Legal

Privacy Policy

Effective June 20, 2026 · CollectorBench LLC · Hialeah, Florida

This Privacy Policy explains what information CollectorBench LLC ("we," "us") collects, how we use it, and your rights. It applies to our marketing site at collectorbench.com and to the CollectorBench software ("Service").

Plain-English summary: We collect very little. The Service is designed to store only donor name, employer, reason for test, and signature — no Social Security numbers, no dates of birth, no medical results. Our customers (clinics) own their data; we are the software vendor that stores it for them.

1. Information we collect

From clinics (our paying customers)

Account info: business name, contact name, email, phone, billing address.
Payment info: handled by Stripe; we never see or store your card number.
Usage data: login times, pages viewed, features used, IP address, browser type.

From donors (people checking in at a clinic)

Donor name
Employer name
Reason for test (Random, Pre-employment, Post-accident, etc.)
Donor signature
Check-in timestamp

We do not collect Social Security numbers, dates of birth, medical results, lab data, or protected health information (PHI). The Service is not designed to store PHI, and clinics agree in our Terms not to upload it.

From visitors to our website

Pages viewed, referrer, browser type, approximate location (from IP).
Cookies for site analytics. No advertising or cross-site tracking cookies.

2. How we use information

To provide the Service to clinics;
To bill for the Service;
To send transactional email (account, billing, security);
To respond to support requests;
To improve and secure the Service;
To comply with law.

We do not sell personal information. We do not use donor data for advertising. We do not share data with third parties except the subprocessors listed below.

3. Subprocessors

We use these vendors to operate the Service. Each one is contractually bound to protect your data:

Cloudflare: Web hosting, edge workers, D1 database (US)
Supabase: PostgreSQL database (US region)
Stripe: Payment processing (US)
Resend: Transactional email delivery (US)
GoDaddy / Cloudflare Registrar: Domain registration

4. Data retention

Donor records are retained for as long as the clinic keeps them in the Service. The clinic is the custodian of record under 49 CFR §40.333 and controls retention. Account billing records are kept for 7 years for tax purposes. Website analytics logs are kept for 12 months.

5. Your rights

If you are a clinic, you can export or delete your data at any time from your dashboard, or by emailing privacy@collectorbench.com. If you are a donor, contact the clinic that collected your information — they are the custodian of record. We will assist clinics in responding to donor requests.

If you are a Florida or California resident, you have rights under the Florida Digital Bill of Rights and the CCPA, including the right to know, delete, and correct personal information. Contact us to exercise these rights.

6. Security

See our Security Overview for technical and organizational measures. In short: data is encrypted in transit (TLS 1.2+) and at rest, access requires authentication, and we maintain audit logs of staff actions.

7. Children

The Service is not directed to children under 13. We do not knowingly collect information from children.

8. Changes

We will post changes to this Policy here and update the effective date. Material changes will be communicated by email when reasonable.

9. Contact

CollectorBench LLC · Hialeah, Florida · privacy@collectorbench.com