Privacy Policy

Last updated: November 21, 2025

ClarityDesk Inc. ("ClarityDesk," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy describes how we collect, use, disclose, and safeguard personal information when you use our SaaS platform, website, and related services (collectively, the "Service").

By accessing or using the Service, you agree to the practices described in this Privacy Policy.

1. Information We Collect

We collect two types of information: information you provide directly and information collected automatically when you interact with the Service.

A. Information You Provide

  • Account Information: Name, email address, company name, login credentials, and other information needed to create and maintain your account.
  • Payment Information: Payments are processed by third-party payment processors (e.g., Stripe). We do not store full credit card numbers. We may store billing addresses, payment tokens, and subscription status.
  • Support Information: Messages, attachments, or other content you send via customer support channels (email, chat, tickets).
  • User Content: Information and data you input, upload, or generate using the Service. You retain ownership of all User Content.

B. Information Collected Automatically

  • Log Information: IP address, browser type, device type, operating system, referring URLs, pages visited, and timestamps.
  • Usage Analytics: Clicks, features used, session duration, and interaction patterns — used to improve product performance and user experience.

2. Legal Bases for Processing (GDPR Users)

If you are located in the European Economic Area (EEA), UK, or Switzerland, we process personal data based on the following lawful bases:

  • Contract: To provide and maintain your account and the Service.
  • Consent: For marketing emails (where opt-in is required).
  • Legitimate Interests: To improve the Service, prevent fraud, and secure our systems.
  • Legal Obligations: To comply with tax, accounting, and regulatory requirements.

3. How We Use Your Information

We use personal information for the following purposes:

  • To Provide and Maintain the Service: Account creation, authentication, billing, and delivering core features.
  • To Communicate With You: Transactional emails, service updates, billing notices, and security alerts.
  • To Improve and Develop the Service: Usage analytics, debugging, testing, and feature development.
  • To Provide Support: Responding to inquiries and resolving issues.
  • Marketing: Sending product updates or offers. You may opt out at any time via the unsubscribe link.
  • Legal Compliance: Meeting legal, regulatory, and audit obligations.

4. ClarityDesk as a Data Processor (B2B Context)

For personal data contained in User Content (data regarding your own clients or employees), you are the Data Controller and ClarityDesk is the Data Processor.

We will:

  • Process User Content only according to your documented instructions;
  • Not use User Content for any purpose other than providing the Service;
  • Apply appropriate technical and organizational security measures; and
  • Work with sub-processors that meet equivalent security standards.

A Data Processing Addendum (DPA) is available here. You are responsible for ensuring you have lawful rights to collect and submit User Content.

5. Sharing and Disclosure of Information

We do not sell personal information. We may share information only with:

A. Service Providers (Sub-Processors)

Trusted vendors who assist in hosting, storage, payments, email delivery, and support (e.g., Supabase, Vercel, Stripe). All sub-processors are contractually required to protect your information. A current list is available upon request.

B. Business Transfers

If ClarityDesk is involved in a merger, acquisition, financing, or sale of assets, personal information may be transferred as part of the transaction.

C. Legal Requirements

We may disclose information if required by law, court order, or to protect our rights, property, or users.

6. International Data Transfers

ClarityDesk is based in Ontario, Canada.

We and our service providers may store and process information in Canada, the United States, or other jurisdictions. For international transfers, including those involving personal data from the EEA/UK, we use appropriate safeguards such as:

  • Standard Contractual Clauses (SCCs);
  • Adequacy decisions; and
  • Contractual protections with sub-processors.

By using the Service, you acknowledge and consent to these transfers.

7. Data Security and Retention

Security:

We use industry-standard administrative, technical, and physical safeguards, including encryption in transit, access controls, and secure infrastructure. However, no method of storage or transmission is 100% secure.

Retention:

We retain personal information only as long as necessary for providing the Service, maintaining your account, complying with legal obligations, and resolving disputes. Upon account termination, User Content is deleted within a defined retention window (typically 30–90 days), unless otherwise required by law.

8. Your Privacy Rights

Your rights depend on your jurisdiction.

A. Canada (PIPEDA)

You have the right to access and update your personal information, challenge accuracy, request correction, and withdraw consent (where applicable).

B. European Union / UK (GDPR)

You may request access, correction, deletion ("right to be forgotten"), data portability, restriction of processing, or withdrawal of consent. We will respond within 30 days.

C. California Residents (CCPA/CPRA)

You have the right to know what personal information we collect, request deletion, and opt out of "sale" or "sharing." We do not sell or share personal information as defined by CCPA/CPRA.

D. End-Users of Our Customers

If your data is stored in ClarityDesk by a company you work for or interact with, please contact that company directly. We cannot modify or delete User Content without the Data Controller's authorization.

9. Cookies and Tracking Technologies

We use "cookies" (small text files stored on your device) solely for essential purposes required to operate the Service.

A. Strictly Necessary Cookies Only

Currently, we only use cookies that are strictly necessary for the functioning of the ClarityDesk platform. These include:

  • Authentication Tokens: To keep you logged in as you navigate between pages.
  • Security Cookies: To prevent Cross-Site Request Forgery (CSRF) and other attacks.
  • Session Preferences: To remember your immediate interface settings during a session.

B. No Non-Essential Tracking

We do not currently use third-party advertising or analytics cookies. We do not track your browsing activity across other websites.

C. Managing Cookies

You can instruct your browser to refuse all cookies. However, if you disable cookies, you will not be able to log in or use the core features of the Service.

10. Children's Privacy

The Service is not intended for children under 13 (or the applicable age in your region). We do not knowingly collect information from children. If we learn that we have unintentionally collected such data, we will delete it promptly.

11. Changes to This Policy

We may update this Privacy Policy periodically. If changes are material, we will notify you by email or by posting a notice within the Service. The "Last Updated" date indicates the most recent revision.

12. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact our Privacy Officer:

ClarityDesk Inc.

Attn: Privacy Officer

Email: privacy@claritydesk.io

Website: https://claritydesk.io

← Back to Home