Last updated: March 21, 2025
ClarLabs ("we," "our," or "us") is committed to protecting your privacy and the security of your personal information. As a company specializing in security and compliance services, we hold ourselves to the highest standards of data protection in all our operations.
This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, use our services, or otherwise interact with us. This policy is designed to be transparent and comprehensive, giving you clear information about your data rights and our practices.
Please read this Privacy Policy carefully. By accessing or using our services, you acknowledge that you have read, understood, and agree to be bound by all the terms of this Privacy Policy. If you do not agree with the terms of this policy, please do not access the website or use our services.
We may collect personal information that you voluntarily provide to us when you:
This information may include your name, email address, phone number, job title, company name, company size, industry, business address, billing information, and any other information you choose to provide.
When you visit our website, use our applications, or interact with our services, we and our third-party service providers may automatically collect certain information about your device and usage patterns. This information may include:
We collect this information using cookies, web beacons, server logs, and similar technologies. For more detailed information about our use of these technologies, please refer to our Cookie Policy.
We may receive information about you from other sources, including:
We use this information to maintain the accuracy of our records, enhance our ability to provide relevant services, and improve our marketing and communication efforts.
In general, we do not collect or process special categories of personal data (such as health information, biometric data, or information about political opinions). However, in specific circumstances where such processing is necessary for our services (such as specific compliance implementations), we will only do so with appropriate legal basis and safeguards in place, and will provide explicit notice to you.
We may use the information we collect for various purposes, including to:
We may use automated systems to analyze your information and make decisions or predictions. For example, we may use algorithms to:
You have the right not to be subject to decisions based solely on automated processing if they produce legal effects or similarly significantly affect you, except where such processing is necessary for a contract, authorized by law, or based on your explicit consent. If you wish to contest an automated decision, please contact us using the information in the "Contact Us" section.
We process your personal information under one or more of the following legal bases:
Where we rely on legitimate interests as a basis for processing, we conduct a balancing assessment to ensure that our processing is necessary and that your fundamental rights and freedoms do not override those interests. You can obtain information about this balancing assessment by contacting us.
Where we rely on your consent, you have the right to withdraw that consent at any time. This will not affect the lawfulness of any processing carried out before you withdraw your consent.
We may share your information in the following circumstances:
We may share your information with third-party vendors, service providers, contractors, or agents who perform services on our behalf, such as:
These third parties have access to your information only to perform these tasks on our behalf and are contractually obligated to protect your data and not use or disclose it for any other purpose.
If we are involved in a merger, acquisition, sale of all or a portion of our assets, financing, or bankruptcy, your information may be transferred as part of that transaction. We will notify you via email and/or a prominent notice on our website of any change in ownership or uses of your personal information, as well as any choices you may have regarding your personal information.
We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., a court or government agency). We may also disclose your information to:
We may share your information with third parties when you explicitly consent to such sharing.
We may share aggregated or de-identified information, which cannot reasonably be used to identify you, for various purposes including research, analysis, and service improvement. This information may be shared publicly or with business partners, affiliates, or other third parties.
As a security and compliance company, we implement robust technical, administrative, and physical safeguards designed to protect the security, confidentiality, and integrity of your personal information. Our security program includes:
We regularly review and update our security practices to address new and evolving threats and strengthen our protection mechanisms. However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee its absolute security.
If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of your account has been compromised), please immediately notify us by contacting our security team at security@clarlabs.com.
Depending on your location, you may have certain rights regarding your personal information. These may include:
To exercise these rights, please contact us using the information in the "Contact Us" section. We will respond to your request within the timeframe required by applicable law (typically 30 days, but may be extended by an additional 60 days when necessary, depending on the complexity of the request).
Please note that in some circumstances, we may not be able to fully comply with your request, such as if it is frivolous or extremely impractical, if it jeopardizes the rights of others, or if it is not required by law, but in those circumstances, we will still respond to notify you of such a decision.
You can manage your marketing preferences in the following ways:
Please note that even if you opt out of marketing communications, we may still send you service-related and administrative messages, such as those about your account, subscription, or responses to your requests.
Some browsers offer a "Do Not Track" feature that signals to websites that you do not want to have your online activities tracked. Because there is not yet a common understanding of how to interpret the DNT signal, our websites currently do not respond to DNT signals. Instead, you can use the range of other tools we provide to control data collection and use, including the ability to opt out of receiving marketing from us.
We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. The criteria used to determine our retention periods include:
When we no longer need to process your personal information for the purposes set out in this Privacy Policy, we will delete or anonymize your information. If this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your information and isolate it from any further processing until deletion is possible.
If you close your account or request that we delete your information, we will remove your personal information from our active databases. However, some information may be retained in our files to prevent fraud, troubleshoot problems, assist with investigations, enforce our Terms of Service, and/or comply with legal requirements.
ClarLabs operates globally, and your information may be processed and stored in countries other than your own. These countries may have data protection laws that are different from those in your country. By using our services, you acknowledge that your personal information may be transferred to countries outside your country of residence.
When we transfer personal information across borders, we take appropriate safeguards to ensure that your information remains protected in accordance with this Privacy Policy and applicable laws. These safeguards may include:
For transfers to third parties, we require all third parties to respect the security of your personal information and to treat it in accordance with applicable laws. We do not allow our third-party service providers to use your personal information for their own purposes and only permit them to process your personal information for specified purposes and in accordance with our instructions.
We use carefully selected third-party service providers to help us provide our services and process personal data on our behalf. These providers act as data processors and are subject to contractual obligations to implement appropriate technical and organizational security measures to protect the data and to process the data only as instructed.
Our key categories of subprocessors include:
Upon request, we can provide a detailed list of our current subprocessors, including their names, locations, and the services they provide to us. If you are a business customer with concerns about our subprocessors, please contact our Data Protection Officer.
Our services are not directed to children under the age of 16, and we do not knowingly collect personal information from children under 16. If we learn that we have collected personal information from a child under 16, we will take steps to delete that information as soon as possible.
If you believe we might have any information from or about a child under 16, please contact us using the information provided in the "Contact Us" section. If we become aware that a child under 16 has provided us with personal information without verified parental consent, we will delete that information.
We use cookies, web beacons, pixels, and similar tracking technologies to collect information about how you interact with our website and services. These technologies help us understand user behavior, remember your preferences, provide personalized content, and gather information about your usage patterns.
Most web browsers allow you to control cookies through their settings preferences. However, if you limit the ability of websites to set cookies, you may impact your overall user experience. You can also set your browser to notify you when you receive a cookie, giving you the chance to decide whether to accept it.
For more detailed information about the cookies we use, the purposes for which we use them, and how you can exercise your choices regarding our use of cookies, please see our Cookie Policy.
We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make material changes to this Privacy Policy, we will:
We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information. Your continued use of our services after the revised Privacy Policy has become effective indicates that you have read, understood, and agreed to the current version of the Privacy Policy.
We have appointed a Data Protection Officer (DPO) who is responsible for overseeing questions regarding this Privacy Policy. If you have any questions or concerns about our privacy practices, your personal information, or your privacy rights, you can reach our DPO at:
Email: dpo@clarlabs.com
Postal Address: Data Protection Officer, ClarLabs, Hamilton House, Mabledon Place, London, WC1H 9BB, United Kingdom 4NE
Our DPO and privacy team are committed to addressing your concerns and resolving any complaints about our collection or use of your personal information.
If you have any questions or concerns about this Privacy Policy or our privacy practices, please contact us at:
Email: privacy@clarlabs.com
Postal Address: ClarLabs, Hamilton House, Mabledon Place, London, Greater London, WC1H 9BB, United Kingdom
Phone: +44 (0) 330 808 1230
For EU/EEA residents: You have the right to lodge a complaint with a supervisory authority if you believe our processing of your personal information violates applicable law. However, we would appreciate the chance to address your concerns before you approach a supervisory authority, so please contact us in the first instance.