← Back to home

Privacy Policy

Last updated: March 2026

1. Introduction

Clarion Labs (“we,” “us,” or “our”) operates Clarion, a single-pane-of-glass IT operations console available at clarionlabs.app. This Privacy Policy describes what information we collect, how we use it, and the choices you have. By using Clarion, you agree to the practices described here.

2. Information We Collect

Account Information

When you create an account, we collect your name, email address, and password. If you sign up on behalf of an organization, we also collect your firm or company name.

Integration Data

Clarion connects to third-party services you authorize, such as identity providers (Entra ID, Okta), MDM platforms (Intune, Jamf), email platforms (Exchange), and ITSM tools (ServiceNow, Jira Service Management, Freshservice). When you connect an integration, Clarion reads data from those services to display within the console. We store integration credentials (such as API keys or OAuth tokens) securely so the connection persists.

Usage Data

We collect basic usage information such as pages visited, features used, and timestamps of activity to improve the Service. We do not currently use any third-party analytics tools.

Payment Information

If you subscribe to a paid plan, payment processing is handled by Stripe. We do not store your credit card number or full payment details on our servers. Stripe’s privacy policy governs how they handle your payment information.

3. How We Use Your Information

  • To provide, maintain, and improve the Service
  • To authenticate your identity and manage your account
  • To process payments and manage subscriptions
  • To communicate with you about your account, updates, and support
  • To detect, prevent, and address security issues or abuse
  • To comply with legal obligations

4. Third-Party Services

We use the following third-party services to operate Clarion. Each has its own privacy policy governing how they handle data:

  • Supabase — Database hosting and authentication. Your data is stored in PostgreSQL databases with row-level security ensuring full tenant isolation.
  • Vercel — Application hosting and deployment. Vercel processes web requests to serve the application.
  • Stripe — Payment processing for paid plans. We share only the information necessary to process your subscription.
  • Anthropic (via Vercel AI Gateway) — Powers the optional AI assistant feature. When you use the AI assistant, only your typed question is sent to Anthropic. No user data, firm data, or data from your connected integrations is transmitted to the AI provider.

5. Multi-Tenant Data Isolation

Clarion is a multi-tenant application. Each firm’s data is fully isolated using PostgreSQL row-level security (RLS) policies. Users can only access data belonging to their own organization. There is no cross-tenant data access.

6. Cookies and Local Storage

Clarion uses browser local storage to persist your session token and user preferences (such as theme settings). We do not use third-party tracking cookies. We do not currently run any third-party analytics scripts.

7. Data Security

We take reasonable measures to protect your information. Data at rest is encrypted using AES-256 encryption. Data in transit is protected with TLS 1.3. Authentication is handled through Supabase Auth, which supports email/password login with SSO/SAML planned. Access to production infrastructure is restricted and monitored.

8. Data Retention

We retain your account information and associated data for as long as your account is active. If you close your account, we will delete your data within 30 days, except where we are required by law to retain it. Anonymized, aggregated data that cannot identify you may be retained indefinitely for analytical purposes.

9. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal information we hold about you
  • Request correction of inaccurate information
  • Request deletion of your information
  • Export your data in a portable format
  • Object to or restrict certain processing of your information

To exercise any of these rights, contact us at hello@clarionlabs.app. We will respond within 30 days.

10. Children’s Privacy

Clarion is designed for use by IT professionals and is not directed at children under the age of 16. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us and we will delete it promptly.

11. International Data Transfers

Your data may be processed and stored in the United States. By using the Service, you consent to the transfer of your information to the United States, which may have different data protection standards than your jurisdiction.

12. Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you by email or by posting a notice within the Service. Your continued use of Clarion after the changes take effect constitutes acceptance of the updated policy.

13. Contact

If you have questions about this Privacy Policy or how we handle your data, contact us at hello@clarionlabs.app.

© 2026 Clarion Labs. All rights reserved.