Privacy practices
ClarityLoop is committed to protecting your data and respecting your privacy. This page outlines how we handle customer data, our approach to compliance, and the controls we offer to help you manage your information responsibly.
How we handle your dataβ
We design and build ClarityLoop with privacy and data protection in mind. While we are a small team today, we apply the same principles and care used by larger organizations:
- All data access is gated and monitored.
- Vendors are reviewed for security and privacy posture before integration.
- We continue to refine our internal privacy practices as we grow.
What is Customer Data?β
Customer Data refers to any content that you, your team, or your workspace submit to ClarityLoop. This includes:
- Feedback and associated formats (e.g., SSC, STAR)
- 1:1 notes and action items
- OKRs and individual progress data
- Contextual links and supporting metadata
Customer Data does not include analytics data or account metadata (described below).
For more details, please refer to our Data Processing Addendum.
What is Account Information?β
Account Information is the personal information used to create and administer your account, including:
- Name, email address, and workspace metadata
- Role or permission level
- Login method (e.g., SSO provider or email/password)
- Support conversations and usage analytics
These details are governed by our Privacy Policy.
Who owns and controls Customer Data?β
You do.
You control all content uploaded to ClarityLoop and how itβs shared or managed within your workspace. Workspace owners can:
- Manage access through roles and permissions
- Remove users or deactivate access
- Request full deletion of workspace content by contacting security@clarityloop.com
How does ClarityLoop use Account Information?β
We use Account Information to:
- Set up and secure your account
- Provide personalized experiences in the product
- Monitor service performance and improve usability
- Communicate product changes or updates (you can opt out of most non-essential messages)
For complete details, see our Privacy Policy.
GDPR & Global Complianceβ
We align our privacy program with GDPR principles and other major frameworks like CCPA. We provide:
- Data Processing Addendum (DPA): Available for all customers here
- Standard Contractual Clauses (SCCs): Included in our DPA for cross-border data transfers
- Data rights: Contact us anytime to access, correct, or delete your data
We act as a data processor for all Customer Data you store in ClarityLoop. You remain in control of whatβs uploaded and shared.
Subprocessorsβ
ClarityLoop relies on carefully vetted subprocessors (e.g., Google Cloud, GitHub) to deliver secure, scalable infrastructure. We publish and maintain a list here.
Data governanceβ
We follow strong data governance practices throughout the data lifecycle:
- Data is encrypted in transit and at rest
- Backups are taken automatically via GCP and monitored
- Access controls follow least privilege principles
- All data deletion requests are honored promptly
For more technical details, see our Security Practices page.
Privacy by designβ
We incorporate privacy and data protection into every new feature:
- Feedback metadata and OKR visibility respect role-based access
- Contextual AI features do not store prompts externally
- Admins can configure access and permissions across their org
Data portabilityβ
- You can export your own feedback, OKRs, and other workspace content upon request.
- Full account or workspace deletion is available by emailing security@clarityloop.com.
Data access & deletionβ
- Customer Data is never accessed except for legitimate support needs and only by authorized personnel.
- We do not retain data beyond its intended purpose. Some retention may apply for security or compliance logging.
- Deletion requests are honored promptly via email.
Questions or concerns?β
Feel free to reach out to our team at:
ClarityLoop
security@clarityloop.com