← Back

Privacy policy

Last updated: May 2026

Overview

Claron (“we”, “our”, or “us”) is committed to protecting your privacy. This policy describes how we collect, use, store, and disclose information when you use our services, including our website and platform.

Information we collect

We collect the following categories of information:

  • Account information you provide directly: name, email address, company name, job title, and account credentials.
  • Business data you connect through integrations (CRM records, billing data, product analytics). This data is stored in your dedicated, isolated data environment and is never shared with other customers.
  • Usage data generated when you use the Service: page views, feature usage, session information, and device/browser metadata.
  • Authentication data processed through our identity provider for single sign-on and login.
  • Payment information processed through Stripe. We do not store credit card numbers directly.
  • Communications when you contact us, including emails and support requests.

How we use your information

  • To provide, maintain, and improve the Claron platform and services.
  • To process your business data through secure pipelines and transformations for metrics, dashboards, and insights.
  • To power AI-assisted features using OpenAI. Query metadata (not raw customer data) may be sent to OpenAI for processing.
  • To communicate with you about your account, service updates, and support.
  • To analyze usage patterns and improve the product experience.
  • To comply with legal obligations and enforce our terms.

We do not sell your personal information or your business data.

Data processing and storage

Your business data is processed and stored using Google Cloud Platform, including BigQuery for data warehousing and Cloud Run for application hosting. Data is stored in the EU (europe-north1 region) unless otherwise specified.

Data integrations are managed through Airbyte, which syncs data from your connected source systems (HubSpot, Stripe, PostHog, NetSuite, etc.) into your isolated BigQuery dataset. Each customer's data is logically separated and never co-mingled with other customers' data.

Third-party services

We use the following third-party services to operate Claron:

  • Google Cloud Platform — infrastructure, data storage, BigQuery
  • Airbyte, data pipeline orchestration
  • Stripe, payment processing
  • OpenAI, AI-assisted features
  • PostHog, product analytics

Each of these providers maintains their own privacy policies and data processing agreements.

Cookies and tracking

We use essential cookies for authentication and session management. We use PostHog for product analytics, which may set cookies to track usage patterns within the application. We do not use third-party advertising cookies or trackers.

Data retention

We retain your account information for as long as your account is active or as needed to provide services. Business data connected through integrations is retained in your BigQuery dataset for the duration of your subscription. Upon account termination, we will delete your data within 90 days unless retention is required by law.

Data security

We implement technical and organizational measures to protect your data, including:

  • Encryption in transit (TLS) and at rest (Google-managed encryption keys)
  • Database credential encryption using Fernet symmetric encryption
  • Read-only database access with comprehensive SQL validation to prevent injection
  • Multi-tenant isolation with per-company data separation
  • JWT-based authentication with HTTP-only cookies
  • Role-based access control within the platform

Your rights (GDPR)

If you are located in the European Economic Area, you have the following rights under the General Data Protection Regulation:

  • Access your personal data we hold about you
  • Rectification of inaccurate or incomplete personal data
  • Erasure of your personal data (“right to be forgotten”)
  • Restriction of processing in certain circumstances
  • Data portability to receive your data in a structured, machine-readable format
  • Object to processing based on legitimate interests

To exercise any of these rights, please contact us at the address below.

Changes to this policy

We may update this privacy policy from time to time. We will notify you of material changes by posting the updated policy on our website with a revised “last updated” date. Continued use of our services after changes constitutes acceptance of the updated policy.

Contact

If you have questions about this privacy policy or our data practices, please reach out via the form at /start.