Privacy Policy
Privacy Policy
Last updated: January 2025
This Privacy Policy explains how Clenow Research ("we", "us", or "our") collects, uses, and protects your personal information when you use our website and services. We are committed to protecting your privacy and complying with the EU General Data Protection Regulation (GDPR) and other applicable data protection laws.
1. Data Controller
The data controller responsible for your personal data is:
Clenow ResearchEmail: support@clenow-research.com
2. Personal Data We Collect
We collect the following categories of personal data:
2.1 Account Information
- Email address (required for account creation and communication)
- First and last name
- Password (stored in encrypted/hashed form)
2.2 Subscription and Payment Data
- Subscription level and status
- Payment history and transaction IDs
- Payment processor customer IDs (Stripe/PayPal)
Note: We do not store your full credit card details. All payment processing is handled securely by our payment processors (Stripe and PayPal).
2.3 Usage Data
- Pages visited and features used
- User preferences (e.g., dark mode settings)
- Login timestamps
2.4 Technical Data
- IP address
- Browser type and version
- Device information
- Cookies and similar tracking technologies (see our Cookie Policy)
3. How We Use Your Data
We use your personal data for the following purposes:
| Purpose | Legal Basis (GDPR) |
|---|---|
| Providing and maintaining the Service | Performance of contract (Art. 6(1)(b)) |
| Processing payments and managing subscriptions | Performance of contract (Art. 6(1)(b)) |
| Sending service-related emails (password resets, subscription updates) | Performance of contract (Art. 6(1)(b)) |
| Responding to support requests | Performance of contract (Art. 6(1)(b)) |
| Improving and optimizing the Service | Legitimate interest (Art. 6(1)(f)) |
| Security and fraud prevention | Legitimate interest (Art. 6(1)(f)) |
| Complying with legal obligations | Legal obligation (Art. 6(1)(c)) |
4. Data Sharing and Third Parties
We share your data with the following categories of recipients:
4.1 Payment Processors
- Stripe: For payment processing. See Stripe Privacy Policy
- PayPal: For payment processing. See PayPal Privacy Statement
4.2 Infrastructure Providers
- Google Cloud Platform: Cloud hosting and infrastructure
- Email service providers: For transactional emails
We do not sell, rent, or trade your personal data to third parties for marketing purposes.
5. International Data Transfers
Your data may be transferred to and processed in countries outside the European Economic Area (EEA). When we transfer data internationally, we ensure appropriate safeguards are in place, including:
- Standard Contractual Clauses approved by the European Commission
- Adequacy decisions for countries with equivalent data protection standards
6. Data Retention
We retain your personal data for as long as necessary to:
- Provide the Service and maintain your account
- Comply with legal obligations (e.g., tax records)
- Resolve disputes and enforce agreements
After account deletion, we retain minimal data for legal compliance for up to 7 years (for tax/accounting purposes), after which it is securely deleted.
7. Your Rights Under GDPR
Under the General Data Protection Regulation, you have the following rights:
7.1 Right of Access (Art. 15)
You have the right to obtain a copy of your personal data. You can request a data export from your account settings.
7.2 Right to Rectification (Art. 16)
You can update your personal information at any time through your account settings.
7.3 Right to Erasure (Art. 17)
You have the right to request deletion of your personal data. You can delete your account from your account settings. Note that we may retain certain data as required by law.
7.4 Right to Data Portability (Art. 20)
You can request your data in a structured, commonly used format (JSON). Use the data export feature in your account settings.
7.5 Right to Object (Art. 21)
You may object to processing based on legitimate interests. Contact us to exercise this right.
7.6 Right to Lodge a Complaint
You have the right to lodge a complaint with a supervisory authority if you believe your data protection rights have been violated.
8. Security
We implement appropriate technical and organizational measures to protect your personal data, including:
- Encryption of data in transit (HTTPS/TLS)
- Secure password hashing
- Access controls and authentication
- Regular security assessments
9. Children's Privacy
The Service is not intended for children under 16 years of age. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us immediately.
10. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of significant changes via email or through the Service. The "Last updated" date at the top indicates when the policy was last revised.
11. Contact Us
For any questions about this Privacy Policy or to exercise your data rights, please contact us:
Clenow ResearchEmail: support@clenow-research.com
If you have any questions about these policies, please contact us at support@clenow-research.com.