Politique de confidentialité des apps Clarivia

La version anglaise de ce document est la version officielle et fait foi. En cas de divergence avec une version traduite ou localisée, la version anglaise prévaut. Clarivia ne fournit pas de version officielle traduite de ce document.

---

Effective date: October 27, 2025 (and as subsequently updated per Section “Changes to This Agreement”).

1. Introduction

Clarivia Inc. (“Clarivia,” “we,” “us,” or “our”) operates clarivia.app and various mobile and desktop applications and services (collectively, the “Products”). This Privacy Policy explains how we collect, use, disclose, and safeguard information when you use the Products.

This Privacy Policy governs the Products described here. If you are looking for Clarivia’s main corporate website privacy policy, it is available at www.clarivia.com/privacy-policy.

By using the Products, you agree to the collection and use of information in accordance with this Privacy Policy and the End User License Agreement. Capitalized terms not defined here have the meanings given in the EULA.

2. Who we are and scope

• Controller: Clarivia Inc., Ontario, Canada.
• Contact: support@clarivia.com
• Territorial scope: This Privacy Policy applies to users worldwide. Additional rights for EU and UK residents and residents of certain U.S. states are described in Sections 16 and 17.

Canada users. If you are in Canada, you may contact us about access, correction, and other requests under PIPEDA at support@clarivia.com. You may also contact the Office of the Privacy Commissioner of Canada.

Organization accounts. For certain enterprise features, Clarivia may process Personal Data as a processor on behalf of an organization that is the controller. In those cases, our data processing addendum applies between Clarivia and the organization.

3. Key definitions

• Products means clarivia.app and subdomains, the Coaching Log app, the Aideai apps, and other Clarivia applications and services, all operated by Clarivia Inc..
• Personal Data means information that identifies or can reasonably be linked to an individual.
• Usage Data means information automatically collected from the Products, for example app events, device and diagnostic data.
• Data Controller means the entity that determines the purposes and means of processing Personal Data.
• Processor or Service Provider means an entity that processes data on behalf of a controller.
• AI Features are features that use artificial intelligence or machine learning models, which may be provided by third-party AI providers.

4. Product-specific practices

Coaching Log (on-device storage). Coaching Log stores your app content on your device. Clarivia does not store your Coaching Log content on Clarivia servers. Coaching Log uses Firebase only for analytics, crash reporting, and messaging. If you enable operating system backups or third-party sync on your device, your OS or third-party provider may copy app data according to their settings and policies.

Aideai (AI-first). Aideai relies on AI Features to function. If you disable AI Features or do not consent to use of AI Features, Aideai will not operate as intended. If you choose not to use AI Features, the only option is to uninstall Aideai.

5. Categories of data we collect

We collect the following categories of information, depending on your interactions with the Products and your settings.

1. Account and identity information Email address, first and last name, company name, account identifiers, subscription status, and basic profile settings.
2. Product and subscription information Plan tier, purchase and renewal status, limited transaction metadata from in-app purchases or web purchases. We do not store full payment card data. See Section 13.
3. Usage and device data Device type, operating system, app version, language, IP address, time zone, crash logs, diagnostics, performance metrics, and feature usage events.
4. Content you provide Text entries, notes, files, and other materials you upload or create in the Products.
5. AI prompts and outputs Prompts, contextual inputs, settings, and generated outputs when you use AI Features. See Section 8.
6. Support and communication Messages you send to support, feedback channels, or surveys, including email metadata.
7. Cookies and similar technologies Cookies, SDKs, and similar tools used for essential functionality, preferences, analytics, and where applicable advertising or remarketing. See Section 10.

6. Sources of data

• Directly from you when you create an account, subscribe, use features, or contact support.
• Automatically from your device and interactions with the Products.
• From platform stores, payment processors, analytics, crash reporting, and cloud infrastructure providers.
• From AI providers when you enable AI Features and submit prompts or context to those providers through Clarivia.

7. How we use your data

We use Personal Data for the following purposes:

• To provide, operate, and maintain the Products.
• To authenticate you, manage accounts and subscriptions, and process transactions.
• For products that offer cloud sync and backup, to provide cross-platform access and storage through cloud services such as Google Firebase. Coaching Log does not store your app content on Clarivia or third-party servers.
• To provide AI Features, including sending prompts and context to AI providers and returning outputs to you.
• To personalize and improve the Products, including usage analytics and A/B testing.
• To provide support and communicate about service changes, updates, and security notices.
• To detect, prevent, and address fraud, abuse, and security incidents.
• To comply with legal obligations and enforce our agreements.
• With your consent, to send marketing or promotional communications which you can opt out of at any time.

8. Legal bases for processing (EEA and UK users)

Where GDPR or UK GDPR applies, we process Personal Data under these legal bases:

• Contract: to provide the Products and fulfill the EULA.
• Legitimate interests: to secure and improve the Products, prevent abuse, and perform limited analytics consistent with your choices.
• Consent: for certain cookies or local laws requiring consent, for marketing emails, and for specific optional data uses.
• Legal obligation: to comply with applicable laws and requests by authorities.

9. Generative AI Features

Some Products include AI Features powered by third-party AI providers, including Google Gemini, OpenAI, Anthropic, or similar services. Your use of AI Features is subject to the EULA and applicable AI provider terms.

• Data sent to AI providers: When you use AI Features, your prompts, instructions, contextual inputs, and related metadata may be transmitted to AI providers to generate outputs.
• Outputs: AI outputs are generated automatically and may be inaccurate or inappropriate. You are responsible for verifying outputs before relying on or publishing them.
• Provider use: AI providers may receive data solely to provide the AI service to Clarivia and to you. Provider practices are governed by their terms and privacy policies.
• Your controls: Where applicable, you may disable AI Features in the app preferences, which prevents prompts and context from being sent to AI providers. Disabling may limit functionality. If you disable AI Features in Aideai, Aideai will not function. To stop using AI Features, uninstall Aideai.
• Human review: Clarivia does not routinely review your prompts or outputs, except as required to provide support, ensure safety and compliance, or as required by law.
• No sensitive inputs: Do not input special categories of data or confidential information into AI Features unless you have a lawful basis and appropriate safeguards.

The Products do not make or allows to make decisions with legal or similarly significant effects based solely on automated processing without human involvement.

Clarivia does not use your prompts or AI outputs to train Clarivia-owned foundation models. Third-party AI providers may process data as permitted in their terms and privacy policies. Where a provider offers an enterprise or API setting to exclude data from model training, Clarivia will endeavor to use that setting for production AI Features, or will provide an in-product control where feasible.

10. Cloud storage and infrastructure

Scope. Cloud storage applies only to Products and plans that include cloud functionality. Coaching Log does not upload your app content to Clarivia servers and uses Firebase only for analytics, crash reporting, and messaging.

For products with cloud functionality, we primarily use Google Firebase to provide authentication, databases, file storage, and diagnostics. Depending on your plan and features:

• Your account data and app content may be stored in Firebase services such as Authentication, Firestore or Realtime Database, Cloud Storage, and Crashlytics.
• Cross platform access and cloud backup rely on these services.
• We configure regional locations and access controls consistent with our security practices and product needs.
• You can opt out of non essential analytics or diagnostics in app where offered. Core operational data storage and security logging are necessary to provide the Products.

Device or OS backups. If you turn on device or operating system backups (for example Apple iCloud or Google device backup), your OS provider may copy app data as part of those backups. Such backups are governed by your OS provider’s terms and are outside Clarivia’s control.

Notifications. We may use Firebase Cloud Messaging or similar services to deliver in-app or push notifications. You can control push notifications in your device settings or in-app where available.

Personal Data may be stored or processed in Canada, the United States, the European Union, or other countries where our service providers operate. We use appropriate safeguards for international transfers, including Standard Contractual Clauses where applicable.

11. Cookies, SDKs, and tracking technologies

We use cookies and SDKs for:

• Essential functions such as login, security, and preferences.
• Analytics and diagnostics for performance and reliability.
• Advertising and remarketing where applicable. You can opt out or adjust preferences in app or browser settings and through links in Section 16 and 17.

Some browsers offer “Do Not Track” settings. At this time, we do not respond to these signals. We honor applicable consent and opt out choices provided in the Products or required by law.

Where required by law, we obtain consent for non essential cookies and provide a way to manage preferences.

12. Your choices and controls

You can manage certain privacy choices in the Products, including:

a) toggling AI Features, where available
b) adjusting analytics and diagnostics sharing, where available
c) managing cookies and similar technologies in app or browser settings, and where required by law through our cookie preferences
d) opting out of marketing emails by using the unsubscribe link in those emails
e) for Aideai, AI Features are required. Disabling AI Features will prevent Aideai from functioning. To discontinue AI Features in Aideai, uninstall the app.

Some core data uses are necessary to provide the Products and cannot be disabled.

13. Analytics, diagnostics, and support tools

We may use:

• Google Analytics and/or Amplitude for web and app analytics.
• Firebase for authentication, databases, crash reporting, analytics, and messaging.
• RevenueCat to manage in app purchases and subscriptions.
• Freshdesk to manage support tickets and communications.

Configuration and opt out options are provided in app where available and through your device settings or relevant provider links.

14. Advertising and remarketing

Where applicable, we may use Google Ads, Facebook, or similar services for remarketing. This may involve cookies or mobile ad identifiers to show ads based on prior visits. Refer to the provider links to opt out. You can also adjust your device advertising settings.

15. Payments

For paid features, payments are processed by App Store, Google Play, Stripe, PayPal or Braintree. Clarivia does not store full payment card numbers. Your payment data is handled under the processor’s privacy policy and PCI DSS requirements.

16. How we share information

We share Personal Data only as described below:

• Service Providers and processors that host, store, or process data on our behalf, including Firebase, RevenueCat, Freshdesk, analytics and diagnostics providers, and AI providers used to power AI Features.
• Platform stores and payment processors to manage purchases and subscriptions.
• Corporate transactions such as mergers, acquisitions, or asset transfers.
• Legal and safety for compliance with law, responding to lawful requests, and protecting Clarivia, users, or others.
• With your direction or consent for specific features or integrations.

We do not sell Personal Data for money. In some jurisdictions, certain advertising or analytics practices can be considered a “sale” or “sharing” for cross context behavioral advertising. See Sections 16 and 17 for your rights and opt out choices.

Disclosure for law enforcement and regulatory requests

We may disclose Personal Data when we believe in good faith that such disclosure is reasonably necessary to comply with applicable law, regulation, legal process, or governmental request, including to meet national security or law enforcement requirements.

17. Data retention

We retain Personal Data as long as needed to provide the Products, comply with legal obligations, resolve disputes, and enforce agreements. General guidelines:

• Account data and content: for the life of your account and for a reasonable period after deletion for backup and audit.
• Subscription and transaction records: for tax, audit, and legal retention periods.
• Analytics and diagnostics: for shorter periods unless needed to improve reliability or meet legal requirements.
• Support communications: for operational and compliance purposes.

Disclosure for law enforcement and regulatory requests. We may disclose Personal Data when we believe in good faith that such disclosure is reasonably necessary to comply with applicable law, regulation, legal process, or governmental request, including to meet national security or law enforcement requirements.

Account deletion. You can request deletion of your account and associated content through in-app settings where available or by contacting support@clarivia.com. Some data may be retained as required by law or for legitimate business purposes such as fraud prevention and accounting.

18. Your rights under GDPR and UK GDPR

If you are in the EEA or UK, you have the right to:

• Access, correct, or delete your Personal Data.
• Object to or restrict processing in certain circumstances.
• Data portability.
• Withdraw consent where processing is based on consent.
• Lodge a complaint with your supervisory authority.

To exercise these rights, contact support@clarivia.com. We may need to verify your identity before responding. Some data is required to provide the Products and may be retained as permitted by law.

International transfers: When we transfer Personal Data outside the EEA or UK, we rely on appropriate safeguards such as Standard Contractual Clauses and additional measures as needed.

19. U.S. state privacy disclosures, including California (CCPA/CPRA)

Residents of California and certain other U.S. states have the right to:

• Request to know categories and specific pieces of Personal Data collected, sources, purposes, and categories of recipients.
• Request deletion of Personal Data, subject to legal exceptions.
• Request correction of inaccurate Personal Data.
• Opt out of the sale or sharing of Personal Data for cross context behavioral advertising.
• Limit the use and disclosure of sensitive Personal Data where applicable.
• No discrimination for exercising privacy rights.
• Verification. We will take reasonable steps to verify your identity before fulfilling requests.
• Authorized agents. Where permitted by law, you may submit a request through an authorized agent. We may require proof of authorization and identity.
• Appeal. If we deny your request, you may appeal by emailing support@clarivia.com with “Privacy Appeal” in the subject. If your appeal is denied, you may contact your state attorney general.

How to submit requests or opt out: email support@clarivia.com with “Privacy Request” in the subject. If we engage in activities considered “sale” or “sharing,” we will provide a “Do Not Sell or Share” control in the Products or on our website.

We do not have actual knowledge that we sell or share Personal Data of consumers under 16 years of age.

20. Security

We use administrative, technical, and physical safeguards appropriate to the nature of the data. No method of transmission or storage is perfectly secure. We work to prevent unauthorized access, use, alteration, and disclosure of Personal Data.

If we determine that a security incident has created a material risk of harm, we will notify affected users and regulators as required by law.

21. Children’s privacy

The Products are not intended for children under 13. We do not knowingly collect Personal Data from children under 13. If you believe a child has provided Personal Data, contact us and we will take appropriate steps to delete it. In certain jurisdictions, additional age thresholds may apply and parental consent may be required.

22. Links to other sites

The Products may contain links to third party sites. We are not responsible for the privacy practices of those sites. Review their policies before providing data.

23. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. We will post the updated version with a new effective date and, where required, provide additional notice such as email, in app notice, or a prominent banner. Your continued use of the Products after the effective date constitutes your acceptance of the changes.

24. Contact

If you have questions about this Privacy Policy or your privacy rights, contact support@clarivia.com

---

Provider references and helpful links

• Google Privacy Policy: https://policies.google.com/privacy
• Firebase Privacy and Security: https://firebase.google.com/support/privacy
• Google Analytics Opt out: https://tools.google.com/dlpage/gaoptout
• Google Ads Settings: https://adssettings.google.com
• Facebook Data Policy: https://www.facebook.com/privacy/policy
• RevenueCat Privacy: https://www.revenuecat.com/privacy
• Freshworks Privacy: https://www.freshworks.com/privacy
• Stripe Privacy: https://stripe.com/privacy
• PayPal Privacy: https://www.paypal.com/webapps/mpp/ua/privacy-full
• Apple Privacy: https://www.apple.com/legal/privacy
• Google Play Privacy: https://policies.google.com/privacy