Summary (Plain English)
ClaraOP is an operations platform for creators and talent agencies. To do our job we need to see the emails you send us (brand-deal offers), your invoices, and — if you're an agency — your team's roster. Here's the essence of what we do with your data:
- We never sell your data. Not to advertisers, not to data brokers, not to anyone.
- We do not read the body of your emails in any way that isn't strictly required to detect a brand-deal offer and populate a campaign record.
- We do not retain email content. After AI extraction we keep only the structured fields (subject line, sender, thread ID, extracted deal metadata). The full email body is not stored.
- Google API data is used only for the feature you connected it for. We follow Google's Limited Use requirements.
- You can disconnect your Gmail inbox and delete all your data at any time from Account → Danger Zone.
1. Who we are
ClaraOP ("ClaraOP", "we", "us", "our") is operated by [BUSINESS NAME], a [ENTITY TYPE] registered in [JURISDICTION]. Our contact address for privacy matters is privacy@claraop.dev.
For the purpose of applicable data-protection laws (including the EU/UK GDPR and the California Consumer Privacy Act), ClaraOP is a data controller in respect of account and usage data you provide directly to us. For data you receive from Google APIs and route through ClaraOP for your own operational purposes, ClaraOP acts as a data processor on your behalf.
2. What data we collect
Account data. Name, email address, password hash (bcrypt), business profile fields (business name, address, tax ID), role, agency membership.
Campaign & billing data. Brand names, deal amounts, deliverables, proof-of-delivery uploads, invoice line items, payout metadata. Bank account details are encrypted at rest using AES-256.
Google API data (when you connect Gmail). With your explicit permission we access your Gmail metadata through the scopes you approve. What we actually store:
- The threadId and messageId of scanned emails — used only to de-duplicate rescans so we never create duplicate campaigns.
- The subject line, sender name, sender email, and received timestamp — used to associate a detected deal with its source thread.
- Structured fields extracted by our AI classifier from the message body: brand name, amount, currency, deliverables, campaign type, dates. We do not store the raw body of your emails. The body is sent to our AI processor, parsed, and then discarded.
Usage & security telemetry. Login events, action logs (who marked which invoice paid), API request logs (retained 30 days for troubleshooting), IP address of session origin. We do not use third-party analytics trackers.
3. How we use your data
We use your data to:
- Provide the ClaraOP service (authenticate you, sync campaigns, generate invoices).
- Detect brand-deal emails and create campaign records — the specific reason you granted us Gmail access.
- Send transactional emails (invoice sent, overdue reminder, batch generated, weekly summary — all opt-out able from Account settings).
- Enforce security (rate limiting, brute-force protection, audit logging).
- Debug production issues (limited-scope access by our engineers, audit-logged).
What we never do: serve you ads based on your email content, train our AI models on your emails, share your data with unrelated third parties, or read emails outside the deal-detection flow.
4. Google API Services — Limited Use disclosure
ClaraOP's use and transfer of information received from Google APIs to any other app will adhere to the Google API Services User Data Policy, including the Limited Use requirements. Specifically:
- We only use Google API data to provide or improve user-facing features that are prominent in ClaraOP's user interface (i.e. the Email Intake feature).
- We do not transfer Google API data to third parties except as necessary to provide or improve those user-facing features, to comply with applicable law, or as part of a merger, acquisition, or sale of assets (with the user's consent).
- We do not use Google API data to serve advertisements.
- We do not allow humans to read Google API data unless: (a) we have the user's affirmative agreement for specific messages, (b) it is necessary for security purposes (e.g. investigating abuse), (c) to comply with applicable law, or (d) the data is aggregated and used for internal operations in accordance with applicable privacy laws.
- We do not use Google API data to develop, improve, or train generalized AI/ML models. The AI classifier that reads your emails is a stateless third-party API (Anthropic Claude); prompts and responses are not retained after the extraction call returns.
5. AI processors & subprocessors
To extract structured deal data from emails we send message text to an AI provider:
- Anthropic (Claude) — stateless API call. Anthropic's privacy policy confirms API data is not used to train their models by default.
Other subprocessors we use:
- MongoDB Atlas — primary database. All data encrypted at rest.
- Resend — transactional email delivery. Only email address + subject + body of transactional messages we send.
- Cloud hosting provider — Kubernetes-managed compute. No direct access to database contents.
6. Data retention
We retain data only as long as we need it:
- Account data — for as long as your account is active. Deleted 30 days after you close your account, except where retention is required by law (tax records may be kept up to 7 years).
- Campaign, invoice, payout data — indefinitely while your account is active (this is your books-of-record).
- Email metadata (thread IDs, subjects, senders) — while campaign is active; auto-purged 90 days after campaign closure.
- Payout batch bank details (encrypted PII) — auto-purged 30 days after batch is fully paid or cancelled (Purge Cron runs daily).
- API/audit logs — 30 days rolling.
7. Your rights
Depending on where you live, you may have the following rights:
- Access — download all data we hold about you (Account → Danger Zone → Export).
- Correction — update your profile / business info at any time.
- Deletion — permanently delete your account and all associated data.
- Portability — your data export is a machine-readable JSON archive.
- Objection / restriction — email us to opt out of specific processing.
- Complaint — you may lodge a complaint with your local supervisory authority (e.g. ICO in the UK, CNIL in France, State AG in California).
To exercise any of these rights, email privacy@claraop.dev from the account email address. We respond within 30 days.
8. Security
See our full Security Policy. In brief: AES-256 encryption at rest for bank PII, HTTPS/TLS 1.2+ in transit, bcrypt password hashing, JWT session tokens with short expiry, principle-of-least-privilege for engineer access.
9. Children
ClaraOP is not intended for and does not knowingly collect data from anyone under 18. If we discover a minor has created an account, we will delete it.
10. Changes to this policy
We'll email registered users when we make material changes, at least 14 days before they take effect. Minor clarifications may be made without notice; the "Effective" date above always reflects the latest revision.
11. Contact
Privacy officer: privacy@claraop.dev
Data-deletion requests: delete@claraop.dev
Postal: [BUSINESS NAME], [ADDRESS LINE 1], [ADDRESS LINE 2], [COUNTRY]
