Clerica
Sign Up
Legal

Privacy Policy

Last updated: 2026-05-07

Read This First

Clerica exists to make policy changes easier to understand. We do not want to be hypocritical about our own policies, so this document explains not just what we collect and why, but also why we include legal protections to run a secure, reliable Service.

1. Scope and Role

This Privacy Policy explains how Clerica collects, uses, shares, stores, and protects personal information when you use the Service.

Plain-English Summary

This is the full map of how your data moves through our product.

2. Information We Collect

We collect information in the following categories:

  • Account and identity data (such as email, authentication identifiers, account metadata).
  • Subscription and billing data (such as plan, billing status, processor customer IDs).
  • Service configuration data (such as tracked services, policy monitoring preferences, alerts and digest settings).
  • Usage, diagnostics, and security data (such as logs, device/browser signals, request metadata).
  • Communication data (such as support messages and operational email events).

Plain-English Summary

We collect what we need to run accounts, billing, monitoring, and support, not unrelated personal profiling data.

3. Sources of Information

We collect data directly from you, from your use of the Service, and from service providers that help us operate (for example authentication, billing, email delivery, and infrastructure providers).

Plain-English Summary

Some data comes from what you type, and some from systems that help us run the platform.

4. How We Use Information

We use information to:

  • Provide and maintain the Service.
  • Authenticate users and secure accounts.
  • Monitor selected policies and deliver alerts/digests.
  • Generate, validate, and improve policy change summaries using automated and human-assisted review workflows.
  • Process subscriptions and enforce plan limits.
  • Improve performance, reliability, and product quality.
  • Detect abuse, fraud, and security incidents.
  • Meet legal and compliance obligations.

Plain-English Summary

We use data to operate, secure, and improve Clerica, plus handle legal obligations.

5. Legal Bases and Regional Rights Framework

Where required by applicable law, we rely on recognized legal bases such as performance of contract, legitimate interests, legal obligations, and consent where appropriate.

Plain-English Summary

Different regions have different privacy laws. This section ensures we process data under lawful grounds.

6. Automated and Human-Assisted Review

We may process policy-related content and service data through a mix of review methods, including AI-assisted systems, internal human reviewers, and qualified external professional reviewers (such as legal service providers) engaged under confidentiality and data protection obligations.

Where needed for quality, safety, legal compliance, or accuracy, we may route work between automated and human review paths. Human review may include quality assurance, correction of inaccurate summaries, handling edge cases, and preparation of clearer user-facing explanations.

Plain-English Summary

We are not AI-only. Sometimes software is enough, and sometimes humans (including legal professionals) are the right tool for quality and accountability.

7. Cookies, Local Storage, and Similar Technologies

We use cookies, local storage, and similar mechanisms for authentication, session continuity, user preferences, security controls, and basic analytics/diagnostics.

Plain-English Summary

These technologies keep you logged in, remember settings, and help us keep the app secure and stable.

8. Sharing and Disclosure

We may share personal information with:

  • Payment processors (such as Stripe) for billing operations.
  • Authentication and identity providers (such as Firebase/Google) for account security.
  • Email providers (such as AWS SES) for service communications.
  • Infrastructure and technical vendors required to operate and secure the Service.
  • Qualified professional service providers (including legal reviewers/law firms) when needed to review, validate, or improve policy analysis output, subject to contractual confidentiality and data protection terms.
  • Authorities or counterparties where disclosure is legally required.

We do not sell personal information.

Plain-English Summary

We share data only with partners needed to operate and improve the Service, including professional reviewers when necessary, and when law requires it. We do not sell your data.

9. International Data Transfers

Data may be processed in jurisdictions where our providers operate. Where legally required, we implement transfer safeguards.

Plain-English Summary

Your data might cross borders because cloud systems are global, so we use legal safeguards where needed.

10. Data Retention

We retain data for as long as needed to provide the Service, comply with legal obligations, resolve disputes, and enforce agreements. Retention periods can vary by data category and legal requirements.

Plain-English Summary

We keep data as long as operationally and legally necessary, then delete or de-identify when no longer required.

11. Security Measures

We use technical and organizational safeguards designed to protect data, including access controls, encrypted transport, monitoring, and incident response processes.

Plain-English Summary

Security is a core operational requirement, not an afterthought.

12. Your Privacy Rights

Depending on your location, you may have rights to access, correct, delete, restrict, object to, or port your personal information, and to withdraw consent where consent is the basis of processing.

To submit a request, contact privacy@clerica.io.

Plain-English Summary

You can ask what we have, ask us to fix/delete data when applicable, and contact us directly to exercise rights.

13. California Privacy Notice

For California residents, we provide rights and disclosures as required under applicable California privacy law, including rights to know, delete, correct, and non-discrimination for exercising privacy rights, subject to legal exceptions.

Plain-English Summary

If you are in California, you get specific statutory protections and request rights.

14. Children's Privacy

The Service is not directed to children under 13, and we do not knowingly collect personal information from children under 13.

Plain-English Summary

This product is built for general users and businesses, not children.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Non-material updates may take effect upon posting. Material changes will be communicated with advance notice through reasonable channels (for example, email or in-product notice).

Plain-English Summary

If we make major privacy changes, we will notify you before they take effect.

16. Contact

Questions or privacy requests can be sent to privacy@clerica.io.

Plain-English Summary

If anything feels unclear or concerning, contact us directly and we will address it.