// legal

Our Privacy Commitment

Transparency and trust are at the heart of how we handle your personal information at ThinkNCollab.

// last updated: April 10, 2026
// quick navigation
Introduction Data Collection CLI Information Shell specifics Local storage How We Use Data Data Sharing Security Your Rights Cookies Children's Privacy Google Services GitHub Integration Policy Changes Contact Us
Note: This policy explains how ThinkNCollab collects, uses, and protects your personal information. By using ThinkNCollab, you agree to the practices described here.
// 01

Introduction

Welcome to ThinkNCollab. We are committed to protecting your privacy and ensuring your personal information is handled responsibly. This Privacy Policy outlines how we collect, use, and protect your information when you use our website, mobile application, or services (collectively, the "Services").

By using ThinkNCollab, you agree to the terms of this Privacy Policy. If you do not agree, please do not use our Services.

Key Point: We never sell your personal data to third parties.
// 02

Information We Collect

We collect various types of information to provide and improve our Services:

2.1 Personal Information
  • Account Information: Name, email address, phone number, and password when you create an account.
  • Profile Information: Profile picture, job title, and other details you choose to provide.
  • Payment Information: Credit card details, billing address, and transaction history (processed securely via Razorpay).
  • Room & Board Data: Room names/types, member roles, project content you create.
  • Google Account Data: When you connect Google Calendar, we access your name, email address, and calendar events (read and write) solely to sync meetings and task deadlines with your ThinkNCollab room.
  • GitHub Repository Data: When you connect a GitHub repository to your room, we receive push events, pull request data, and commit messages via webhooks — solely to display activity in your room and auto-close tasks via commit messages.
2.2 Usage Data
  • Log Data: IP address, browser type, operating system, and pages visited.
  • Device Information: Device type, unique device identifiers, and mobile network information.
  • Cookies and Tracking Technologies: We use cookies and similar technologies to track activity and store certain information.
We only collect data necessary to provide our services and improve your experience.
// 03

ThinkNCollab CLI Information

When you install and use the ThinkNCollab CLI, we collect and process specific information to ensure secure authentication and functionality.

3.1 CLI Installation

The ThinkNCollab CLI is available as an npm package. During installation, we collect:

  • Installation timestamp and version
  • Node.js and npm version information
  • Operating system and architecture details
3.2 tncrc Configuration File

After successful authentication, the CLI creates a .tncrc configuration file in your home directory. This file contains:

  • Encrypted authentication token for API access
  • User identification information
  • Workspace and project preferences
  • CLI configuration settings
# Example .tncrc file structure (values are encrypted) { "user": { "id": "encrypted_user_id", "email": "encrypted_email" }, "auth": { "token": "encrypted_jwt_token", "expires": "2026-12-31T23:59:59Z" }, "workspace": { "id": "encrypted_workspace_id", "name": "encrypted_workspace_name" } }
3.3 File Verification During Push Operations

When you push files to ThinkNCollab using the CLI, the system verifies your identity by:

  • Reading the encrypted authentication token from the .tncrc file
  • Validating the token against our secure authentication servers
  • Confirming user permissions for the target workspace/project
  • Logging the push operation for security auditing
Security Warning: The .tncrc file contains sensitive authentication information. Never share this file or commit it to version control. If you suspect your token is compromised, regenerate it immediately through your account settings.
3.4 CLI Usage Analytics

We collect anonymous usage statistics from the CLI to improve functionality:

  • Command usage frequency and patterns
  • Error reports and performance metrics
  • Feature adoption rates

This data is aggregated and anonymized — it cannot be used to identify individual users.

3.5 Shell Sessions & Live Collaboration

The ThinkNCollab Shell (thinknsh) is an interactive collaborative shell that extends the CLI with real-time team features. When you use the shell, we process:

  • Session Data: Login status, active room, and WebSocket connection state (connected/disconnected).
  • Room Presence: Your online status and current room are visible to other members — this enables real-time collaboration.
  • Live Notifications: Real-time alerts about meetings, file uploads, task assignments, and messages — delivered only to active, authenticated shell sessions.
  • Typing Indicators: Temporary in-memory indicators show when you or others are typing (never stored).
  • Command History: The last 1000 commands are saved locally in ~/.thinknsh_history for convenience — this file never leaves your machine.
  • Shell Configuration: Preferences like aliases, variables, and prompt settings are stored in ~/.thinkncollab/config.json (never transmitted).
  • Team & Room Lists: When you run teammates or rooms, we fetch current membership data to display accurate online status.
Real-time Features: The shell maintains a persistent WebSocket connection while you're in a room. This enables live messaging, typing indicators, and instant notifications — all secured with your authentication token.
3.6 Data Stored Locally

The following files are created in your home directory and contain only session/local data — they are never uploaded:

  • ~/.thinknsh_history — Your command history (last 1000 commands)
  • ~/.thinkncollab/config.json — Shell preferences and settings
  • ~/.thinkncollab/session.json — Encrypted session token (cleared on logout)
  • ~/.thinkncollab/logs/ — Debug logs (disabled by default, enabled with DEBUG=*)
Security Note: Your session token is stored encrypted locally. Never share your .thinkncollab folder or commit it to version control. If you suspect compromise, use logout and log in again to regenerate the token.

For complete shell documentation and command reference, visit the official npm package.

// 04

How We Use Your Information

We use your information for the following purposes:

  • To provide core features like Rooms, Boards, and Notifications
  • To validate user-submitted ideas and facilitate collaboration
  • To process transactions and send payment confirmations
  • To communicate with you about updates, promotions, and support
  • To monitor and analyze usage trends and preferences
  • To detect, prevent, and address technical issues or security breaches
  • To authenticate CLI users and secure file push operations
  • To improve CLI functionality and user experience
  • To read and write Google Calendar events on your behalf when you connect your Google account — used exclusively for syncing team meetings and task deadlines.
  • To receive and process GitHub webhook payloads for displaying repository activity in your room and auto-closing tasks via commit messages.
Analytics: We use aggregated data to improve our services, never to identify individuals.
// 05

How We Share Your Information

We do not sell your personal information. We may share it only in these circumstances:

  • With Your Consent: When you give us explicit permission.
  • Service Providers: With vendors who assist in operating our Services (e.g., Razorpay for payments, Jitsi for video, SMTP for emails).
  • Legal Requirements: To comply with legal obligations, enforce our policies, or protect our rights.
  • Business Transfers: In connection with a merger, acquisition, or sale of assets.
  • Google API Services: When you connect Google Calendar, your data is shared with Google's API under Google's own privacy policy. We access only the calendar scopes you explicitly authorize and do not share your Google data with any other third party.
  • GitHub Webhooks: When you link a GitHub repository, push and pull request event payloads are received from GitHub and processed in your room. We do not store your GitHub credentials — only the webhook payload data needed to display activity.
Important: We require all service providers to maintain the same level of data protection as we do.
// 06

Data Security

We implement industry-standard security measures to protect your information:

  • Encryption of data in transit and at rest using TLS/SSL protocols
  • Regular security audits and vulnerability assessments
  • Role-based access controls to limit data access
  • Secure password hashing using bcrypt algorithm
  • Input validation and sanitization to prevent injection attacks
  • Secure token generation and validation for CLI authentication
  • Encryption of .tncrc configuration files

Data breach notifications will be issued within 72 hours of discovery.

Security Tip: Always use strong, unique passwords and never share your .tncrc file.
// 07

Your Rights and Choices

You have the following rights regarding your personal information:

  • Access: Request a copy of the data we hold about you.
  • Correction: Update or correct inaccurate information in your profile.
  • Deletion: Request deletion of your account and associated data.
  • Export: Export your data in a machine-readable format upon request.
  • Opt-Out: Disable cookies and notifications through your account settings.
  • Token Management: Regenerate or revoke CLI authentication tokens at any time.
  • Google Disconnect: Revoke Google Calendar access at any time from your profile settings or directly from Google Account permissions.
  • GitHub Unlink: Unlink any GitHub repository from your room at any time via room settings — this immediately stops all webhook data flow.
// 08

Cookies and Tracking

We use session cookies to:

  • Track user login and maintain secure sessions
  • Remember user preferences and settings
  • Collect basic analytics to improve our Services

You may disable cookies via your browser settings, though this may affect functionality.

// 09

Children's Privacy

ThinkNCollab is not intended for children under 13. If we discover we have collected data from a child under 13, we will promptly delete such information.

// 10

Google API Services

ThinkNCollab integrates with Google Calendar to help teams sync meetings and task deadlines. This section explains how we handle data obtained through Google APIs.

What We Access
  • Google Account Info: Your name and email address, used to identify your account within ThinkNCollab.
  • Calendar Events: We read your existing calendar events to display upcoming meetings in your room, and write new events when tasks with due dates are created by your team.
How We Use It
  • Google Calendar data is used only to provide the calendar sync feature — never for advertising, profiling, or sharing with third parties.
  • We request the minimum OAuth scopes necessary: calendar.events for reading and creating events.
  • Data fetched from Google APIs is not stored permanently — it is processed in real-time and displayed within your room session.
What We Do NOT Access
  • Gmail, Google Drive, Google Contacts, or any other Google service beyond Calendar
  • Calendar data from accounts that have not explicitly connected to ThinkNCollab
  • Any Google data beyond what is needed to display and create calendar events
Your Control
  • You can disconnect Google Calendar at any time from your ThinkNCollab profile settings.
  • Revoking access removes all Google-linked permissions — no Google data is retained after disconnection.
  • You can also revoke access directly from your Google Account permissions page.
Google API Disclosure: ThinkNCollab's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.
Scope Transparency: We only request access to Google Calendar events. We do not access Gmail, Google Drive, Google Contacts, or any other Google service.
// 11

GitHub Integration

ThinkNCollab integrates with GitHub to bring repository activity — pushes, pull requests, and commits — directly into your project room.

What We Access
  • Repository Events: Push events and pull request notifications received via GitHub Webhooks.
  • Commit Messages: Parsed to detect closes TNC-id patterns and auto-close matching tasks on your board.
  • Repository Metadata: Repository name and owner, used to identify which room the webhook belongs to.
What We Do NOT Access
  • Your GitHub credentials or personal access tokens
  • Private repository source code or file contents
  • GitHub user account data beyond what webhook payloads contain
  • Any GitHub data beyond the linked repository's webhook events
How Webhooks Work
  • You manually configure a webhook in your GitHub repository settings pointing to ThinkNCollab's endpoint.
  • GitHub sends event payloads to us — we process them in real-time to notify your room members.
  • Webhook payloads are not stored permanently after processing.
Your Control
  • You can unlink a repository from your room at any time via room settings.
  • Removing the webhook from GitHub immediately stops all data flow to ThinkNCollab.
  • No GitHub data is retained after a repository is unlinked.
// 12

Changes to This Policy

We may update this policy periodically. Users will be notified of major changes via email or in-app alert. The "Last Updated" date at the top of this page indicates when changes were made.

// 13

Contact Us

If you have questions about this Privacy Policy or your data, reach out to us:

// email

support@thinkncollab.com

// location

Remote HQ

// support

Contact page