Privacy Policy

‍

At Kleverin (“Kleverin,” “we,” “us,” or “our”), we take your privacy and the protection of your information seriously. This Privacy Policy (“Policy”) explains how we collect, use, disclose, and safeguard information from individuals who use or interact with our Services (“Users,” “you,” or “your”).

This Policy applies to all Kleverin-owned websites, applications, platforms, and services, including our software WorktreeX (collectively, the “Services”). It forms part of our Terms of Service and other agreements that govern your use of the Services.

If you have questions about this Policy, please contact us at support@kleverin.com.

By using our Services, you agree to the practices described in this Policy. If you do not agree, please stop using the Services. The version of this Policy with the most recent date at the top applies each time you access the Services.

‍

1. Definitions

‍

Service: The websites, applications, and software offered by Kleverin, including WorktreeX and related add-ons or integrations.

Personal Data: Any information relating to an identified or identifiable individual, either alone or in combination with other data we hold.

Usage Data: Information automatically collected when using the Service, such as IP address, browser type, operating system, pages visited, date and time of visits, and time spent on pages.

Cookies: Small text files stored on your device to help recognize your device, remember preferences, and improve your experience.

Data Controller: The entity that determines the purposes and methods of processing Personal Data. Kleverin is the Data Controller for Personal Data of Users.

Data Processor (or Service Provider): Third parties engaged by Kleverin to process data on our behalf to deliver or improve the Services.

Data Subject: Any individual whose Personal Data is collected, stored, or processed by the Service.

Requested Account Permissions: Access permissions requested from third-party accounts (e.g. Microsoft) to enable specific Service features.

‍

2. Information We Collect and How We Use It

‍

We collect two main types of information

1. Personal Information: Data you voluntarily provide that can identify you (e.g. name, email, account details).
2. Aggregate / Usage Information: Limited technical or operational data we collect to operate and improve the service.

2.1 Personal Information Collected

• Accounts: To create and manage your account, we collect details like your Profile name (if provided by Microsoft), email address, Microsoft account OID (Object ID) and Tenant ID. We may also collect information you submit or upload     through the Services.
• Customer  Data: Any information provided by Kleverin customers through our Services is considered Customer Data. Customers control their Customer Data, and this Policy does not govern their handling of it.
• Files and Spreadsheets: We do not store, copy, or otherwise retain the content of your files or spreadsheets. We may temporarily process     limited metadata—such as file names, identifiers, file modification timestamps—only     when this information is included in system error logs or bug reports. This metadata is used solely for diagnosing issues and is not retained     beyond what is necessary for support.
• Usage Data: We collect only the minimal usage information required to operate and maintain the Service. This includes: Login counts (number of successful logins), error logs and bug reports submitted by you.
• Marketing and Communications: We do not currently send marketing or promotional communications. If we introduce marketing in the future, we will update this Policy and request your explicit consent where required.

• Subscription  & Billing Information (via Stripe): If you purchase a subscription, our payment processor (Stripe) collects your payment details on our behalf. This information is used to manage your subscription, provide invoices, and handle payment-related support. All payment card details are  handled exclusively by Stripe. While we do not store or process full card numbers or CVC codes, we may access and store certain billing information through Stripe, including:
  
   
  • Billing name and billing address
   
  • Card brand and last 4 digits
   
  • Subscription status and plan details
   
  • Next billing date and payment history (e.g., successful or failed charges).

‍

2.2 Collection of Personal Information by Third Parties

Our Services may contain links to third-party websites, resources, or services that Kleverin does not operate. These third parties have their own privacy policies, which will govern their handling of your information. We are not responsible for the privacy or security practices of such third parties. If you choose to provide information to a third party through our Services, please carefully review their policies before doing so.

If you disagree with automatic decisions, you have the right to obtain human intervention from the data controller, to express your point of view, and to discuss the decision. When the processing is based on consent, you can withdraw consent at any time, without affecting the legality of the processing based on the consent before its withdrawal

2.3 Cookies and Tracking Technologies

Our Site and Services use only strictly necessary cookies required for basic operation, security, and user authentication.

These include:

• Essential / Session Cookies: Used by the Site or application to function     correctly, maintain security, and remember your login session.
• Webflow  Essential Cookies: Webflow, which hosts our website, may set basic functional cookies needed for loading the site or preventing abuse. These cookies do not track you for analytics, advertising, or profiling.

We do not use:

• analytics  or performance cookies
• advertising  or targeting cookies
• social media tracking cookies
• third-party marketing trackers
• Google Analytics
• web beacons
• retargeting technologies

Because we do not use these technologies, we do not require cookie banners or opt-in analytics controls.

You can control or delete cookies at any time through your browser settings, but disabling essential cookies may prevent parts of the Site or Service from functioning.

To learn more about controlling cookies and targeted advertising, visit:

• Your Online Choices (Europe)
• Network Advertising Initiative (United States)
• About Ads (United States)

‍

3. Lawful Basis for Processing
‍

We process Personal Data under the following lawful bases:

• Consent: Where you have explicitly agreed (e.g., marketing communications).
• Contractual necessity: To provide Services requested by you.
• Legal  obligations: To comply with laws or regulations.
• Legitimate     interests: To operate, improve, and secure our Services, prevent fraud, and protect users, provided your rights are not overridden.

4. How We Use Your Information
‍

We collect and use your information, including Personal Information, to provide our Services, operate effectively, and deliver the content and support you request. Specifically, we may use your information for the following purposes:

• Service     delivery and maintenance – To provide, operate, improve, maintain, and protect our Services.
• Support     – To provide you with technical or customer support and respond to your inquiries.
• Account     management – To register you and your users, authenticate your identity, and manage account features.
• Communication     – To send notices, alerts, updates, newsletters, and marketing communications about Kleverin and our Services.
• Monitoring   and Usage Insights – To monitor login activity, track system errors, and review bug reports submitted by users. This information helps     us maintain service reliability, troubleshoot issues, and improve the  functionality of our Services. We do not perform analytics or track user behaviour beyond login counts and error/bug reporting.
• User   experience – To personalize your experience, enhance security, and     improve the overall quality of our Services.
• Compliance and enforcement – To comply with legal obligations, enforce our Terms of Service, and investigate potential violations.
• Fraud and security – To detect, prevent, and address fraud, technical     issues, or other harmful activity.
• Protection   – To safeguard the rights, property, and safety of Kleverin, our users, and the public, as required or permitted by law.

5. How We Share Personal Information
‍

We do not rent or sell your Personal Information. We onlyshare it as necessary to provide and maintain our Services:

• Authentication Providers: We use Microsoft for single sign-on. Your account information (email, profile name, OID, Tenant ID) is shared with Microsoft     as part of the authentication process. We do not control their practices;     see Microsoft’s privacy policy.
• Payment Processors: We use Stripe to process subscriptions and payments. While Stripe handles your payment details, we may access limited information such as last 4 digits of your card, billing name and address, and subscription status. Stripe’s use of your information is governed by their privacy policy.

We may also disclose Personal Information if required to:

1. Comply with legal obligations or court orders.
2. Investigate fraud, security issues, or unlawful activity.
3. Protect the rights, property, or safety of Kleverin, our users, or the public.

‍

6. Data Retention
‍

We retain Personal Information for as long as necessary to provide our Services, meet our legal obligations, enforce agreements, resolve disputes, and for other legitimate business purposes.

Retention periods may vary depending on the type of data, the context in which it was collected, and applicable laws or contractual requirements. Factors that influence how long we keep information include:

• Whether the data is needed to operate or improve the Services.
• The sensitivity of the information.
• User expectations or consent regarding data retention.
• The availability of tools that allow users to delete or manage their data.
• Legal, regulatory, or contractual obligations.

When we no longer have a legitimate business need to process your Personal Information, we will either delete or anonymise it. If deletion or anonymisation is not possible (for example, if the data is stored in backup archives), we will securely store the data and isolate it from further processing until deletion becomes feasible.

When you cancel your account, we retain your personal information only as long as necessary to comply with legal or contractual obligations, prevent fraud, and resolve disputes.  Unless otherwise required, your personal data will be securely deleted or anonymised within 90 days of account cancellation.

‍

7. Payments
‍

We may provide paid products and/or services within the Service. In that case, we use third-party services for payment processing (e.g. payment processors). We will not store or collect your payment card details. That information is provided directly to our third-party payment processors whose use of your personal information is governed by their Privacy Policy. These payment processors adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, Mastercard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of payment information. The payment processors we work with are:

Stripe

Their Privacy Policy can be viewed at https://stripe.com/us/privacy.

8. Children’s Privacy
‍

Our Services are not directed to, and we do not knowingly collect Personal Information from, children under the age of 16. If we become aware that we have collected information from a child under this age, we will delete it promptly.

If you believe a child has provided us with Personal Information, please contact us so we can take appropriate action.

9. Security
‍

We implement reasonable technical, administrative, and physical safeguards. No system is completely secure, so we cannot guarantee absolute protection.

You are responsible for protecting your account credentials and should never share passwords. Report suspicious communications requesting your password immediately.

10. International Transfers
‍

Kleverin is based in the United Kingdom. If you access our Services from outside the UK, please note that your Personal Information may be transferred to, and stored in, countries where data protection laws may differ from those in your jurisdiction.

Where we transfer data outside the UK or the European Economic Area (EEA), we ensure that appropriate safeguards are in place, such as the use of approved Standard Contractual Clauses or other lawful transfer mechanisms, to protect your information.

11. Your Rights
‍

Under UK GDPR, you may:

• Access, correct, or delete your Personal Data.
• Withdraw consent where processing is based on consent.
• Object to processing where based on legitimate interests.
• Lodge a complaint with the ICO: www.ico.org.uk

Contact us to exercise these rights at support@kleverin.com.

12. Changes to This Policy
‍

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or for other operational reasons. The “Last Updated” date at the top of this page indicates when the policy was last revised.

If we make material changes, we will provide notice through our Services or by other appropriate means before the changes take effect. Please review this page regularly to stay informed about how we protect your information.

13. Governing Law
‍

This Privacy Policy and any dispute or claim arising from it shall be governed by and construed in accordance with the laws of Scotland and the United Kingdom, without regard to conflict of law principles.

‍