// Legal
Privacy Policy
Effective date: May 19, 2026
1. Overview
Retrollect is operated by Synsi ("we", "us", or "our"). This Privacy Policy explains what information we collect when you use retrollect.com and our mobile apps, how we use it, and the rights you have over your data.
By using Retrollect, you agree to the practices described in this policy. If you do not agree, please discontinue use of the service. This policy should be read alongside our Terms of Use, which govern your use of the Service.
2. Data We Collect
2.1 Account data
When you register, we collect your email address, username, and display name. Your email is used solely for authentication and essential service communications; it is never shared with third parties for marketing.
2.2 Collection data
We store the games, packages, and hardware you mark as owned, wishlisted, or otherwise tracked. This data is associated with your account and visible to other users according to your profile visibility settings.
We may use aggregated and anonymised collection statistics — such as the most-collected games or platforms — to power trending sections, catalogue insights, and product improvements. No individual user is identifiable in these aggregates.
2.3 Usage data via Google Analytics
We use Google Analytics to understand how visitors interact with Retrollect. Google Analytics collects information such as pages visited, time spent on pages, general geographic region (country/city level), device type, and referral source.
We have enabled IP anonymisation — your full IP address is never stored by Google Analytics. We do not use Google Analytics' advertising or remarketing features, and we have disabled data sharing with Google products.
2.4 Cookies
We use strictly necessary cookies for authentication (session management). Google Analytics sets its own cookies (_ga, _gid) to distinguish users and sessions. You can control or delete these cookies through your browser settings.
3. How We Use Your Data
- Provide, operate, and improve the Retrollect service.
- Authenticate your account and keep it secure.
- Analyse usage patterns (via anonymised analytics) to improve features and performance.
- Surface aggregated catalogue insights such as trending packages or collection counts.
- Send transactional emails (e.g. password reset, proposal status updates). We do not send marketing emails unless you explicitly opt in.
We do not sell your personal data. We do not use your data for automated profiling or decision-making that has legal or similarly significant effects on you.
4. Data Sharing
We share data only in the following circumstances:
- Service providers — infrastructure and hosting providers that process data on our behalf under data processing agreements.
- Google Analytics — anonymised usage data as described in section 2.3.
- Legal requirements — if required by law, court order, or to protect the rights, property, or safety of Synsi or others.
5. Data Retention
We retain your account and collection data for as long as your account is active. If you delete your account, we will delete or anonymise your personal data within 30 days, except where retention is required by law or legitimate operational need (e.g. fraud prevention records).
Anonymised aggregate data derived from your collection activity (e.g. popularity counts) may be retained indefinitely as it cannot be linked back to you.
Content you have submitted to the catalogue — such as package entries, hardware data, and articles — is assigned to Synsi under our Terms of Use and is therefore not subject to deletion upon account closure. The personal identifiers attached to that content (e.g. your username as submitter) will be anonymised within 30 days of account deletion.
6. Your Rights (GDPR — EU & UK Users)
If you are located in the European Economic Area or the United Kingdom, you have the following rights under the General Data Protection Regulation (GDPR):
- Access — request a copy of the personal data we hold about you.
- Rectification — ask us to correct inaccurate data.
- Erasure — request deletion of your personal data ("right to be forgotten").
- Restriction — ask us to limit how we process your data.
- Portability — receive your data in a structured, machine-readable format.
- Objection — object to processing based on legitimate interests.
- Withdraw consent — where processing is based on consent, you may withdraw it at any time.
To exercise any of these rights, contact us at hello@retrollect.com. We will respond within 30 days. You also have the right to lodge a complaint with your local data protection authority.
Our legal basis for processing your personal data is:
- Contract — to provide the service you signed up for.
- Legitimate interests — anonymised analytics to improve the service.
- Legal obligation — where required by law.
7. Your Rights (CCPA — California Residents)
Under the California Consumer Privacy Act (CCPA), California residents have the right to:
- Know — what personal information we collect, use, disclose, or sell.
- Delete — request deletion of your personal information.
- Opt out of sale — we do not sell personal information, so no opt-out is required.
- Non-discrimination — we will not discriminate against you for exercising your CCPA rights.
To submit a CCPA request, contact us at hello@retrollect.com. We will acknowledge your request within 10 business days and fulfil it within 45 days.
8. Security
We use industry-standard measures — including encryption in transit (TLS) and at rest, access controls, and regular security reviews — to protect your data. No method of transmission over the internet is 100% secure; we cannot guarantee absolute security, but we take reasonable precautions to protect your information.
9. Children's Privacy
Retrollect is not directed at children under 13. We do not knowingly collect personal data from children under 13. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.
10. Governing Law
This Privacy Policy is governed by the laws of the Netherlands. Any disputes relating to this policy shall be subject to the exclusive jurisdiction of the competent courts of Amsterdam, the Netherlands, consistent with our Terms of Use.
11. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify registered users of material changes via email or an in-app notice. The "Effective date" at the top of this page always reflects the current version.
12. Contact Us
For privacy-related questions, requests, or complaints, please contact Synsi at:
Synsi