Data & Privacy Protection Policy
WHO WE ARE
The website www.clara.co is operated by Clara Technologies Limited (we, our, Clara or us) so that we may:
(1) help direct you to products and services which may be of interest to you; and
(2) contact you with information and offers, suggestions and recommendations of products and services which may be of interest to you from either Clara, its affiliates or its partners
Where we use our site in this Data & Privacy Protection Policy, we mean www.clara.co.
Clara Technologies Limited
2406 ResCo-work02, Level 24, Al Sila Tower, Abu Dhabi Global Market Square, Al Maryah Island, Abu Dhabi, United Arab Emirates
DATA & PRIVACY
What we collect
At Clara, we gather information in a range of different ways:
Information automatically collected
Each time you visit our site, we may automatically collect information about you and the device you are using, including:
- information about which pages you visit and which resources you use on our site
- information about how you got to our site
- your internet protocol address known as your IP address which is used to connect your device to the internet
- information about your preferences and items you have bookmarked, liked or shared
- your device’s operating system and platform
- the type and version of the browser you are using
- MAC addresses which are used as network addresses for Wi-Fi and Ethernet
- traffic data, which is aggregated information about the number of visitors, sessions, users and page visits to our site
- location data
- time zone setting
Information we get from others
We may get information about you from other third-party sources, such as your employer when they issue you options or shares, or from the Founders of a company that you invested in who use Clara. These other third-party sources will have their own applicable privacy notices, cookie notices and terms and conditions regarding the use of personal data and we do not accept any responsibility or liability for those notices, terms and conditions or the use of your personal data by those other third party sources.
Information you give us
If you sign up with us, we may also collect:
- your name
- your email address
- your address
- your social media account information
- your telephone number
- your gender
- your date of birth
- driver’s licence, passport number or national ID number
Please note that as a user of our website, you are responsible for keeping your login information including your password confidential. If you believe that your login information or password has been compromised or that someone else has accessed your account, please notify us immediately by contacting us at firstname.lastname@example.org.
Where do we get your information from?
Why do we need your information?
We need the information we collect automatically about your visit to our site to:
- administer our site
- improve our site to ensure that content is presented in the most effective manner
- allow you to participate in interactive features of our services when you choose to do so
- analyse how visitors use our site (including behaviour patterns and the tracking of visits across multiple devices)
- improve your online experience
We need the information you provide directly to us or by filling in any of the forms on our site to:
- direct you to products and/or services which may be of interest to you
- contact you with information and offers, suggestions and recommendations of products and/or services which may be of interest to you
- contact you about those products and/or services on our site in which you have expressed an interest
- provide our services to you
- comply with our regulatory or legislative requirements
You do not have to give us any information or confirm that the information we have obtained from other sources is correct.
Who do we share your information with?
We sometimes share some of your information with other organisations, including our affiliates and partners.
We also use a number of carefully selected third parties to supply us or you with products and services. We will only share your information with our suppliers, affiliates and partners where it is necessary for them to provide us or you with the services that are needed.
Where is your information stored?
Your information is stored on servers and filing systems in the United States of America. Our servers are hosted on Microsoft Azure using Azure Kubernetes Service.
Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it. Where we use certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe.
Where we use providers based in the United States of America, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between Europe and the United States of America.
Our site may contain links to and from the websites of third parties (e.g. payment processing sites). If you follow a link to any of these websites, please note that these websites have their own terms and conditions, privacy notices and cookie notices and we do not accept any responsibility or liability for those notices or your use of those websites.
How do we protect your personal data?
Clara is concerned with keeping your personal data secure and protecting it from unauthorised disclosure. We implement a variety of security measures to ensure the security of your personal data on our systems, including extensive due diligence on our code and run periodically vulnerability tests to make sure our applications and your data is always safe and secure.
We use enhanced security on top of our Container-Optimized OS including locked-down firewalls, read-only file systems and limited user accounts with disabled root login. Any personal data collected by us is contained behind secured networks and is only accessible by a very limited number of employees who have special access rights to such systems and whom are subject to strict confidentiality obligations. Where personal data is collected by us it will be transmitted and protected via a secure protocol and encrypted in our databases to be accessed only as stated above.
If and when we use subcontractors to store your data, we enter into written agreements with them which comply with applicable data protection law to help ensure the security of your personal data is within best international standards. Unfortunately, no transmission of data over the internet is guaranteed to be completely secure. It may be possible for unauthorised third parties, to intercept or access transmissions or private communications unlawfully. While we strive to protect your personal data, we cannot ensure or warrant the security of any personal data you transmit to us. Any such transmission is done at your own risk. If you believe that your interaction with us is no longer secure, please contact us.
How long do we keep your information for?
We only keep your information for as long as we need it.
If you have an online account with us or provide information directly to us by filling in the forms on our site or via social media, we will keep your information for no more than five years from the date you cease to have any active accounts with us. We keep your information for this long so that we can:
- ensure we contact you with information on products, services, suggestions, offers and recommendations relevant and appropriate to you
- deal with any issues or concerns that you may have about how we handled your account
- bring or defend any legal claims
- comply with regulatory audit requirements
Do we carry out profiling and automated decision making?
The profiling and automated decision-making we carry out in respect of the information we hold about you and your account is used to enable us to ensure relevant information, suggestions and recommendations for products are sent to you by us.
What rights do you have?
Under the data protection rules, you have a number of rights in respect of your information, which include the right to:
- access your information
- withdraw your consent to the processing of your information at any time
- ask us to make changes to the information we hold about you to make sure that it is accurate and up to date
- delete or erase your information (sometimes called the right to be forgotten)
- stop or restrict our processing of your information
- object to our processing your information
- not be subject to automated decision-making
- request the transfer of some of the information we hold about you (known as data portability)
If you would like to exercise any of your rights, please contact us at email@example.com. Please note that an archive copy of any information provided to us may be retained by us for our records and for audit purposes.
You have the right to request a copy of the information we hold about you by sending your request in writing to us at firstname.lastname@example.org.
You can unsubscribe from our emails at any time by clicking on “unsubscribe” at the bottom of the email.
California Privacy Rights
Under California Civil Code sections 1798.83-1798.84, California residents are entitled to ask us for a notice identifying the categories of personal customer information which we share with our affiliates and third parties for marketing purposes and providing contact information for such affiliates and third parties. If you are a California resident and would like a copy of this notice, please submit a written request to email@example.com.
Making a complaint
If you have any questions, concerns or complaints about the way we process your personal information, please contact firstname.lastname@example.org.
If you are not happy with the way we have handled your complaint or are still concerned about our handling of your personal information, you can lodge a complaint with your local data protection supervisory authority or, where applicable, the US Department of Commerce and/or the Federal Trade Commission.
In the European Economic Area, the relevant supervisory authority is the one in the country or territory where:
- you are resident;
- you work; or
- the alleged infringement took place.
A list of National Data Protection Authorities in the European Economic Area can be found here: http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm.
What are cookies?
Cookies are text files containing small amounts of information which are downloaded to your device when you visit our site. Our site recognises those cookies on each subsequent visit, enabling our site to recognise you.
- recognise you whenever you visit our site
- remember the notifications you’ve seen so that we don’t show them to you again
- allow you to navigate between pages efficiently
- measure how you use our site so it can be updated and improved to give you the best possible experience on our site
When you open our site in your browser a cookie pop-up message will be displayed and this will ask you for your consent for non-essential cookies to be placed on your device. If you do not click to accept cookies but you continue to use our site without disabling cookies, we will consider this to mean that you accept our use of these non-essential cookies.
A record of your acceptance will be stored in a functional cookie for 30 days, after which the cookie will expire, and the cookie pop up message will be displayed again.
You may withdraw your consent or acceptance at any time by following the instructions for disabling cookies, signposted at the end of this policy.
We use the following cookies on our site:
These non-essential cookies allow our site to remember choices you make. The information these cookies collect may be anonymised and they cannot track your browsing activity on other sites.
What is the purpose of this cookie
You will see a pop-up cookies message when you first visit our site. We’ll store a cookie so that your computer knows you’ve seen it and knows not to show it again. This expires after 30 days when you will see a pop-up cookie message again to remind you of this Data & Privacy Protection Policy and to ask you to consent again to our use of non-essential cookies.
How long this cookie lasts
Valid unless deleted
Third party performance cookies
These non-essential cookies collect information about how visitors use our site, for example which pages visitors go to most often and if they get error messages from web pages. These cookies don’t collect information that identifies a visitor. All information these cookies collect is aggregated and is therefore anonymous. It is only used to improve how a website works.
What is the purpose of this cookie
We use Google Analytics to collect information about how you use our site.
We use the information to compile reports and to help us improve our site. The cookies collect information in an anonymous form, including the number of visitors to our site, where visitors have come to our site from and the pages they visited.
We don’t allow Google to use or share our analytics data.
Google Analytics stores information about:
- the pages you visit on our site
- the actions you perform on our site
- how long you spend on each page
- how you got to our site
- what you click on while you’re visiting our site
- information about the browser and device you use to navigate our site, (including an anonymised IP address)
We don’t collect or store any personal information (for example your name or address) that can be used to identify who you are.
More details about how Google Analytics collects and processes data are available at www.google.com/policies/privacy/partners.
You can opt out of being tracked by Google Analytics cookies across all websites http://tools.google.com/dlpage/gaoptout.
How long this cookie lasts
Valid unless deleted.
Where to find more information
You can adjust the settings in your web browser to determine whether (all) sites can set cookies on your computer. More information about cookies and how to manage them, specific to your browser, can be found at https://ico.org.uk/for-the-public/online/cookies/.
Changes to our Data & Privacy Protection Policy
We may change this Data & Privacy Protection Policy from time to time. If we make any substantive changes related to how we collect or use personal data, we will change the content last updated date below. Other changes including grammar or spelling corrections will automatically update the timestamp at the bottom of this document.
This Data & Privacy Protection Policy was last reviewed and updated in September 2019.