (e.g. tax records) requires longer storage.
You may request deletion of your personal data at any time by emailing legal@collexion.io with the subject line “Data Deletion Request.”
After verifying your identity:
Once deletion is complete, it cannot be reversed.
We will confirm completion via email.
Under GDPR you may request:
To exercise any of these rights, contact us at the email address above. We respond within 30 days.
We employ industry-standard security controls, including encryption in transit (HTTPS/TLS), firewalling, role-based access, and continuous monitoring.
While we take all reasonable precautions, no system is completely secure.
If personal data is transferred outside the EEA (e.g. to the United States by Stripe, Vercel, or Resend), such transfer is protected by EU Standard Contractual Clauses or other adequate safeguards approved by the European Commission.
We use:
Full details are provided in our Cookie Policy.
We may update this Privacy Policy periodically. The most recent version will be posted on our website and indicated by the “Last updated” date above. Continued use of the Service constitutes acceptance of the revised Policy.
Questions or requests regarding this Policy may be sent to:
If you believe your rights under GDPR have been violated, you may file a complaint with the Autoriteit Persoonsgegevens (Dutch Data Protection Authority).