Legal

Privacy Policy

Effective date: April 30, 2026

This Privacy Policy explains how CLOE collects, uses, discloses, and protects personal information when you visit our website, create an account, or use the CLOE web application and APIs.

1. Roles

CLOE is a controller for account, billing, and marketing data, and a processor for Customer Content submitted by your organization.

2. Information we collect

Account info (name, email, organization), Customer Content (prompts, contracts, library items), usage and device data, cookies for authentication, billing metadata, and support communications.

3. How we use information

To provide and secure the Service, authenticate users, route prompts to upstream model providers under zero-retention terms, generate audit logs, process billing, and respond to support requests. We do not sell personal information and do not use Customer Content to train AI models.

4. Sharing

Within your organization, with subprocessors (cloud hosting, AI providers under zero-retention, email delivery), as required by law, and in corporate transactions.

5. International transfers

CLOE operates from the United States. Where required, we use Standard Contractual Clauses and the UK IDTA.

6. Security

TLS 1.2+ in transit, AES-256 at rest, row-level security, audit logging, least-privilege production access.

7. Retention

We retain Customer Content while your account is active plus a reasonable period after. Owners can configure retention windows and delete data; we honor verified deletion requests within 24 hours.

8. Your rights

You may request access, correction, deletion, portability, or restriction of your personal information. Contact privacy@crushcloe.com.

9. Children's privacy

The Service is intended for users 18 and older.

10. Changes

We may update this Policy. Material changes will be notified before they take effect.

11. Contact

Email privacy@crushcloe.com with questions or requests.