Legal
Privacy Policy
Last updated: May 2026
We keep this policy short and in plain language. Klaro Digital is built for EU businesses, so privacy is a core part of the product — not an afterthought.
What we collect
- Company data you provide during onboarding (company name, industry, team size).
- AI tool data you register (tool name, purpose, department, oversight settings).
- Usage data from the AI Monitor module (which AI tools are used and how often).
- Account data (email, authentication metadata).
How we use it
- To calculate your compliance score and EU AI Act risk flags.
- To detect shadow AI and produce usage analytics.
- To generate compliance reports for your team.
- To operate, secure, and improve the platform.
Where we store it
Your data is stored on a secure managed backend hosted in the EU. Access is restricted, encrypted in transit, and protected by row-level security so only members of your company can see your data.
What we never do
- We do not sell your data.
- We do not use your data to train third-party AI models.
- We do not share your data with advertisers.
GDPR
Klaro Digital processes personal data in line with the EU General Data Protection Regulation (GDPR). We act as a processor for the data you put into the platform, and as a controller for your account information.
Your rights
- Access — request a copy of the data we hold about you.
- Correction — fix anything inaccurate.
- Deletion — ask us to remove your account and data.
- Portability — export your registry and reports.
Contact
For any privacy request, email privacy@klarodigital.com. We respond within 30 days.