Clairable Privacy Policy

1. Information we collect

1.1 Information you provide to us

We may collect the following types of information that you provide:

• Account details such as your name, email address, password, organisation name and role.
• Wizard inputs including descriptions of your business, processes, challenges, goals and other information you enter into the Service.
• Generated outputs such as AI generated summaries, recommendations and reports created for you by Clairable.
• Feedback and communications such as survey responses, support requests and messages you send to us.
• Marketing preferences including your choices about receiving updates, newsletters or invitations.

You should avoid providing sensitive information (for example health information or financial account numbers) unless it is strictly necessary and you are authorised to do so.

1.2 Information we collect automatically

When you use Clairable, we automatically collect certain information relating to your device and use of the Service, for example:

• IP address and general location information;
• browser type and version;
• device type and operating system;
• pages visited, features used and time spent;
• referral source, such as the site you came from; and
• error logs and diagnostic information.

1.3 Cookies, pixels and similar technologies

We use cookies and similar technologies to operate the Service, remember your preferences, understand usage and support marketing and analytics. The technologies we use include:

• browser cookies;
• Google Tag Manager (GTM);
• Google Analytics 4;
• Meta Pixel; and
• LinkedIn Insight Tag.

These tools may collect information such as your IP address, browser details, pages visited, actions taken and time spent on the Service. They may also help us measure advertising performance and understand how people discover Clairable.

You can usually control cookies through your browser settings, but disabling cookies may affect your ability to use some features of the Service.

2. How we use personal information

We may use personal information for the following purposes:

• to provide, operate and maintain Clairable;
• to authenticate you and manage your account;
• to process your wizard inputs and generate AI powered Outputs and reports;
• to personalise your experience of the Service;
• to monitor, diagnose and fix technical issues and to improve the performance and usability of Clairable;
• to detect, prevent and address misuse, abuse or security incidents;
• to understand how users engage with Clairable and to inform product development and roadmap decisions;
• to communicate with you about the Service, including updates, changes and important notices;
• to send marketing communications to you where you have opted in or where we are otherwise permitted by law; and
• to comply with our legal and regulatory obligations.

We do not sell personal information.

3. AI providers and other service providers

3.1 OpenAI and AI processing

Clairable uses third party AI services, such as models provided by OpenAI, to process Your Content and generate Outputs. Your wizard inputs and related context are sent to these providers for processing and the resulting outputs are returned to us.

We configure the OpenAI API so that data submitted through the API is not used by OpenAI to train OpenAI models. OpenAI may temporarily retain inputs and outputs for abuse monitoring and safety purposes in line with its published data usage policies.

3.2 Other service providers

We use other third party service providers to help us operate Clairable, including for:

• hosting and infrastructure (for example Supabase and Vercel);
• database and object storage (for example Supabase);
• authentication and access control;
• email delivery and communications;
• analytics and usage monitoring (for example Google Analytics 4); and
• advertising and measurement (for example Meta Pixel and LinkedIn).

These providers may process personal information on our behalf. We take reasonable steps to ensure that they handle personal information in a manner consistent with applicable privacy laws and this Privacy Policy.

We do not share your wizard inputs or Clairable Outputs with Meta or LinkedIn.

4. Legal basis for processing

Where the General Data Protection Regulation (GDPR) or similar laws apply, we rely on one or more of the following legal bases to process personal information:

• Contract, to provide the Service and perform our agreement with you;
• Legitimate interests, such as operating, improving and securing the Service and communicating with you about it;
• Consent, where you have given consent, for example for marketing communications or certain cookies; and
• Legal obligations, where processing is required to comply with law.

5. Storage, security and retention

5.1 Storage and security

We store personal information in systems we control and in systems provided by our trusted service providers. We use reasonable technical and organisational measures to protect personal information, including encryption in transit, access controls and row level security on our database.

No system is completely secure. We cannot guarantee absolute security of your information and encourage you to use strong passwords, protect your devices and notify us promptly if you suspect any unauthorised access.

5.2 Retention

We retain personal information for as long as necessary to provide the Service and to fulfil the purposes set out in this Privacy Policy, or as required by law.

Wizard inputs, associated Outputs and account related records may be stored for as long as your account remains active. We may also retain certain information for a period after your account is closed in order to comply with legal obligations, resolve disputes and enforce our agreements.

We may retain aggregated or de identified information for longer periods, as this information does not identify you.

6. International transfers

Some of our service providers are located outside Australia. This means personal information may be transferred to or stored in other countries, including the United States and countries in the European Union.

We take reasonable steps to ensure that any overseas recipients handle personal information in a way that provides comparable protections to the Australian Privacy Principles and, where applicable, the GDPR.

7. Disclosure of information

We may disclose personal information to third parties in the following circumstances:

• to our service providers and related entities that support the Service;
• to your Organisation if you use Clairable under an Organisation account;
• to comply with legal obligations, court orders or requests from regulators or law enforcement;
• to protect the safety, rights or property of our users, the public or us;
• to investigate and address misuse, security incidents or suspected unlawful activity; or
• with your consent or at your direction.

8. Aggregated and de identified data

We may use Your Content, Outputs and usage data to create aggregated and de identified information, such as statistics about common AI use cases or industry trends. This information does not identify you or your organisation.

We may use and share aggregated and de identified information for research, education, marketing or product development.

9. Your rights and choices

Depending on your location and applicable law, you may have the right to:

• request access to the personal information we hold about you and receive a copy of it;
• request correction of personal information that is inaccurate, out of date or incomplete;
• request deletion of your personal information;
• object to certain types of processing or request that we restrict processing;
• receive personal information in a portable format where technically feasible; and
• withdraw consent where processing is based on your consent.

To exercise these rights, please contact us using the details below. We may need to verify your identity before responding to your request.

You can opt out of marketing emails at any time by using the unsubscribe link in the email or by contacting us.

10. Children

Clairable is not intended for use by individuals under 18 years of age. We do not knowingly collect personal information from children. If you believe that a child has provided us with personal information, please contact us so that we can take appropriate steps to delete it.

11. Third party sites

The Service may contain links to third party websites or services that we do not control. This Privacy Policy does not apply to those third parties. We are not responsible for the privacy practices of third party sites and services and encourage you to review their privacy policies.

12. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top of this page and may provide notice in the Service or by email.

Your continued use of Clairable after any changes take effect will indicate your acceptance of the updated Privacy Policy.

13. Contact us

If you have any questions or concerns about this Privacy Policy or how we handle personal information, or if you wish to exercise your rights, please contact us at:

Email: info@clairumai.com.au