Clovis
Clovis
Get in Touch
Back to home

Privacy Policy

Last updated: July 2026 · v2026-07

This policy explains how Clovis ("we") collects, uses, and protects personal data when you use our platform, in compliance with the GDPR.

Data We Collect

We collect account data (name, email, job title, company details), technical data (IP address, browser, session logs), and business data (content you upload, billing information). We use this data to provide our services, manage accounts, send transactional emails, and ensure security.

Legal Basis

We process data under GDPR Article 6(1): (b) contract performance — to provide our services; (f) legitimate interests — for security and fraud prevention; (c) legal obligation — for tax and regulatory compliance.

AI Assistant

Clovis offers an optional in-product AI assistant. When you use it, the questions you submit and the related account and business data needed to answer them are sent to our AI sub-processor, Anthropic, PBC (the Claude API), which processes them solely to generate responses for you. Anthropic acts as a data processor under a Data Processing Agreement incorporating the EU Standard Contractual Clauses, and does not use your data to train its models. We rely on our legitimate interest, and where applicable contract performance, to provide this feature; you can object to AI processing at any time from your account settings, which disables the assistant for you. We do not use AI to make automated decisions producing legal or similarly significant effects about you.

Recipients & Sub-processors

We share personal data only with the service providers (sub-processors) we need to operate the platform — hosting and storage, transactional email, payment processing, error monitoring, video calling, and our AI assistant. Each acts under a data processing agreement and, where data leaves the EEA, an approved transfer safeguard such as the EU Standard Contractual Clauses or the EU-US Data Privacy Framework. The complete, current list — with each provider's purpose, location, and safeguard — is published on our Sub-processors page, linked in the footer of every page.

Data Retention

Account data is retained while your account is active and up to 12 months after closure. Billing records are kept for 7 years per tax regulations. Technical logs are retained for up to 90 days.

Cookies

Essential cookies (always on): a session cookie for authentication (Auth0) and a CSRF token for security. Optional marketing cookie (opt-in only, public marketing pages such as our homepage, contact and support only): Lemlist visitor tracking, which identifies visitors who reached our site from our outbound sales emails so we can follow up. The Lemlist script is never loaded inside the authenticated platform, and only loads if you click "Accept all" in our cookie banner. You can change your choice at any time by clearing your browser storage for this site.

Your Rights

Under GDPR Articles 15 to 21 you have the right to access your personal data, to have it rectified, to have it erased, to restrict its processing, to receive it in a portable machine-readable format, and to object to processing based on our legitimate interests. You can exercise most of these yourself from your account settings: export a copy of your data, correct your profile details, restrict processing of your account, object to non-essential processing (including AI processing), or delete your account entirely. Where processing is based on consent you can withdraw it at any time — for cookies via the Cookie settings link in the footer, for emails via the preference links in each message — without affecting the lawfulness of processing carried out before withdrawal. For anything not available self-service, or if you do not have an account, contact us at support@clovislabs.com; we respond within one month. You also have the right to lodge a complaint with a data protection supervisory authority — in France, the CNIL (cnil.fr) — or with the authority of your country of residence or place of work.

Contact

For questions or data protection requests: support@clovislabs.com.

Version History

Material changes to this Privacy Policy are recorded here so you can see what changed and when. The version in effect is shown above.

  • 2026-07 · July 2026

    Added a dedicated Your Rights section: the GDPR data-subject rights (access, rectification, erasure, restriction, portability, objection), the right to withdraw consent, how to exercise each right, and the right to lodge a complaint with a supervisory authority (CNIL).

  • 2026-05 · May 2026

    Initial published version: processing purposes and Article 6 legal bases, AI-assistant sub-processor disclosure (Anthropic), cookie use, sub-processor recipients, retention periods, and data-subject rights.