Privacy Policy

Effective Date: 29 March 2026 Last Updated: 29 March 2026

This Privacy Policy explains how PlusAI Solutions ("we", "us", "our") collects, uses, discloses, and protects your personal information when you use the Collo.dev website, application, and related services (collectively, the "Service"). PlusAI Solutions is based in Brisbane, Queensland, Australia.

By accessing or using the Service you agree to the collection and use of information in accordance with this policy. If you do not agree, please do not use the Service.

1. Information We Collect

1.1 Information You Provide

Account and Waitlist Information. When you join our waitlist or create an account we collect your email address and any other details you submit through our forms.

GitHub Data. When you connect your GitHub account or grant Collo access to a repository, we receive information from GitHub on your behalf, including repository contents (source code, configuration files, issues, pull requests, and comments), repository metadata (names, descriptions, collaborators), and your GitHub profile information (username, avatar, email).

API Keys (BYOK). If you use our Bring Your Own Key feature, you provide your third-party API key (e.g. Anthropic Claude API key). We transmit this key to the relevant provider to execute tasks on your behalf. We do not store your API key on our servers longer than necessary to complete the active session, unless you choose to save it for future sessions.

Communications. If you contact us at info@collo.dev or otherwise correspond with us, we collect the contents of those communications.

1.2 Information Collected Automatically

Usage Data. We collect information about how you interact with the Service, including pages visited, features used, timestamps, and referring URLs.

Device and Browser Data. We collect IP address, browser type and version, operating system, and device identifiers.

Cookies and Similar Technologies. We use strictly necessary cookies to operate the Service and optional analytics cookies to understand usage patterns. You can manage cookie preferences through your browser settings.

2. How We Use Your Information

We use the information we collect to:

  • Operate, maintain, and improve the Service
  • Process waitlist sign-ups and communicate with you about your access
  • Clone, analyse, and interact with your GitHub repositories to perform the coding tasks you assign
  • Transmit your API keys to third-party AI providers to generate code on your behalf
  • Send transactional emails (e.g. onboarding notifications, service updates)
  • Monitor for abuse, fraud, and security incidents
  • Comply with legal obligations under Australian law

We will not send marketing emails without your explicit consent.

3. How We Share Your Information

We do not sell your personal information. We may share information with the following categories of recipients:

Service Providers. Third-party vendors that help us operate the Service, including cloud hosting (e.g. Supabase, AWS), analytics providers, and email delivery services. These providers are bound by contractual obligations to protect your data.

AI Model Providers. When Collo executes a coding task, relevant portions of your repository content and your API key (if using BYOK) are transmitted to the AI model provider (e.g. Anthropic) for inference. These transmissions are governed by the provider's own terms and privacy policy.

GitHub. Collo interacts with GitHub's API to read repository data, open pull requests, and post comments. These interactions are governed by GitHub's terms and privacy policy.

Legal and Safety. We may disclose information if required by law, regulation, legal process, or governmental request, or if we believe disclosure is necessary to protect the rights, property, or safety of PlusAI Solutions, our users, or the public.

Business Transfers. In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change.

4. Data Security

We implement reasonable technical and organisational measures to protect your information, including encryption in transit (TLS), encryption at rest for stored data, single-tenant isolated compute environments for each coding task (containers are destroyed after use), and access controls limiting employee access to personal data.

No method of transmission or storage is completely secure. While we strive to protect your data, we cannot guarantee absolute security.

5. Data Retention

Waitlist Data. We retain your email address until you request removal or until the waitlist is no longer active.

Repository Data. Code and repository content processed during a task are held only for the duration of the task execution within an isolated environment. Once the task completes and the pull request is opened, the compute environment and its contents are destroyed.

Account Data. If you create an account, we retain your information for as long as your account is active. You may request deletion at any time.

API Keys. Saved API keys are retained until you remove them or close your account.

6. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal information we hold about you
  • Correct inaccurate or incomplete information
  • Delete your personal information
  • Restrict or object to certain processing activities
  • Data portability — receive your data in a structured, machine-readable format
  • Withdraw consent where processing is based on consent

Australian Privacy Act. If you are located in Australia, you have rights under the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). You may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) if you believe we have breached the APPs.

GDPR. If you are located in the European Economic Area, you have rights under the General Data Protection Regulation including the rights listed above and the right to lodge a complaint with your local supervisory authority.

To exercise any of these rights, contact us at info@collo.dev.

7. International Data Transfers

Your information may be transferred to and processed in countries other than your own, including Australia and the United States (where our infrastructure providers operate). We take reasonable steps to ensure that any international transfer of personal information is subject to appropriate safeguards.

8. Third-Party Links

The Service may contain links to third-party websites or services (e.g. GitHub, Anthropic). We are not responsible for the privacy practices of those third parties. We encourage you to review their privacy policies.

9. Children's Privacy

The Service is not directed to individuals under the age of 16. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us and we will delete it.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on our website and updating the "Last Updated" date above. Your continued use of the Service after changes are posted constitutes your acceptance of the revised policy.

11. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us at:

PlusAI Solutions Brisbane, Queensland, Australia Email: info@collo.dev