Clever AI – Privacy Policy
Effective Date: 9 June 2025 Last updated: 11 June 2025
This Privacy Policy explains how we collect, use, and safeguard your information when you use Clever AI (the “Service”).
1. Data We Collect
| Category | Examples | Retention |
|---|---|---|
| Account Data | E-mail, display name, hashed password | Life of account + 180 days, then permanent deletion |
| User Content | PDFs, text, slides, video you upload | Until you delete it or your account; back‑ups auto‑purge after 30 days |
| Usage & Diagnostics | Device type, OS version, crash logs (Sentry) | 12 months |
| Subscription Data | Plan, renewal date, transaction IDs (RevenueCat / store) | Active subscription period + 12 months |
| Financial Records | Purchase receipts, invoices as required by local tax law | 5 years or as required by applicable local tax legislation |
2. How We Use Data How We Use Data
- Provide and improve the Service;
- Transform User Content into AI-generated flashcards, quizzes, mind-maps;
- Authenticate and secure accounts;
- Manage subscriptions & payments;
- Monitor performance and debug (Sentry);
- Send administrative messages;
- Comply with legal obligations.
3. AI Processing & Third-Party Providers
When you invoke an AI feature, your User Content and prompt are securely transmitted to OpenAI LLC (USA).
- Retention by OpenAI: logs are retained for up to 30 days solely for abuse monitoring and are not used to train OpenAI models.
- Logging by Us: we store anonymized metadata (token counts, latency) for analytics; actual User Content is not logged once a response is returned.
Other processors:
| Provider | Purpose | Location |
|---|---|---|
| DigitalOcean LLC | Hosting, storage, daily encrypted backup | USA |
| Sentry (Functional Software, Inc.) | Crash/error monitoring | USA |
| RevenueCat, Inc. | Subscription management | USA |
All processors act under data-processing agreements incorporating the 2021 SCCs (EU Commission Decision 2021/914) where required.
4. Legal Bases (EEA/UK)
- Contract – Provide the Service;
- Legitimate Interests – Analytics, fraud prevention, product improvement;
- Consent – Marketing e-mails (opt-in);
- Legal Obligation – Tax, accounting.
5. International Transfers
Data is stored on DigitalOcean (USA). Transfers from the EEA/UK/Kazakhstan rely on the 2021 Standard Contractual Clauses and supplementary measures (encryption, access controls).
6. Backup, Restore & Deletion
- Back-ups: Daily encrypted snapshots retained 30 days (see Terms § 8).
- Account Deletion: Delete your account in-app or by e-mail. We erase Account Data within 30 days and purge User Content from active servers; encrypted backups purge within 30 days.
- User-Requested Restore: You may request restoration of accidentally deleted content within 30 days (support@get-clever.app).
7. Data Subject Requests (GDPR/UK GDPR/CCPA)
To exercise rights of access, rectification, erasure, portability, or objection/restriction, e-mail privacy@get-clever.app with proof of identity. We will respond within 30 days (extendable to 60 days for complex requests).
8. Children’s Privacy
The Service is not directed to children under 17. If you believe a minor has provided data, contact us so we can delete it.
9. Security
We use industry-standard security: HTTPS/TLS, at-rest encryption (AES-256), least-privilege IAM, and continuous monitoring.
10. Changes to this Policy
We may update this Policy. Material changes will be announced 14 days in advance. Continued use after that constitutes acceptance.
11. Contact
E-mail: hello@get-clever.app
Postal: Astana, 010000, Kazakhstan (Full mailing address available upon request via e-mail)
By continuing to use Clever AI you acknowledge that you have read and understood these Terms of Service and Privacy Policy.