Privacy Policy
Last Updated: February 8, 2026
This policy covers CLAIV Echo (echo.claiv.io) and CLAIV Memory (claiv.io)
Introduction
Welcome to CLAIV Echo. This Privacy Policy describes how Claiv ("we," "us," or "our") collects, uses, and protects your personal information when you use CLAIV Echo (echo.claiv.io) and CLAIV Memory (claiv.io), collectively the "Services."
We are committed to protecting your privacy and handling your data transparently. Please read this policy carefully.
1. Information We Collect
1.1 Account Information
- Name and email address when you register
- Authentication credentials (stored securely, never in plaintext)
- Plan and billing information
- Profile preferences and settings
1.2 Usage Data
- Conversation content you submit to the AI
- Canvas content, documents, and files you upload
- Memory facts extracted from your conversations
- Feature usage patterns and interaction logs
- Device information, browser type, and IP address
1.3 Memory Data
CLAIV Echo uses CLAIV Memory to extract structured facts from your conversations. These facts are stored to provide personalised, context-aware responses in future sessions. You can view, edit, and delete your memory data at any time from your account settings.
2. How We Use Your Information
- Providing the service: Processing your conversations, maintaining your canvas, and recalling memory context for personalised AI responses
- Improving Echo: Analysing usage patterns (in aggregate) to improve model quality, response accuracy, and feature design
- Account management: Authentication, billing, plan management, and customer support
- Communications: Service updates, security notices, and (with your consent) product news
- Safety and compliance: Preventing abuse, detecting violations of our Terms of Service, and complying with legal obligations
We do not sell your personal data or conversation content to third parties. We do not use your conversations to train AI models without explicit consent.
3. AI Models and Third Parties
CLAIV Echo routes your messages to third-party AI providers including OpenAI, Anthropic, and Google. Each provider has its own privacy policy and data handling terms. We send only the minimum necessary context required to generate a response.
- OpenAI: openai.com/privacy
- Anthropic: anthropic.com/privacy
- Google: policies.google.com/privacy
4. Data Retention and Deletion
You may delete your account and all associated data at any time from Settings → Account. Upon deletion we:
- Remove all conversation history and canvas data within 30 days
- Delete all CLAIV Memory facts linked to your account
- Provide a structured deletion receipt upon request (GDPR Art. 17)
- Retain anonymised aggregate analytics data only
5. Your Rights (GDPR / UK GDPR)
If you are in the EU or UK, you have the following rights:
- Access: Request a copy of your personal data
- Rectification: Correct inaccurate data
- Erasure: Request deletion of your data ("right to be forgotten")
- Portability: Receive your data in a machine-readable format
- Objection: Object to processing based on legitimate interests
- Restriction: Request restriction of processing in certain circumstances
To exercise any of these rights, contact us at [email protected].
6. Security
We implement industry-standard security measures including:
- Encryption in transit (TLS 1.3) and at rest (AES-256)
- Strict access controls and role-based permissions for internal systems
- Regular security reviews and penetration testing
- Anomaly detection for account access and API usage
7. Cookies
We use cookies for authentication, analytics (via Google Tag Manager), and service functionality. You can manage cookie preferences via our cookie banner or your browser settings. See our Cookie Policy for full details.
8. Children's Privacy
Our Services are not directed to children under 16. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us immediately at [email protected].
9. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of significant changes by email or via an in-app notice at least 14 days before the changes take effect. Continued use of the Services after the effective date constitutes acceptance of the updated policy.
10. Contact Us
For privacy inquiries, data subject requests, or questions about this policy:
- Email: [email protected]
- Company: Claiv Ltd
- General: [email protected]