Legal

Privacy Policy

Last updated: May 2026

We keep this policy short and in plain language. Klaro Digital is built for EU businesses, so privacy is a core part of the product — not an afterthought.

What we collect

  • Company data you provide during onboarding (company name, industry, team size).
  • AI tool data you register (tool name, purpose, department, oversight settings).
  • Usage data from the AI Monitor module (which AI tools are used and how often).
  • Account data (email, authentication metadata).

How we use it

  • To calculate your compliance score and EU AI Act risk flags.
  • To detect shadow AI and produce usage analytics.
  • To generate compliance reports for your team.
  • To operate, secure, and improve the platform.

Where we store it

Your data is stored on a secure managed backend hosted in the EU. Access is restricted, encrypted in transit, and protected by row-level security so only members of your company can see your data.

What we never do

  • We do not sell your data.
  • We do not use your data to train third-party AI models.
  • We do not share your data with advertisers.

GDPR

Klaro Digital processes personal data in line with the EU General Data Protection Regulation (GDPR). We act as a processor for the data you put into the platform, and as a controller for your account information.

Your rights

  • Access — request a copy of the data we hold about you.
  • Correction — fix anything inaccurate.
  • Deletion — ask us to remove your account and data.
  • Portability — export your registry and reports.

Contact

For any privacy request, email privacy@klarodigital.com. We respond within 30 days.