Cookie Policy
Last updated: 20 November 2025
Welcome to the Cookie Policy for Domain Collective, operated by Droidsize Technologies Pvt. Ltd. (CIN: U72200DL2019PTC347342). This notice explains how and why we use cookies and similar technologies across collective.domains, the dashboard, and related subdomains.
1. Who is responsible for cookies?
- Data fiduciary / controller: Droidsize Technologies Pvt. Ltd., WeWork Berger One, Sector 16B, Noida, Uttar Pradesh 201301, India.
- General inquiries: hello@collective.domains
- Support: support@collective.domains
- Privacy & Data Protection Officer: Dr. Evisha Soni, Chief Operating Officer — dpo@collective.domains / evisha@droidsize.com
- Security incidents: security@collective.domains
2. What are cookies?
Cookies are small text files placed on your device to store data. We also use similar technologies such as localStorage, sessionStorage, and pixel tags to deliver secure experiences, measure product usage, and personalize communications.
3. Categories we use
| Category | Why we use it | Examples |
|---|---|---|
| Strictly necessary (always on) | Authentication, Better Auth sessions, rate limiting, abuse prevention, remembering your consent choices. | Session IDs, CSRF tokens, Upstash ratelimit state. |
| Functional | Saves UI preferences (theme, onboarding progress) and enables accessibility enhancements. | Theme selection, recently used registrar filters. |
| Analytics | Helps us understand performance, errors, and adoption so we can improve the product. Disabled until you consent. | Vercel Analytics, Sentry performance breadcrumbs. |
| Advertising & campaigns | Powers optional launch campaigns or retargeting (e.g., webinar reminders). Disabled by default. | Dodo campaign pixels, email marketing UTMs. |
We do not sell personal data, but some partners (e.g., Sentry, Vercel) process pseudonymous identifiers outside India/EU. We rely on Standard Contractual Clauses and Data Processing Addendums with each vendor.
4. Managing consent
You control non-essential cookies:
- Banner choices: Accept all, reject all, or customize from the banner shown on first visit.
- Cookie settings: Revisit your choices anytime via the “Cookie Settings” button in the footer or the banner’s “Customize” option.
- Browser signals: We honour Global Privacy Control (GPC) and other universal opt-out signals required by the CPRA/CPA. If your browser sends such a signal we will treat it as an opt-out of analytics and advertising cookies.
- Browser controls: You can delete or block cookies via your browser. This may impact login reliability.
5. Regional considerations
India (DPDP 2023 rules)
We process personal data in accordance with the Digital Personal Data Protection Act, 2023 and the DPDP Rules, 2025. You can submit a grievance or appeal via dpo@collective.domains or grievance@droidsize.com. We respond within 15 days.
European Union / United Kingdom (GDPR + ePrivacy)
We rely on consent (Art. 6(1)(a) GDPR) for non-essential cookies and legitimate interests (Art. 6(1)(f)) for strictly necessary cookies that keep your account secure. EU/UK residents can withdraw consent, access data, or lodge complaints with their local authority at any time by emailing privacy@collective.domains.
United States (CPRA, CPA, VCDPA, CTDPA, etc.)
We provide “Do Not Sell/Share” and “Limit the Use of Sensitive Personal Information” links through our privacy center (coming soon). Until then, email privacy@collective.domains or use GPC to opt out. We will also disclose state-specific rights inside the Privacy Policy.
6. Retention
Consent records and cookie preferences are stored for up to 12 months, or sooner if you delete them. Authentication cookies follow the lifetime of your session (30 days) and are renewed when you sign in.
7. Updates
We review this Cookie Policy whenever we add new vendors or technologies. Material updates will be announced via the banner and changelog.
If you have questions about this notice or how we process data, contact Dr. Evisha Soni at dpo@collective.domains.