Privacy Policy
Effective Date: 2026-03-15 · Last Updated: 2026-03-15
1. Introduction
This Privacy Policy describes how F/AS Ventures ("F/AS," "we," "us," or "our") collects, uses, shares, and protects your personal information when you use ClarityOS, including the application at app.runclarity.ai, the marketing site at runclarity.ai, and all related services (collectively, the "Service").
This policy applies to all users of the Service, including individual account holders and agency account holders who use the Service on behalf of their clients.
By using the Service, you acknowledge that you have read and understood this Privacy Policy. If you do not agree, do not use the Service.
2. Information We Collect
2.1 Information You Provide
- Account information: Name, email address, organization name, and role when you create an account.
- Payment information: Billing details processed through our third-party payment provider. We do not store full credit card numbers on our servers.
- URLs and website content: Website addresses you submit for analysis. The Service analyzes publicly available content at those URLs.
- Brand and strategic content: Information you provide through platform features, including brand descriptions, customer profiles, strategic materials, and other inputs used to generate deliverables (collectively, "User Content").
- Agency client data: If you hold an Agency Account, information you submit on behalf of your clients, including URLs, brand content, and strategic materials.
- Communications: Messages you send to us via email or through the Service.
2.2 Information We Collect Automatically
- Usage data: Pages visited, features used, scores generated, time spent in the application, and interaction patterns.
- Device and browser information: IP address, browser type and version, operating system, device type, and screen resolution.
- Cookies and similar technologies: Session cookies for authentication, preference cookies, and analytics cookies (see Section 7).
- Log data: Server logs including access times, referring URLs, and error reports.
2.3 Information from Third Parties
- Authentication providers: If you sign in through a third-party service (e.g., Google), we receive basic profile information (name, email) as authorized by you.
- Publicly available data: The Service analyzes publicly available website content submitted by users. This content is not treated as personal information unless it contains identifiable personal data.
3. How We Use Your Information
We use the information we collect to:
- Provide the Service: Generate Clarity Scores, strategic deliverables, and other outputs. Process your requests and manage your account.
- Improve the Service: Analyze usage patterns, diagnose technical issues, develop new features, and optimize the user experience.
- Generate benchmarks and research: Create anonymized, aggregated datasets for benchmarking, industry analysis, product improvement, and marketing (see Section 4).
- Communicate with you: Send service-related notices, respond to inquiries, and provide support.
- Process payments: Manage subscriptions, billing, and invoicing through our payment processor.
- Enforce our Terms: Detect and prevent fraud, abuse, and violations of our Terms of Service.
- Comply with legal obligations: Respond to lawful requests from public authorities and meet applicable legal requirements.
We do not sell your personal information.
4. Anonymized and Aggregated Data
4.1 Our Use of Anonymized Data
We use anonymized and aggregated data derived from the Service for benchmarking, research, product improvement, and marketing. This includes scoring distributions, dimensional patterns, industry comparisons, and statistical trends. Anonymized data does not identify you or your organization.
4.2 F/AS-Generated Data
Any Clarity Score, analysis, or output generated by F/AS itself (whether analyzing your website, a competitor's website, or any other URL) is the property of F/AS. This applies regardless of whose website was analyzed. F/AS may use such data for any purpose, including client engagements, marketing, benchmarking, and public research. See Section 7.4 of our Terms of Service for details.
4.3 Your Rights Regarding Anonymized Data
Anonymized and aggregated data is not subject to deletion requests because it cannot be linked back to you. Your right to deletion applies to personal information and identifiable User Content (see Section 8).
5. How We Share Your Information
We do not sell your personal information. We share your information only in the following circumstances:
5.1 Service Providers (Sub-Processors)
We use third-party service providers to operate the Service. These providers process data on our behalf under data processing agreements that require them to protect your information. Current sub-processors include:
| Provider | Purpose | Data Processed |
|---|---|---|
| Vercel | Hosting and deployment | Usage data, server logs |
| Clerk | Authentication and user management | Account information, session data |
| Supabase | Database and storage | Account information, User Content, scores, deliverables |
| Anthropic | AI model provider (Claude API) | User Content submitted for analysis, generated outputs |
| Stripe | Payment processing | Billing and payment information |
We will update this list as sub-processors change. Material changes to sub-processors will be communicated via email or in-app notice.
5.2 Legal Requirements
We may disclose your information if required to do so by law, regulation, legal process, or governmental request, or if we believe disclosure is necessary to protect the rights, property, or safety of F/AS, our users, or the public.
5.3 Business Transfers
If F/AS is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you before your information becomes subject to a different privacy policy.
5.4 With Your Consent
We may share your information with third parties when you explicitly consent to the sharing.
6. Agency Accounts and Data Processing
6.1 Roles
If you hold an Agency Account and submit data on behalf of your clients:
- You are the data controller. You determine why and how your client data is processed through the Service.
- F/AS is the data processor. We process your client data only as necessary to provide the Service and as described in these Terms and this Privacy Policy.
6.2 Agency Responsibilities
As data controller, you are responsible for:
- Having a lawful basis (e.g., consent, legitimate interest, or contractual necessity) for submitting client data to the Service.
- Informing your clients about the use of ClarityOS and AI-generated analysis in your services.
- Responding to data subject requests from your clients (with our reasonable assistance as needed).
- Ensuring your use of the Service complies with applicable data protection laws.
6.3 Data Processing Agreement
Agency Account holders processing personal data subject to GDPR, UK GDPR, or similar regulations may request a Data Processing Agreement (DPA) by contacting legal@runclarity.ai.
7. Cookies and Tracking Technologies
7.1 What We Use
| Cookie Type | Purpose | Required? |
|---|---|---|
| Essential / Session | Authentication (Clerk), security, core functionality | Yes — service cannot function without these |
| Preference | Theme settings (light/dark mode), language | No — but degrades experience if declined |
| Analytics | Usage patterns, feature adoption, performance monitoring | No — can be declined |
7.2 Your Choices
When you first visit the Service, we will present a cookie consent banner allowing you to accept or decline non-essential cookies. You can update your preferences at any time through your account settings or by clearing your browser cookies.
Essential cookies cannot be disabled as they are necessary for the Service to function.
7.3 Do Not Track
We respect Do Not Track (DNT) signals. When we detect a DNT signal, we disable non-essential analytics cookies.
8. Your Rights
Depending on your jurisdiction, you may have some or all of the following rights regarding your personal information:
8.1 All Users
- Access: Request a copy of the personal information we hold about you.
- Correction: Request correction of inaccurate or incomplete personal information.
- Deletion: Request deletion of your personal information and account. We will process deletion requests within 30 days, subject to legal retention obligations.
- Data portability: Request your data in a structured, commonly used, machine-readable format.
- Objection: Object to processing of your personal information for certain purposes.
To exercise any of these rights, contact legal@runclarity.ai.
8.2 European Economic Area, United Kingdom, and Switzerland (GDPR / UK GDPR)
In addition to the rights above:
- Legal basis for processing: We process your data based on: (a) contract performance (providing the Service), (b) legitimate interests (improving the Service, benchmarking, security), and (c) consent (non-essential cookies, marketing communications). You may withdraw consent at any time without affecting the lawfulness of prior processing.
- Right to restrict processing: You may request that we restrict processing of your personal information in certain circumstances.
- Right to lodge a complaint: You have the right to lodge a complaint with your local data protection authority.
- Data transfers: Your data is transferred to the United States. We rely on Standard Contractual Clauses (SCCs) approved by the European Commission to ensure adequate protection. A copy of the SCCs is available upon request.
- Data Protection Officer: Given the current scale of our operations, we have not appointed a DPO. For data protection inquiries, contact legal@runclarity.ai.
8.3 California (CCPA / CPRA)
If you are a California resident:
- Right to know: You have the right to request the categories and specific pieces of personal information we have collected, the sources, the business purposes for collection, and the categories of third parties with whom we share it.
- Right to delete: You may request deletion of your personal information, subject to certain exceptions.
- Right to opt out of sale or sharing: We do not sell or share (as defined by CCPA/CPRA) your personal information for cross-context behavioral advertising.
- Right to non-discrimination: We will not discriminate against you for exercising your CCPA/CPRA rights.
- Categories of personal information collected: Identifiers (name, email, IP address), commercial information (subscription and billing data), internet or electronic network activity (usage data, cookies), and professional information (organization, role).
To submit a CCPA/CPRA request, contact legal@runclarity.ai. We will verify your identity before processing the request.
8.4 Other Jurisdictions
- Australia (Privacy Act 1988): You may access and correct your personal information. Complaints may be directed to the Office of the Australian Information Commissioner (OAIC).
- Singapore (PDPA): You may access, correct, and request deletion of your personal data. Contact legal@runclarity.ai.
- South Africa (POPIA): You may access, correct, and request deletion of your personal information. You may also object to processing. Complaints may be directed to the Information Regulator.
- India (DPDP Act 2023): You have rights to access, correction, and erasure of your personal data. Contact legal@runclarity.ai.
- New Zealand (Privacy Act 2020): You may access and request correction of your personal information.
9. Data Security
We implement reasonable technical and organizational measures to protect your personal information, including:
- Encryption in transit (TLS/HTTPS) and at rest.
- Access controls and authentication requirements.
- Regular security reviews of our infrastructure and sub-processors.
- Row-level security policies on database tables containing user data.
No method of transmission or storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.
10. Data Retention
- Account data: Retained for as long as your account is active, plus 30 days following account deletion to process the request and meet legal obligations.
- Scores and deliverables: Retained for as long as your account is active. Deleted within 30 days of account deletion.
- Usage and analytics data: Retained in identifiable form for up to 24 months, then anonymized.
- Payment records: Retained as required by applicable tax and accounting laws (typically 7 years).
- Anonymized and aggregated data: Retained indefinitely. Not subject to deletion requests.
11. Children's Privacy
The Service is not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we learn that we have collected personal information from a child under 18, we will delete it promptly. If you believe a child has provided us with personal information, contact legal@runclarity.ai.
12. Third-Party Links
The Service may contain links to third-party websites or services. We are not responsible for the privacy practices of those third parties. We encourage you to review their privacy policies before providing any personal information.
13. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on the Service and updating the "Last Updated" date. For material changes that reduce your rights or expand our use of your data, we will provide at least 30 days' notice via email or in-app notification.
Your continued use of the Service after the effective date of the updated policy constitutes acceptance.
14. Contact
For questions, concerns, or requests related to this Privacy Policy or your personal data:
F/AS Ventures
Email: legal@runclarity.ai
Web: runclarity.ai
For EU/UK data protection inquiries, please include "GDPR Request" in the subject line.
For California privacy requests, please include "CCPA Request" in the subject line.
This Privacy Policy was last updated on 2026-03-15.