Skip to content

Effective date: March 6, 2026

Privacy Policy

This Privacy Policy explains how Clairvio ("we", "us", or "our") collects, uses, and protects information when you use the Clairvio platform and services ("Service"). By using the Service, you agree to the practices described here.

1. Information We Collect

Account information: When you register, we collect your name, email address, organisation name, and password (stored as a hash).

Session data: When your end users interact with your application and the Clairvio SDK is installed, we capture DOM snapshots, user interactions, network requests, console errors, and other diagnostic events. This data is associated with your organisation's workspaces.

Billing information: Payment details are processed directly by Stripe and are never stored on our servers. We store only your Stripe customer ID and subscription ID.

Usage data: We collect basic usage metrics such as session counts and API request logs to operate and improve the Service.

2. How We Use Your Information

  • To provide, operate, and maintain the Service.
  • To process payments and manage subscriptions.
  • To send transactional emails (account verification, invitations) via Mailgun.
  • To enforce plan limits and detect abuse.
  • To improve the Service through aggregate, anonymised analytics.

We do not sell your data or use it for advertising.

3. Session Data and Your End Users

You are the data controller for session data captured from your end users. We act as a data processor on your behalf. You are responsible for obtaining lawful consent from your end users for session recording and for masking any sensitive personal data before it is captured by the SDK.

We strongly recommend configuring the SDK to exclude fields containing passwords, payment details, national identification numbers, or health-related information.

4. Data Retention

Session data is retained for the period defined by your subscription plan:

  • Free: 7 days
  • Starter: 30 days
  • Growth: 90 days
  • Scale: 1 year

Data beyond your retention window is automatically and permanently deleted. Account data is deleted within 30 days of account termination.

5. Third-Party Services

We use the following third-party services to operate the Service:

  • Stripe — payment processing. Stripe Privacy Policy.
  • Mailgun — transactional email delivery.
  • Amazon Web Services (S3) — encrypted storage of session replay data.

Each provider is bound by its own privacy policy and applicable data protection agreements.

6. Data Security

We use industry-standard security measures including TLS encryption in transit, encrypted storage at rest, and access controls. No method of transmission or storage is 100% secure; we cannot guarantee absolute security.

7. Your Rights

Depending on your jurisdiction, you may have rights to access, correct, delete, or export personal data we hold about you. To exercise these rights, contact us at pitchinnate@gmail.com. We will respond within 30 days.

8. Cookies

The Service uses session cookies to maintain authentication state. We do not use tracking or advertising cookies. The Clairvio SDK does not set cookies on your end users' browsers.

9. Children's Privacy

The Service is not directed at children under 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, contact us and we will delete it promptly.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or by displaying a notice in the Service. Continued use after the updated effective date constitutes acceptance.

11. Contact

Questions or concerns? Email us at pitchinnate@gmail.com.