Clevik — Privacy Policy

Last updated: March 2026

This Privacy Policy describes how Clevik, Inc. ("Clevik," "we," "us," or "our") collects, uses, shares, and protects information in connection with the Clevik platform and related services (the "Service"). This policy applies to all users of the Service, including account administrators and authorized users.

By using the Service, you acknowledge that you have read and understood this Privacy Policy.

1. Information We Collect

1.1. Account Information

When you register for the Service, we collect:

  • Full name
  • Email address
  • Company name and details
  • Job title or role
  • Phone number (optional)
  • Billing and payment information (processed by Stripe; we do not store full payment card numbers)

1.2. Customer Business Data

When you connect your business systems to Clevik, we sync and store data from your connected sources, which may include:

  • Data from ERP, CRM, and other business applications
  • Database contents synced via our on-premise sync agent or direct connections
  • Documents uploaded to the knowledge base (processed into text chunks and vector embeddings)

The specific data synced depends on the connections you configure and the permissions you grant. Customer Business Data may contain personal data about your employees, customers, vendors, or other individuals within your business systems.

1.3. Usage Data

We automatically collect information about how you interact with the Service, including:

  • Queries submitted to the AI
  • Features used and frequency of use
  • Credit consumption and usage patterns
  • Device type, browser type, and operating system
  • IP address and approximate location (derived from IP)
  • Session duration and timestamps
  • Error logs and performance data

1.4. Cookies and Similar Technologies

We use cookies, local storage, and similar technologies to:

  • Maintain your authenticated session
  • Remember your preferences and settings
  • Analyze usage patterns and improve the Service
  • Support our Microsoft Teams integration

You can manage cookie preferences through your browser settings. Disabling certain cookies may affect Service functionality.

2. How We Use Your Information

We use the information we collect for the following purposes:

2.1. Providing the Service

  • Authenticating your identity and managing your account
  • Syncing, storing, and processing your Customer Business Data
  • Processing AI queries and generating outputs (answers, charts, reports)
  • Delivering the Service via web application, Microsoft Teams, and other supported channels
  • Sending transactional communications (account confirmations, billing receipts, security alerts)

2.2. Billing and Account Management

  • Processing subscription fees and overage charges via Stripe
  • Tracking credit usage
  • Managing your subscription plan

2.3. Improving the Service

  • Analyzing aggregated, de-identified usage patterns to improve features and performance
  • Identifying and resolving bugs, errors, and performance issues
  • Developing new features based on usage trends

Important: We do not use your Customer Business Data to train AI models. When your data is sent to third-party AI providers for query processing, it is used solely to generate your requested output and is not retained by those providers for training purposes.

2.4. Customer Support

  • Responding to your inquiries and support requests
  • Troubleshooting technical issues
  • Providing onboarding assistance

2.5. Legal and Compliance

  • Complying with applicable laws and regulations
  • Enforcing our Terms of Service
  • Protecting the rights, safety, and security of Clevik, our customers, and the public

3. How We Share Your Information

We do not sell your personal information or Customer Business Data. We share information only as described below:

3.1. Third-Party Service Providers (Sub-Processors)

We use the following third-party service providers to operate the Service:

ProviderPurposeData ProcessedLocation
Microsoft AzureCloud hosting and infrastructureAll Service dataEast US 2 region
ClickHouse CloudAnalytics databaseCustomer Business Data (synced data)Cloud-hosted
SupabaseApplication database (PostgreSQL)Account data, application dataCloud-hosted
StripePayment processingBilling and payment informationUnited States
OpenAI (via Azure AI Foundry)AI model processingQuery context and relevant Customer Data excerptsProcessed via Azure
Anthropic (via Azure AI Foundry)AI model processingQuery context and relevant Customer Data excerptsProcessed via Azure

AI Provider Data Handling: When you submit queries, relevant portions of your data are sent to OpenAI and/or Anthropic through Azure AI Foundry for processing. These providers process the data solely to generate your response. Per our agreements with these providers, your data is not used for model training and is not retained beyond the processing window.

3.2. Legal Requirements

We may disclose information if required by law, subpoena, court order, or government request, or if we believe disclosure is necessary to protect our rights, your safety, or the safety of others.

3.3. Business Transfers

In the event of a merger, acquisition, bankruptcy, or sale of assets, your information may be transferred as part of the transaction. We will notify you of any such transfer and any choices you may have regarding your information.

3.4. With Your Consent

We may share information with third parties when you explicitly direct us to do so.

4. Data Retention

4.1. Active Accounts. We retain your account information and Customer Business Data for as long as your account is active and as necessary to provide the Service.

4.2. Terminated Accounts. Upon account termination, your Customer Data will be available for export for thirty (30) days. After the export period, we will delete your Customer Business Data and personal information within ninety (90) days of termination, except as required by law or legitimate business purposes (e.g., billing records, dispute resolution).

4.3. Usage Data. Aggregated, de-identified usage data may be retained indefinitely for analytics and product improvement purposes.

4.4. Backups. Copies of your data may persist in encrypted backups for a limited period following deletion. Backup data is overwritten through our normal backup rotation cycle.

5. Data Security

We implement and maintain commercially reasonable technical and organizational measures to protect your information:

5.1. Encryption. All data is encrypted in transit (TLS 1.2+) and at rest (AES-256 or equivalent).

5.2. Tenant Isolation. Customer data is logically isolated in our multi-tenant architecture. No customer can access another customer's data. There is no cross-tenant data sharing.

5.3. Access Controls. Access to customer data by Clevik personnel is restricted to authorized employees who require access for support or operational purposes, and is subject to logging and review.

5.4. Infrastructure Security. Our infrastructure is hosted on Microsoft Azure (East US 2 region) and ClickHouse Cloud, which maintain their own security certifications and compliance programs.

5.5. On-Premise Sync Agent. The sync agent installed on your network communicates with Clevik's cloud services over encrypted connections. The sync agent does not store data locally beyond what is necessary for active synchronization.

5.6. SOC 2 Compliance. Clevik is pursuing SOC 2 Type II certification. We will update this policy and notify customers upon achieving certification.

5.7. Incident Response. We maintain an incident response plan and will notify affected customers of confirmed data breaches in accordance with our Data Processing Agreement and applicable law.

6. Your Rights and Choices

Depending on your jurisdiction, you may have the following rights regarding your personal information:

6.1. Access

You may request a copy of the personal information we hold about you.

6.2. Correction

You may request that we correct inaccurate or incomplete personal information.

6.3. Deletion

You may request that we delete your personal information. Note that we may retain certain information as required by law or for legitimate business purposes.

6.4. Data Export

You may export your Customer Business Data at any time through the Service's built-in export functionality. You may also request a copy of your personal information in a portable format.

6.5. Opt-Out of Non-Essential Communications

You may opt out of marketing or promotional communications at any time by using the unsubscribe link in such communications or by contacting us at support@clevik.com. Transactional communications related to your account and the Service are not subject to opt-out.

6.6. Exercising Your Rights

To exercise any of these rights, contact us at support@clevik.com. We will respond to verified requests within thirty (30) days, or within the timeframe required by applicable law.

7. California Residents (CCPA)

If you are a California resident, the California Consumer Privacy Act (CCPA) provides you with additional rights:

7.1. Right to Know. You have the right to request information about the categories and specific pieces of personal information we have collected, the sources of collection, the business purpose, and the categories of third parties with whom we share it.

7.2. Right to Delete. You have the right to request deletion of your personal information, subject to certain exceptions.

7.3. Right to Opt-Out of Sale. We do not sell personal information. If this changes, we will update this policy and provide an opt-out mechanism.

7.4. Non-Discrimination. We will not discriminate against you for exercising your CCPA rights.

7.5. Submitting Requests. California residents may submit requests by emailing support@clevik.com. We will verify your identity before fulfilling your request.

8. European Economic Area, UK, and Swiss Residents (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, the following applies:

8.1. Legal Basis for Processing. We process personal data under the following legal bases:

  • Contract performance: Processing necessary to provide the Service you requested.
  • Legitimate interests: Improving the Service, ensuring security, and fraud prevention.
  • Legal obligation: Complying with applicable laws.
  • Consent: Where specifically obtained (e.g., optional marketing communications).

8.2. Additional Rights. In addition to the rights in Section 6, you may have the right to:

  • Restrict processing of your personal data
  • Object to processing based on legitimate interests
  • Lodge a complaint with your local data protection authority

8.3. International Transfers. Your data is transferred to and processed in the United States. We rely on Standard Contractual Clauses (SCCs) and other appropriate safeguards for international data transfers. See our Data Processing Agreement for details.

8.4. Data Processing Agreement. If you are a controller of personal data processed through the Service, our Data Processing Agreement (available at clevik.com/legal/dpa) governs our processing of that data on your behalf.

9. Children's Privacy

The Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children under 18. If we learn that we have collected personal information from a child under 18, we will take steps to delete that information promptly. If you believe a child under 18 has provided us with personal information, please contact us at support@clevik.com.

10. Third-Party Links and Integrations

The Service may contain links to third-party websites or integrate with third-party services (e.g., Microsoft Teams, your ERP/CRM systems). This Privacy Policy does not apply to third-party services. We encourage you to review the privacy policies of any third-party services you use in connection with Clevik.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. For material changes, we will provide at least thirty (30) days' advance notice via email or through the Service. Your continued use of the Service after the effective date of any update constitutes acceptance of the revised Privacy Policy.

12. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us at:

Clevik, Inc. Austin, Texas, USA Email: support@clevik.com Website: clevik.com

For data protection inquiries from the EEA, UK, or Switzerland, you may also contact us at the address above with the subject line "Data Protection Inquiry."