Privacy Policy

Our commitment to you

Collectable Moments was built for one reason: a private place for your family's memories. No ads. No data harvesting. No AI training on your photos.

We never use your photos to train AI

Your memories aren't training data — not now, not ever.

We don't sell your data to third parties

Not to affiliates, not to advertisers, not to anyone.

Your children's data is never shared

Photos, names, milestones — none of it goes to third-party platforms.

The full policy below explains exactly what we collect, why we collect it, and how long we keep it. No buried exceptions.

Privacy Policy

May 19, 2026

A Letter to all our Users,

Welcome to privacy at Collectable Moments. To us, privacy means an online service that the people we know and love can feel safe using. It means you don't have to worry that your data is being misused, misappropriated, or bought and sold in ways you're not aware of. It means we're not now, not ever, in the business of profiting from your data.

We care about your privacy and want to be upfront about how we treat your personal data: what we do collect, why we collect it, where it all goes, and for how long. So we wrote this privacy policy to explain it to you in the clearest, simplest way we know how.

In addition to this privacy policy, please read our Terms of Service which also applies to your use of the service. It's also where you can find any terms not directly defined in this policy.

One more reminder before you get started. We care about your privacy, but unfortunately, not everyone on the internet does. Just because we don't collect a particular piece of information doesn't mean websites you visit or services you use won't try to.

If you have any questions about this Privacy Policy or suggestions, give us a shout at fortlingsupport@gmail.com. We're all ears!

Who this applies to

This policy applies to visitors, prospective users, and registered users of Collectable Moments. "You" throughout this policy. Residents of California, Colorado, Virginia, Oregon, Texas, Utah, Canada, the EU, and the UK will find additional disclosures in our U.S. State Privacy Rights and International Privacy Rights sections below.

A few definitions

  • Personal data is any information that relates to you and from which you can be identified.
  • Processing is anything we do with your data: collecting, storing, using, transferring, or deleting it.
  • Service is the Collectable Moments website and all features available through it.

Who We Are

Collectable Moments is currently independently operated by our team based in the United States. We intend to transition to a limited liability company (LLC) in the future and will update this policy when that happens.

For the purposes of data protection law, Collectable Moments is the data controller with respect to your personal data. Reach us at fortlingsupport@gmail.com.

What We Collect and Why

We will never sell your personal data. Our guiding principle is to collect only what we need.

Account information

We don't collect any personal data unless you voluntarily provide it.

As a publisher you create and share content via a paid subscription. We collect your first and last name, email address, and password (stored securely, never in plain text). Billing and content storage are covered below.

As a subscriber you follow content shared by a publisher who invited you. Subscriber access is free. We collect your name and email address, along with your account status, email frequency preferences, and last access timestamp. We record which posts you've accessed so publishers can understand engagement and so you get accurate unread indicators.

We store notification records for both publishers and subscribers, covering comments, replies, and whether notifications have been read. These are used for in-service notifications only and are never shared with third parties.

Billing information

If you sign up as a publisher, payment information is submitted directly to Stripe and doesn't touch our servers. We store a record of the transaction (including the last 4 digits of your card) and your billing address for account support, invoicing, and fraud prevention.

Your content

We store the photos, videos, and posts you create on your account so you can share them with the subscribers you invite. We keep this content for as long as your account is active. If you delete your account, we delete your content within 60 days.

When you invite someone to view your content, you agree those individuals may access the personal data you choose to share with them. We can't control how your subscribers may use or share that information outside the service.

Technical data

We log the IP address used to create an account to help prevent spam and abuse, and log account access by IP for security and fraud prevention. Rate-limiting IP addresses are not retained long-term.

Analytics

We collect aggregate usage data to understand how the service is being used and to make improvements. This data is processed in-house only, never shared with third-party analytics platforms, never used to identify you individually.

Communications

When you contact us for support, we keep that correspondence (including your email address) to maintain a history.

The service sends two categories of email:

Transactional emails are required to operate your account and can't be opted out of while your account is active:

  • Login links for subscribers
  • Subscription status notifications (pending, approved, or declined)
  • Collaborator invitations
  • New subscriber alerts for publishers

Preference-based emails are sent only to subscribers, adjustable any time from your subscription settings:

  • New post notifications (individual or as daily, weekly, or monthly digests)
  • Interaction notifications when someone replies to or reacts to your comment

To unsubscribe entirely from a publisher's emails, visit your subscription settings via the link in any email you've received, or contact us at fortlingsupport@gmail.com and we'll remove you manually.

Third-Party Services

We use a small number of third-party services to run the platform. We share only the minimum information they need to do their job, and they're contractually restricted from using it for anything else.

File and photo storage

Your photos and media are stored securely with Amazon Web Services in the us-east-1 region. We share only your uploaded files, nothing else.

Email delivery

We use Brevo (formerly Sendinblue) to send transactional emails. We share your email address and name. Brevo is only used for transactional emails, never marketing.

Payment processing

Payments are handled by Stripe. Your billing information goes directly to Stripe and never passes through our servers. We store only a transaction record and the last 4 digits of your card. Stripe also processes payment data as an independent controller for purposes of fraud prevention and regulatory compliance; see Stripe's privacy notice for details.

Cookies

A cookie is a small piece of text stored on your device by your browser. On Collectable Moments, we use cookies only to keep you logged in. No third-party cookies, no tracking cookies, no advertising cookies.

Cookies used by Collectable Moments and their purpose
Cookie Purpose Expires
_cm_remember Keeps publishers logged in 1 year
_cm_subscriber Keeps subscribers logged in 1 year

You can block cookies in your browser settings, though doing so will prevent you from staying logged in.

Children's Privacy

Collectable Moments is designed for parents, grandparents, and family members to privately share photos of the people they love. Publishers must be 18 or older. Subscribers must be at least 13 years old; subscribers between 13 and 17 may access the service only with the express permission of a parent or legal guardian.

By creating an account and accepting this Privacy Policy, publishers confirm they are 18 or older. By accepting this Privacy Policy at the point of subscribing, subscribers confirm they are at least 13 years old, and — if under 18 — that they have the express permission of a parent or legal guardian.

We do not knowingly collect personal data from anyone under 13. If we learn that we have, we'll delete it immediately. If you believe this may have occurred, please contact us at fortlingsupport@gmail.com.

Children depicted in publisher content (such as family photos) are not users of the service. Publishers represent that they have the right to upload and share that content; see our Terms of Service for details.

Data Security

All data is encrypted via SSL/TLS in transit. We use industry-standard security measures including:

  • Passwords hashed with bcrypt and never stored in plain text
  • Sensitive parameters filtered from server logs automatically
  • Rate limiting to prevent abuse and brute-force attempts
  • Secure cloud infrastructure with strict access controls
  • Regular security reviews

No method of transmission or storage is 100% secure. If you believe your account has been compromised, contact us immediately at fortlingsupport@gmail.com.

Data Retention and Deletion

We keep your personal data for as long as needed for the purposes for which it was collected, then delete or aggregate it. We may retain data longer where required by law or to resolve disputes.

  • Deleted photos or media. Hidden immediately on deletion; permanently removed from our active systems within 30 days, with any copies in encrypted backups overwritten on rolling rotation within 60 days.
  • Deleted accounts. Hidden immediately on deletion; all personal data permanently purged from our active systems within 30 days, with any copies in encrypted backups overwritten on rolling rotation within 60 days.
  • Authentication tokens. Expired tokens retained briefly for security auditing, then deleted.
  • Technical logs. Retained for a limited period for security and fraud prevention, then deleted.
  • Legal holds. We may retain data longer if required by applicable law.

Self-service deletion. Publishers can delete their account from the Danger Zone in their dashboard settings. Subscribers can delete their data from their subscription settings on each publisher's site.

Restore window. When you delete your account, your data is immediately hidden and you're logged out, but we wait 30 days before permanently destroying it. During that window you can restore your account using the link emailed to you at the time of deletion. After 30 days, your data is purged automatically (we reserve up to 60 days total to account for backup retention and incident recovery).

Immediate deletion. If you want your data deleted ASAP rather than waiting out the restore window, email us at fortlingsupport@gmail.com and we'll take care of it for you.

Your Rights

We try to apply the same data rights to all users, regardless of where you live. If you live in a U.S. state with a privacy law (California, Colorado, Virginia, Oregon, Texas, or Utah), see U.S. State Privacy Rights. If you're in the EU, UK, Canada, or Australia, see International Privacy Rights. Anywhere else, just contact us at fortlingsupport@gmail.com — we'll honor reasonable requests where we can.

Sharing and Disclosure

There are no public profiles, no public feeds, and no publicly searchable content on Collectable Moments. Access is controlled entirely by you through private invitations. We're not responsible for how you or your subscribers choose to share or distribute access outside the service.

We don't sell, rent, or trade your personal data. We share information only in these limited circumstances:

To provide the service. The third-party services listed in our Third-Party Services section are contractually restricted from using your data for any purpose beyond serving us.

No one on our team looks at your content except in limited circumstances with your express permission. For example, if an error requires manual intervention to fix.

To help you troubleshoot, with your permission. If we ever need to access your content to help with a support case, we'll ask first.

To investigate potential misuse. Accessing an account when investigating abuse is a last resort. If we discover the service is being misused, we'll take appropriate action, including notifying authorities where warranted.

If we're ever acquired. We don't plan on it, but if it happens, we'll notify you well before any personal data is transferred or becomes subject to a different privacy policy.

Government and law enforcement requests

Requests for user data. Our policy is not to respond to government requests for user data unless compelled by legal process or an emergency. If U.S. law enforcement has a valid warrant, subpoena, or court order, we must comply. We only respond to requests from non-U.S. authorities if compelled through proper legal procedures. We'll notify affected users before disclosing unless we're legally prohibited.

Preservation requests. We comply with data preservation requests only when required by the U.S. Federal Stored Communications Act or a properly served subpoena. We don't disclose preserved data unless required by law. If no valid legal order arrives before the preservation period expires, we'll destroy the preserved copy.

Child safety reports

Where we have apparent knowledge of child sexual abuse material on the service, we will report it to the National Center for Missing & Exploited Children (NCMEC) as required by 18 U.S.C. § 2258A, and preserve associated data for the period required by that statute (currently 90 days). This is the only category of user data we will affirmatively transmit to authorities without a legal order.

Where your data is stored

Our service and infrastructure are located in the United States (us-east-1). If you're outside the U.S., any personal data you provide will be transferred to and stored there. By using the service, you consent to this transfer.

If you're in the EU or UK, see International Privacy Rights for information about cross-border transfer safeguards.

U.S. State Privacy Rights

Applies to residents of California, Colorado, Virginia, Oregon, Texas, and Utah.

If you reside in one of the states listed above, you may have the following rights depending on your state of residence. If you have questions about whether any of these apply to you, give us a shout at fortlingsupport@gmail.com.

Access

You may ask us to confirm whether we process your personal data and request a copy.

Deletion

You may ask us to delete the personal data we've collected about you.

Correction

You may ask us to correct inaccurate personal data.

Portability

You may request a machine-readable copy of your personal data.

Opt-out of sale, sharing, or targeted advertising

We don't sell, share, or process your personal data for targeted advertising and haven't done so in the past 12 months.

Anti-discrimination

We'll never deny you access, charge different prices, or provide lower quality service because you exercised your privacy rights.

What personal information we collect

California's privacy law defines eleven categories of personal information. Here's a full breakdown of what we collect from each.

Statutory categories of personal information and which we collect
Category Collected What this includes for us
A. Identifiers
Name, email, IP address, account ID
Yes First and last name, email address, transient IP for rate-limiting, internal account ID
B. Cal. Civ. Code § 1798.80(e)
Name, signature, ID numbers, financial info
In part Name, email, last 4 digits of card (held by Stripe). No SSN, passport, or medical info.
C. Protected classifications
Age, race, religion, marital status, etc.
No Not collected
D. Commercial information
Purchase history, transactions
Yes Subscription transaction history (publishers only)
E. Biometric information
Fingerprints, faceprints, voiceprints
No Not collected
F. Internet/network activity
Browsing history, interaction with the service
Yes IP for security and rate-limiting; logs of which subscriber accessed which post and when
G. Geolocation data
Approximate physical location
No No precise geolocation; we don't store IP-derived location
H. Sensory data
Audio, electronic, visual, thermal
In part Photos and videos you upload as content (publisher-supplied)
I. Professional/employment
Job history, performance evaluations
No Not collected
J. Education information (FERPA)
Grades, transcripts, student records
No Not collected
K. Inferences
Profiles built from other personal information
No We don't generate inferences or build profiles

What sensitive personal information we collect

California's privacy law also defines specific categories of sensitive personal information. Here's what we do and don't collect.

Sensitive personal information categories and which we collect
Category Collected Notes
SSN, driver's license, state ID, passport No Not collected
Account login credentials Yes Email plus bcrypt-hashed password (publishers); hashed magic-link tokens (subscribers). Used only for authentication and security.
Precise geolocation No Not collected
Race, religion, philosophical beliefs, union membership No Not collected
Contents of mail, email, or text messages where we are not the intended recipient No Not collected
Genetic data No Not collected
Biometric data for unique identification No Not collected
Health information No Not collected
Sex life or sexual orientation No Not collected

How we process sensitive personal information

If you provide personal data that may be deemed "sensitive" under certain U.S. State Privacy Laws ("Sensitive Personal Data") to Collectable Moments, we will not process that information to infer characteristics about you or any other person. We will only process sensitive personal data to provide the particular service or to help with the related request, or if you are a California resident, another permitted purpose set forth in 7027(m) of the regulations of the California Consumer Privacy Act.

Sources of personal information

We collect personal information from:

  • Directly from you — when you create an account, upload content, post comments, or contact us for support
  • Automatically when you use the service — IP address, browser metadata, login activity, and post-access timestamps
  • From our service providers — Stripe sends us transaction confirmations; Brevo sends us email delivery status

Categories of third parties we disclose personal information to

  • Service providers — AWS for file and photo storage, Brevo for transactional email, Stripe for payment processing (full list in our Third-Party Services section)
  • Legal or regulatory authorities — only when compelled by warrant, subpoena, or court order (see Sharing and Disclosure)
  • A successor entity — only in the event of an acquisition or merger, and only with notice to you (see Sharing and Disclosure)

Past 12 months

In the preceding 12 months, we have collected personal information falling within Categories A, B (in part), D, F, and H. We have not sold or shared any personal information for monetary or other valuable consideration, and we have not disclosed personal information for cross-context behavioral advertising. We have disclosed personal information falling within Categories A, B (in part), D, and F to service providers (AWS, Brevo, Stripe) for the business purposes described in this policy.

Other state-specific privacy rights

Under California Civil Code Sections 1798.83 through 1798.84, California residents can contact us to prevent disclosure of personal data to third parties for such third parties' direct marketing purposes. However, we do not make any such disclosures.

If you are a resident of Nevada, you have the right to opt-out of the sale of certain personal data to third parties. We do not currently sell your personal data as sales are defined in Nevada Revised Statutes Chapter 603A.

Exercising your rights under U.S. state privacy laws

To exercise the rights described in this Privacy Policy, you or your authorized agent (if applicable and as defined below) must send us a request that (1) includes sufficient information to allow us to verify that you are the person about whom we have collected personal data (such as your account or contact data), and (2) clearly describes your request, so we can understand, evaluate, and respond to it. Each request that meets both of these criteria will be considered a "valid request." We may not respond to requests that do not meet these criteria. We will only use personal data provided in a valid request to verify your identity and complete your request. You do not need an account to submit a valid request.

We aim to respond to your valid request within the time period required by applicable U.S. state privacy laws. We will not charge you a fee for making a valid request unless your request is excessive, repetitive, or manifestly unfounded. If a fee applies, we'll let you know before proceeding. You may submit a valid request by emailing us at fortlingsupport@gmail.com.

Authorized agents

If you are a California, Colorado, Connecticut, Delaware, Maryland, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, or Texas resident, you may authorize an agent (an "authorized agent") to exercise your rights on your behalf. To do this, you must provide your authorized agent with written permission to exercise your rights on your behalf, and we may request a copy of this written permission from your authorized agent when they make a valid request on your behalf.

Appealing a denial

If you live in Colorado, Connecticut, Delaware, Iowa, Maryland, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Tennessee, Texas, or Virginia and we refuse to take action on your valid request within a reasonable period of time after receipt in accordance with this section, you may appeal our decision. In such appeal, you must (1) provide sufficient information to allow us to verify that you are the person about whom the original valid request pertains and to identify the original valid request, and (2) provide a description of your appeal. We will respond to your appeal within the time period required under the applicable law. You can submit a valid request to appeal by emailing us at fortlingsupport@gmail.com (subject line must include "[STATE OF RESIDENCE] Appeal").

If we deny your appeal, you have the right to contact the Attorney General of your state.

International Privacy Rights

Additional information for residents of the EU, UK, Canada, and Australia.

European Union and United Kingdom (GDPR)

If you're in the EU or UK, the General Data Protection Regulation applies to how we handle your personal data. We process your data on the following legal bases:

  • To provide the service (contract performance or legitimate interests)
  • To provide support (legitimate interests)
  • For analytics (legitimate interests in understanding aggregate, non-identifying usage of the service)
  • To protect against abuse (legitimate interests or legal obligation)

Cross-border transfers. When transferring personal data from the EEA or UK, we rely on standard contractual clauses approved by the European Commission and/or UK Government, or other legally approved mechanisms.

Your GDPR rights include access, rectification, erasure, restriction of processing, objection, and portability. To exercise any of these, contact us at fortlingsupport@gmail.com.

EU/UK Representative. We don't currently maintain a formal EU/UK representative as our processing of EU/UK personal data is limited in scope. We'll update this policy and appoint one if that changes.

Canada (PIPEDA)

We collect, use, and disclose your personal data in accordance with PIPEDA and substantially similar provincial laws. We maintain appropriate safeguards and have a designated Privacy Officer, reachable at fortlingsupport@gmail.com, who is accountable for our compliance with PIPEDA.

Your rights include access, rectification, consent withdrawal, and choices regarding commercial email. Quebec residents may also request a portable copy of their personal data. Contact our Privacy Officer at fortlingsupport@gmail.com.

Australia (Privacy Act 1988)

If the Australian Privacy Act 1988 applies, we collect, use, and disclose your personal information for the purposes set out in this policy. Your data may be stored in the United States by our service providers.

If you have questions or believe we haven't complied with this policy or the Act, contact us at fortlingsupport@gmail.com. If you remain dissatisfied, you may lodge a complaint with the Office of the Australian Information Commissioner.

Policy Changes

We may update this policy from time to time to stay current with regulations or reflect new practices. If we make material changes, we'll notify registered users by email at least 30 days before the changes take effect, where reasonably possible, and update the date at the top of this page. Minor updates will just be reflected by the updated date with no direct notification. Of course, give us a shout if anything needs further explaining.

Contact

Questions, suggestions, or just want to talk something through? We're happy to help.

Collectable Moments

fortlingsupport@gmail.com