This Privacy Policy describes how [Company Name] ([Company Number]), a company registered in the State of Israel ("Klairr," "we," "us," or "our") collects, uses, stores, and protects your information when you use our AI-powered business intelligence platform ("Service"). It applies to all users of the Service, including administrators, power users, analysts, and members.
By creating an account or using the Service, you acknowledge that you have read and understood this Privacy Policy. Voluntary Provision of Information: You acknowledge that providing your personal information to us is entirely voluntary. However, certain information is necessary to create an account and use the Service.
1. Information We Collect
1.1 Account Information
When you create an account, we collect your name, email address (used for authentication, notifications, and account recovery), password (stored only as a bcrypt hash — we never store or have access to your plaintext password), organization name, and your assigned role within the platform.
1.2 Question & Answer Data
Each time a user asks a question, we collect and store the question text, the AI-generated answer, the generated SQL/JQL queries, and conversation context for follow-up questions.
1.3 Result Samples
For each question, we store up to twenty (20) rows of query results. These result samples are displayed within the answer card so users can verify the data behind the answer.
Important: These result samples contain your actual business data — the rows returned by the query executed against your data source. The specific content depends on what tables and columns your question references. This may include revenue figures, customer names, transaction details, user behavior data, or any other information present in the queried tables.
1.4 Usage Metadata
For each question, we record timestamps, query latency, bytes scanned, row counts, confidence levels, data source used, and connector selection mode.
1.5 Feedback Data
Users may provide Helpful/Not Helpful ratings and optional comments on answers. When feedback is used to improve answer quality, we disassociate it from your user identity.
1.6 AI Memory
Administrators configure entity aliases, metric definitions, data hints, and response directives that the AI uses when generating queries and answers.
1.7 Analytics Data
If analytics features are enabled for your organization (with appropriate consent), we collect page views, feature usage, and session data. Once an analytics provider is selected, it will be listed in the sub-processor tables in our Terms of Service and Data Processing Agreement.
2. Information We Do NOT Collect
- We Do Not Replicate Your Database. We store only the limited result samples described in Section 1.3 (up to 20 rows per question). Your full datasets remain in your own infrastructure.
- Data Source Credentials Are Protected. Credentials are encrypted at rest, never logged, never displayed after initial configuration, and never accessible in plaintext.
- We Do Not Collect Payment Card Data. Payment processing is handled entirely by Stripe, a PCI DSS-compliant processor.
3. How We Use Your Information
- AI Query Processing: Question text, conversation history, AI Memory content, and schema metadata are sent to the Anthropic Claude API. Anthropic does not use API data for model training. No query result data is sent to Anthropic.
- Query Execution: Generated queries are executed against your connected data sources to ground answers in real data.
- Platform Operation: Usage metadata and analytics data (where enabled) are used to monitor performance, resolve errors, develop features, and generate aggregate statistics.
- Billing: Question counts and bytes scanned are used to calculate subscription charges.
- Support: We may access your account information and question history to resolve support requests.
- Security: Account and usage data is used to detect unauthorized access, enforce rate limits, and prevent abuse.
4. GDPR Legal Basis for Processing
If you are located in the EEA, UK, or Switzerland, we process your personal data based on the following legal grounds under GDPR Article 6(1):
| Data Category | Legal Basis | Explanation |
|---|---|---|
| Account information | Contract performance (Art. 6(1)(b)) | Necessary to create and maintain your account |
| Question & answer data | Contract performance (Art. 6(1)(b)) | Core functionality of the Service |
| Result samples | Contract performance (Art. 6(1)(b)) | Displayed within answer cards |
| Usage metadata | Contract performance (Art. 6(1)(b)) | Required for billing and service delivery |
| AI Memory content | Contract performance (Art. 6(1)(b)) | Configured by Customer to customize AI |
| Analytics data | Consent (Art. 6(1)(a)) | Collected only with explicit consent |
| Feedback data | Legitimate interest (Art. 6(1)(f)) | Used to improve answer quality |
| Security logs | Legitimate interest (Art. 6(1)(f)) | Detect unauthorized access, prevent fraud |
| Data sent to Anthropic API | Contract performance (Art. 6(1)(b)) | Necessary for AI-powered answers |
Where we rely on legitimate interest, we have conducted a balancing test. You may object to processing based on legitimate interest at any time by contacting us.
5. AI Model Processing
5.1 What Data Is Sent to Anthropic
Question text, conversation context, AI Memory content, and schema metadata (table names, column names, column types, sample enum values).
5.2 What Data Is NOT Sent to Anthropic
Query result data (your actual business data rows), data source credentials, user passwords, payment information, and full database contents.
5.3 Anthropic's Data Handling
As of the date of this Privacy Policy (last verified April 2026), Anthropic's commercial API terms provide that Anthropic does not use API inputs or outputs for training its AI models. API inputs and outputs may be retained by Anthropic for a limited period for safety monitoring and abuse prevention, after which they are deleted. For the most current information on Anthropic's data handling, please refer to Anthropic's published API terms. We rely on these commitments when processing your data through Anthropic's API. If Anthropic materially changes these policies, we will notify you within thirty (30) days. Anthropic's data policies differ between their consumer products and their commercial API — Klairr uses the commercial API, which has stricter data handling policies.
5.4 Data Transfer to Anthropic
Anthropic's API infrastructure is located in the United States. This transfer is governed by Standard Contractual Clauses (SCCs) and other appropriate safeguards. See Section 16 for details.
6. Data Storage & Security
- Infrastructure: AWS EU (Frankfurt, eu-central-1). Question text is processed by Anthropic's API in the United States.
- Database: MongoDB Atlas within the EU region, with encryption at rest.
- Cache: Redis for ephemeral data with automatic expiration.
- Authentication: Bcrypt password hashing, JWT with token rotation, role-based access control.
- Encryption: TLS in transit, industry-standard encryption at rest for database storage and credentials.
- Application Security: DML statements blocked at the application layer. Automatic LIMIT injection and byte-scan budgets. We strongly recommend Customers provide read-only database credentials as defense-in-depth.
7. Data Sharing
- Anthropic: Question text, conversation context, AI Memory, and schema metadata. No query result data.
- AWS: Cloud infrastructure hosting in EU (Frankfurt).
- MongoDB Atlas: Database hosting in EU region.
- Stripe: Payment processing — we do not transmit payment card data.
We do not sell, rent, or make available your personal information to third parties for their commercial purposes. We do not share personal information for cross-context behavioral advertising.
8. Cookies & Local Storage
8.1 Essential Cookies
Authentication tokens and CSRF tokens are required for the Service to function and cannot be disabled.
8.2 Preference Storage
UI preferences (theme, dismissed banners) are stored in browser local storage and are not transmitted to our servers.
8.3 Analytics Cookies
Analytics cookies are only set with your explicit consent and are blocked by default. You may opt out at any time through your account settings or the cookie consent banner without affecting core functionality.
8.4 No Advertising Cookies
We do not use advertising cookies, tracking pixels, or any third-party advertising technology.
9. Your Rights
Depending on your jurisdiction, you may have the following rights:
- Access: Request a copy of the personal data we hold about you.
- Rectification: Request correction of inaccurate or incomplete data.
- Erasure: Request deletion of your personal data, subject to legal retention obligations.
- Data Portability: Request your data in a structured, commonly used, machine-readable format (JSON, CSV). The Service provides built-in export functionality.
- Restriction: Request restriction of processing under certain circumstances.
- Object: Object to processing based on legitimate interests.
- Opt Out of Analytics: Opt out at any time through account settings.
- Withdraw Consent: Where we process data based on consent, you may withdraw at any time.
- Lodge a Complaint: Lodge a complaint with a supervisory authority in your jurisdiction.
To exercise any of these rights, contact us at [support email]. We will respond within one (1) month. If the request is complex, we may extend this period by an additional two (2) months, in which case we will inform you of the reason for the extension. We may verify your identity before processing your request.
Data Subject Access Request (DSAR) Procedure: Upon receiving a valid DSAR, our designated data protection contact will verify the requester's identity, compile the requested data from our systems, and respond within the applicable legal timeframe. For complex requests involving multiple data sources, we will provide updates throughout the process.
10. CCPA Disclosures (California Residents)
If you are a California resident, the CCPA/CPRA provides you with specific rights:
- We collect identifiers, commercial information, internet activity, professional information, inferences, and other categories as described in Section 1.
- We do not sell your personal information. We do not share it for cross-context behavioral advertising.
- You have the right to know, delete, correct, and opt out. We will not discriminate against you for exercising your CCPA rights.
- We retain personal information as described in Section 12 (Data Retention).
11. LGPD Disclosures (Brazilian Residents)
If you are located in Brazil, the LGPD provides you with specific rights including confirmation, access, correction, anonymization, portability, deletion, information about sharing, and withdrawal of consent. We process your data under contract performance, legitimate interest, and consent as applicable. International transfers comply with Chapter V of the LGPD. To exercise rights, contact us at [support email]. We will respond within fifteen (15) days.
12. Data Retention
- Account Data: Retained while active. Upon termination, retained for 30 days for data export, then permanently deleted.
- Question & Answer History: Retained while active. Users may delete individual conversations at any time. Deleted conversations are removed within 30 days.
- Audit Logs: Retained for twelve (12) months from the logged event. Audit logs may be retained beyond account deletion under our legitimate interest in compliance and fraud prevention (GDPR Art. 6(1)(f)).
- Backups: 30-day rolling retention, subject to the same security controls as active data.
- Anonymized Data: We may retain anonymized, aggregated data that cannot identify you or your organization indefinitely for statistical analysis.
13. Security and Breach Notification
We implement appropriate technical and organizational security measures. In the event of a confirmed breach, we will notify you within seventy-two (72) hours, consistent with GDPR Article 33. We will provide details about the nature of the breach, the categories and approximate number of records affected, likely consequences, and remedial measures. Where required by law, we will also notify the relevant supervisory authority.
14. EU AI Act Transparency
14.1 AI System Description
The Service uses Anthropic's Claude large language models for natural language understanding, query generation (SQL/JQL), answer synthesis, and confidence assessment.
14.2 Human Oversight
The Service provides transparency mechanisms: SQL/JQL query display, raw result rows, confidence scoring, SQL Live Edit, and a full GRC audit trail.
14.3 Limitations and Risks
The AI may generate incorrect queries, misinterpret terminology, or produce plausible-sounding but factually incorrect answers. Confidence scores are estimates, not guarantees.
14.4 Risk Classification
As a general-purpose business intelligence tool used for internal data analysis and decision support, the Service is not inherently classified as high-risk under Annex III of the EU AI Act. However, certain Customer use cases may trigger high-risk classification — for example, if the Service is used to evaluate employee performance, creditworthiness, or access to essential services. The Customer is responsible for determining whether their specific use of the Service requires compliance with high-risk AI system requirements under the EU AI Act and for implementing any additional safeguards accordingly.
15. No Automated Decision-Making
Klairr does not engage in decision-making based solely on automated processing, including profiling, which produces legal effects or similarly significantly affects you (GDPR Article 22). The Service provides AI-generated answers as decision-support information for human review.
16. International Data Transfers
Application data is processed in the EU (Frankfurt). Question text and context are transferred to Anthropic in the United States, governed by Standard Contractual Clauses (SCCs).
| Sub-Processor | Location | Transfer Mechanism |
|---|---|---|
| Anthropic | United States | Standard Contractual Clauses |
| AWS | EU (Frankfurt) | N/A (data remains in EU) |
| MongoDB Atlas | EU | N/A (data remains in EU) |
| Stripe | United States / EU | Standard Contractual Clauses |
For transfers to the United Kingdom, we rely on the UK Addendum to the EU Standard Contractual Clauses (International Data Transfer Addendum) or the UK International Data Transfer Agreement (IDTA), as applicable. See our Data Processing Agreement for full details on UK-specific transfer mechanisms.
17. "Do Not Track" Signals
The Service does not currently alter its practices in response to DNT signals. We do not track users across third-party websites. If analytics is disabled, no tracking cookies are set.
18. Cookie Policy
| Cookie / Storage | Purpose | Duration | Type |
|---|---|---|---|
| Authentication token | Logged-in session | Session / refresh | Essential |
| CSRF token | Cross-site request forgery protection | Session | Essential |
| Preferences | Theme, dismissed banners | Persistent | Functional |
| Analytics (if consented) | Page views, feature usage | Session | Consent-based |
No third-party advertising cookies are used. You can manage cookies through your browser settings or the cookie consent banner.
19. Children
The Service is designed for business use and is not directed at children. We do not knowingly collect personal information from anyone under the age of thirteen (13) in the United States (per COPPA) or under sixteen (16) in the EEA (per GDPR Article 8). If we become aware that we have collected personal information from a person under the applicable age threshold, we will take prompt steps to delete it. In jurisdictions where a different age threshold applies, we comply with the applicable local age requirement.
20. Merger, Acquisition, or Transfer of Ownership
In the event of a merger, acquisition, or other change of control, your personal data may be transferred to the successor entity. We will notify you at least thirty (30) days before any transfer. You will have the opportunity to terminate your account and request deletion before the transfer takes effect.
21. Complaints and Dispute Resolution
If you have concerns about how your personal data is handled, you may contact our Data Protection Contact at [support email]. We will investigate and respond within fourteen (14) days. You may also escalate to the Israeli Privacy Protection Authority, your local data protection supervisory authority (for GDPR matters), or the Brazilian National Data Protection Authority (ANPD) for LGPD matters.
22. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. For material changes, we will provide at least thirty (30) days' prior notice via email. Your continued use after the effective date constitutes acceptance.
23. Contact
Data Controller: [Company Name] ([Company Number])
Email: [support email]
Mailing Address: [Registered Address]
Data Protection Contact: [support email]
End of Privacy Policy