Privacy Statement

ClearActAI (“we”, “us”, “our”) is committed to protecting the privacy and personal data of users of our platform and website. This privacy statement explains how we collect, use, store, and protect personal data in connection with our regulatory readiness and compliance assessment services.

1. Scope of this privacy statement

This privacy statement applies to visitors to our website, users completing assessments or interacting with the ClearActAI platform, and contacts communicating with us for informational or commercial purposes.

ClearActAI operates in the European Union and processes personal data in accordance with the General Data Protection Regulation (GDPR).

2. Data controller

ClearActAI
Oudezijds Voorburgwal 171
1012 EV, Amsterdam
The Netherlands

For privacy-related inquiries, you may contact us at: privacy@clearact.ai

3. Categories of personal data processed

• Contact details (name, email address, role, organisation);
• Account credentials and authentication data;
• Information submitted through assessments or intake questionnaires;
• Technical and usage data (timestamps, logs, system interactions);
• Communication data (emails or support messages).

ClearActAI does not intentionally process special categories of personal data unless explicitly provided by the user as part of an assessment.

4. Purposes of processing

• Providing regulatory readiness assessments and reports;
• Generating structured compliance insights and documentation;
• Managing user accounts and authentication;
• Communicating with users regarding platform use;
• Improving platform security, reliability, and functionality;
• Meeting legal or regulatory obligations.

ClearActAI does not use personal data for advertising, profiling, or automated decision-making producing legal or similarly significant effects.

5. Legal bases for processing

• Performance of a contract or pre-contractual steps;
• Legitimate interests in operating and securing the platform;
• Compliance with legal obligations;
• Explicit consent, where required.

6. Data storage and retention

Personal data is stored securely and retained only for as long as necessary to fulfil the purposes described above, unless a longer retention period is required by law.

7. Data sharing and third parties

ClearActAI does not sell personal data. Personal data may be shared only with technical service providers strictly necessary for platform operation, professional advisors where legally required, or public authorities where mandated by law.

8. Security measures

ClearActAI implements appropriate technical and organisational measures to protect personal data, including access controls and audit logging. Safeguards are continuously reviewed and improved.

9. Your rights

• Right of access;
• Right to rectification;
• Right to erasure (where applicable);
• Right to restrict or object to processing;
• Right to data portability;
• Right to withdraw consent.