Back to home

Privacy Policy

Last updated: March 31, 2026

1. Data Controller

Cluently is operated by Alexandre, sole proprietor, registered in Boulogne-Billancourt, France. For any question related to your personal data, contact us at [email protected].

2. Data We Collect

  • Account data : email address, name, profile picture (via Clerk authentication).
  • Usage data : pages visited, features used, timestamps (via PostHog, self-hosted analytics).
  • Project data : leads, signals, workflows, conversations, and content you create within the platform.
  • Payment data : processed by Stripe. We never store card numbers.
  • LinkedIn data : connection and messaging data you explicitly authorize through Unipile integration.

3. Legal Basis (GDPR Art. 6)

  • Contract performance : providing the service you signed up for.
  • Legitimate interest : improving the product, preventing fraud.
  • Consent : marketing emails, analytics cookies.

4. Data Processing and Sub-processors

We use the following third-party services to operate the platform:

  • Clerk (authentication) - US, EU SCCs in place
  • Stripe (payments) - US, EU SCCs in place
  • Railway (hosting) - EU region
  • Supabase (database) - EU region
  • Anthropic (AI processing) - US, EU SCCs in place
  • Unipile (LinkedIn integration) - France
  • Resend (email delivery) - US, EU SCCs in place
  • PostHog (analytics) - EU instance

5. Data Retention

We retain your account and project data for as long as your account is active. When you delete your account, all associated data is permanently removed within 30 days. Payment records are kept for 10 years as required by French tax law.

6. Your Rights (GDPR Art. 15-22)

As an EU resident, you have the right to:

  • Access your personal data
  • Rectify inaccurate data
  • Request erasure (right to be forgotten)
  • Restrict processing
  • Data portability (export your data in JSON format)
  • Object to processing
  • Lodge a complaint with the CNIL (French Data Protection Authority)

To exercise any of these rights, email [email protected]. We will respond within 30 days.

7. Data Transfers

Some of our sub-processors are located outside the EU. For each transfer, we rely on Standard Contractual Clauses (SCCs) approved by the European Commission.

8. Security

We implement industry-standard security measures including encryption at rest and in transit (TLS 1.3), access control, regular dependency audits, and penetration testing.

9. Cookies

We use strictly necessary cookies for authentication (Clerk session cookie). Analytics cookies (PostHog) are only set with your consent. We do not use advertising cookies or trackers.

10. Changes to This Policy

We may update this policy from time to time. Material changes will be communicated via email.