Version 1.0 | Last updated: January 20, 2026
This Privacy Policy describes how Clarno ("we," "us," or "our") collects, uses, processes, and protects your personal information when you use our services. This policy applies to all users of our website, applications, and AI-powered tools. By using Clarno, you consent to the data practices described in this policy. If you do not agree with this policy, please do not use our services.
We collect several types of information to provide, improve, and secure our services. Account Information: When you create an account, we collect your name, email address, and authentication credentials provided through third-party authentication services (e.g., Google OAuth). Workspace and Project Data: We collect the content, data, projects, analyses, and other information you create, upload, or submit while using Clarno. This may include text inputs, problem statements, market research data, and AI-generated insights. Usage Data: We automatically collect information about how you interact with our services, including IP address, browser type and version, device information, operating system, pages visited, time spent on pages, navigation paths, clickstream data, and features used. Cookies and Tracking Technologies: We use cookies, web beacons, and similar tracking technologies to maintain session state, remember your preferences, authenticate your identity, analyze usage patterns, and improve service performance. You can control cookie preferences through your browser settings, although disabling certain cookies may limit functionality.
We use the information we collect for legitimate business purposes and to provide you with a high-quality service. Service Provision: We use your information to create and manage your account, authenticate your identity, provide access to features and functionality, process and store your content and projects, deliver AI-generated insights and recommendations, and respond to your support requests. Service Improvement: We analyze usage data to understand how users interact with our services, identify and fix technical issues, develop new features and functionality, improve our AI models and algorithms, enhance user experience, and conduct research and analytics. Communication: We may use your contact information to send service-related notifications, security alerts, account updates, feature announcements, and (with your consent) marketing communications about our products and services. Legal Compliance and Security:We may process your information to comply with legal obligations, enforce our Terms of Service, prevent fraud and abuse, protect our rights and property, ensure platform security, and respond to law enforcement requests.
For users in the European Economic Area (EEA), United Kingdom, and Switzerland, we process your personal data based on the following legal grounds: Contractual Necessity: Processing is necessary to perform our contract with you (i.e., providing the services you requested when creating an account). Legitimate Interests: We process data based on our legitimate interests in operating, improving, and securing our services, provided these interests are not overridden by your fundamental rights and freedoms. Consent: Where required by law, we obtain your explicit consent before processing certain types of personal data (e.g., marketing communications). You may withdraw consent at any time. Legal Obligation: We process data when necessary to comply with legal obligations, such as responding to valid legal requests or tax requirements.
Clarno uses Large Language Models (LLMs) and artificial intelligence technologies to analyze your inputs and generate insights. When you interact with our AI features, your inputs may be processed by third-party AI service providers. We implement technical and organizational measures to protect your data during AI processing, including data encryption, access controls, and contractual safeguards with AI providers. However, you should be aware that AI-generated content may inadvertently include patterns from training data, and we cannot guarantee that AI outputs will be free from errors, inaccuracies, or hallucinations. We do not use your personal data to train third-party AI models unless you provide explicit consent. Your User Content is processed solely to provide you with the requested AI-powered insights and is not shared with other users or used for any purpose beyond service provision unless otherwise specified.
We do not sell your personal data to third parties. We share your information only in the following limited circumstances: Service Providers: We engage trusted third-party service providers to perform functions on our behalf, such as cloud hosting (AWS, Google Cloud), authentication services (Google OAuth), payment processing, email delivery, analytics platforms, and customer support tools. These providers are contractually obligated to protect your data and use it only for the specific purposes we authorize. AI and LLM Providers: Your content may be processed by third-party AI providers (such as OpenAI, Anthropic, or Google AI) to generate insights and recommendations. We ensure these providers maintain appropriate data protection standards and do not use your data to train their models without your consent. Legal Requirements: We may disclose your information if required by law, regulation, legal process, or governmental request, or to protect the rights, property, or safety of Clarno, our users, or the public. Business Transfers: In the event of a merger, acquisition, reorganization, or sale of assets, your information may be transferred to the acquiring entity, subject to the same privacy protections.With Your Consent: We may share your information with third parties when you explicitly consent to such sharing.
Clarno operates globally, and your information may be transferred to, stored, and processed in countries other than your country of residence, including Pakistan and the United States. These countries may have data protection laws that differ from those in your jurisdiction. When we transfer personal data from the EEA, UK, or Switzerland to other countries, we implement appropriate safeguards, such as Standard Contractual Clauses approved by the European Commission, to ensure your data receives an adequate level of protection. By using our services, you acknowledge and consent to the transfer of your information to countries outside your jurisdiction.
We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. Account Data: We retain your account information for the duration of your account's active status and for a reasonable period thereafter to comply with legal obligations and resolve disputes. User Content: Your workspace and project data are retained until you delete them or close your account. Usage Data: We typically retain usage logs and analytics data for up to 24 months unless longer retention is necessary for security, fraud prevention, or legal compliance purposes. When you delete your account, we will delete or anonymize your personal information within 90 days, except where retention is required by law, for ongoing legal proceedings, or to enforce our Terms of Service.
If you are located in the EEA, UK, or Switzerland, you have the following rights regarding your personal data: Right of Access: You have the right to request a copy of the personal data we hold about you. Right to Rectification: You can request that we correct inaccurate or incomplete personal data. Right to Erasure ("Right to be Forgotten"):You can request that we delete your personal data, subject to certain legal exceptions. Right to Restriction of Processing: You can request that we limit how we use your data in certain circumstances. Right to Data Portability: You have the right to receive your personal data in a structured, commonly used, machine-readable format and to transmit it to another controller.Right to Object: You can object to processing based on legitimate interests or for direct marketing purposes. Right to Withdraw Consent: Where processing is based on consent, you have the right to withdraw that consent at any time. Right to Lodge a Complaint: You have the right to file a complaint with a data protection supervisory authority in your jurisdiction. To exercise any of these rights, please contact us at info@clarno.ai. We will respond to your request within 30 days.
We implement industry-standard technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include data encryption in transit (TLS/SSL) and at rest, secure authentication mechanisms (OAuth 2.0, JWT tokens), role-based access controls, regular security audits and vulnerability assessments, intrusion detection and monitoring systems, and secure backup and disaster recovery procedures. However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your personal data, we cannot guarantee its absolute security. You are responsible for maintaining the confidentiality of your account credentials and for notifying us immediately of any unauthorized access to your account.
We use cookies and similar technologies to enhance your experience, maintain session state, and analyze usage patterns. Essential Cookies: Necessary for authentication, security, and core functionality. These cannot be disabled without affecting service operation. Performance and Analytics Cookies: Help us understand how users interact with our services by collecting aggregated usage data. Functional Cookies: Remember your preferences and settings to provide a personalized experience. You can manage cookie preferences through your browser settings. Most browsers allow you to block or delete cookies, but doing so may impact your ability to use certain features of our services. For more information about how we use cookies, including a list of specific cookies we deploy, please refer to our Cookie Policy (available upon request).
Our services are not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have inadvertently collected information from a child under 18, please contact us immediately at info@clarno.ai, and we will take prompt steps to delete such information.
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or for other operational reasons. When we make material changes, we will notify you by email (to the address associated with your account), through a notification within the service, or by other appropriate means. The updated policy will indicate the "Last updated" date at the top. We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information. Your continued use of our services after the effective date of any changes constitutes your acceptance of the revised Privacy Policy.
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at: Email: info@clarno.ai | Mail: Clarno, NSTP, NUST, Islamabad, Pakistan. For GDPR-related inquiries, you may contact our Data Protection Officer at info@clarno.ai. We will respond to all legitimate requests within 30 days.