Information We Collect
We collect information you provide directly to us, such as when you create an account, use our services,
or contact us for support. This may include:
- Account information (name, email address, phone number)
- Payment information (processed securely through our payment partners)
- Transaction data and payment history
- Communications with our support team
- Technical information about your use of our services
How We Use Your Information
We use the information we collect to:
- Provide, maintain, and improve our payment services
- Process transactions and send related information
- Detect and prevent fraud and security threats
- Comply with legal obligations and regulatory requirements
- Communicate with you about our services
- Analyze usage patterns to enhance user experience
Information Sharing
We do not sell, trade, or otherwise transfer your personal information to third parties except as
described below:
- With payment processors and financial institutions to complete transactions
- With service providers who assist in our operations
- When required by law or to protect our rights
- In connection with a merger, acquisition, or sale of assets
Data Security
We implement appropriate technical and organizational measures to protect your personal information
against unauthorized access, alteration, disclosure, or destruction. This includes:
- Encryption of data in transit and at rest
- Regular security assessments and audits
- Access controls and authentication measures
- Compliance with industry security standards (e.g., PCI-DSS for payments)
EU Data Protection Policy (GDPR Compliance)
Clauda complies with the EU General Data Protection Regulation (GDPR) when processing personal data of EU/EEA residents.
1. Lawful Bases for Processing
We process data only under these GDPR-approved conditions:
- Consent: Explicit, opt-in consent (e.g., for marketing emails)
- Contractual necessity: To fulfill user agreements
- Legal obligation: To comply with EU laws
- Legitimate interests: Balanced against user rights
2. Enhanced Data Subject Rights
EU users have additional rights under GDPR:
- Access/Portability: Obtain your data in machine-readable format
- Rectification: Correct inaccurate data
- Erasure: Request deletion ("Right to Be Forgotten")
- Restriction: Limit processing during disputes
- Objection: Opt-out of profiling or direct marketing
3. International Data Transfers
For transfers outside the EU/EEA, we use:
- EU-approved Standard Contractual Clauses (SCCs)
- Adequacy decisions for recipient countries
- Additional safeguards for high-risk transfers
4. Accountability Measures
- Maintain Records of Processing Activities (Article 30)
- Conduct Data Protection Impact Assessments for high-risk processing
- Appointed Data Protection Officer (DPO) for oversight
Data Breach Policy
In the event of a personal data breach, we will:
- Notify EU authorities within 72 hours (where required by GDPR)
- Communicate with affected users without undue delay
- Implement emergency security measures
- Document all breach responses for regulatory compliance
Your Rights
Under applicable data protection laws (including GDPR for EU users), you have the right to:
- Access and update your personal information
- Request deletion of your data
- Object to processing of your information
- Request data portability (EU users)
- Withdraw consent where applicable
- Lodge a complaint with a supervisory authority
To exercise these rights, please contact our Data Protection Officer (DPO).
Data Protection Officer (DPO) & EU Representative
We have appointed a Data Protection Officer (DPO) to oversee GDPR compliance:
EU users may also contact their local data protection authority with complaints.
Updates to This Policy
We may update this Privacy Policy periodically. For EU users, material changes will be communicated at least 30 days before implementation when required by GDPR.
Contact Us
For any privacy-related inquiries: