ClarityCalc Privacy Policy
Last updated: April 4, 2026
This Privacy Policy describes how Codedaptive LLC (“Codedaptive,” “we,” “us,” or “our”) collects, uses, and protects information when you use ClarityCalc, available at app.claritycalc.io (the “Service”).
By using the Service, you agree to the collection and use of information as described in this policy.
1. Information We Collect
Information You Provide
Account information. When you create an account, we collect your name, email address, and the name of your organization. If you are invited to an existing organization, we collect the same information during account setup.
Business data.When you use the Service, you enter business information such as product catalogs, service definitions, client names, pricing models, plan configurations, and related data (“Your Data”). This is the core content you create and manage within ClarityCalc.
Payment information. If you subscribe to a paid plan, payment processing is handled entirely by Stripe. We do not receive, store, or process your credit card number, bank account details, or other payment instrument data. We receive only confirmation of your subscription status, billing period, and general payment outcomes (success or failure) from Stripe.
Communications. If you contact us at support@claritycalc.io, we retain the content of that communication to provide support and improve the Service.
Information Collected Automatically
Authentication data. We store a hashed version of your password (never in plaintext). If you enable multi-factor authentication (MFA), we store an encrypted version of your TOTP secret using AES-256-GCM encryption. Recovery codes are stored as bcrypt hashes.
Error and performance data.We use Sentry for error monitoring. When an error occurs in the Service, Sentry captures technical information about the error, including the page URL, browser type, and a stack trace. Sentry does not capture your business data, and session replay is disabled. Error data is transmitted through a first-party tunnel on our domain, not directly to Sentry’s servers.
Server logs.Our hosting provider (Vercel) collects standard server logs, which may include IP addresses, request timestamps, and pages visited. These logs are used for security monitoring and debugging and are retained according to Vercel’s data retention policies.
Information We Do Not Collect
We do not use tracking cookies, advertising pixels, or third-party analytics services. The only cookies used by the Service are authentication session cookies required for you to stay logged in.
We do not collect or process biometric data, geolocation data, or data from third-party sources about you.
2. How We Use Your Information
We use the information we collect to:
- Provide, operate, and maintain the Service
- Process your subscription and manage billing through Stripe
- Send transactional emails (password resets, account invitations, billing notifications)
- Monitor for and respond to errors, security incidents, and abuse
- Respond to your support requests
- Comply with legal obligations
We do not use Your Data for any purpose other than providing the Service to you. We do not sell, rent, or share your information with third parties for advertising, marketing, or their own business purposes. We do not use your information to train machine learning models or build profiles about you.
3. Third-Party Services
We use a limited number of third-party services to operate ClarityCalc. Each processes only the minimum data necessary for their function:
| Service | Purpose | Data they receive |
|---|---|---|
| Vercel | Application hosting | Server requests, IP addresses (standard web hosting) |
| Neon | PostgreSQL database hosting | All stored data (encrypted in transit and at rest) |
| Stripe | Payment processing | Email address, organization name, subscription details. Stripe handles all payment instrument data directly — we never see it. |
| Postmark | Transactional email | Recipient email address and email content (invitations, password resets) |
| Sentry | Error monitoring | Technical error data only (page URLs, stack traces, browser info). No business data. Session replay is disabled. |
We do not share Your Data with any services beyond those listed above. All third-party services are established providers with their own privacy policies and security practices.
4. Data Storage and Security
Your Data is stored on servers located in the United States.
We implement security measures designed to protect your information, including:
- All connections to the Service use TLS encryption
- Passwords are hashed using bcrypt and never stored in plaintext
- MFA secrets are encrypted at rest using AES-256-GCM
- Password reset tokens are stored as SHA-256 hashes
- Authentication cookies are configured with Secure, HttpOnly, and SameSite attributes
- Administrative access to the platform is protected by mandatory multi-factor authentication
- Security headers (CSP, HSTS, X-Frame-Options) are enforced on all pages
No security system is perfect. While we take reasonable measures to protect your information, we cannot guarantee absolute security. If we discover a breach that affects your personal data, we will notify you by email within a commercially reasonable timeframe.
5. Data Retention
Active accounts. Your Data is retained for as long as your account and organization are active.
After cancellation. When your organization is deactivated following subscription cancellation, Your Data is retained for 90 days to allow for reactivation or data export requests. After 90 days, Your Data is permanently deleted. Deleted data may persist in encrypted database backups for up to an additional 30 days beyond the deletion date, solely for disaster recovery purposes. This backup data is not accessible through the Service.
Backups. Our database provider maintains automated backups for disaster recovery purposes. Backup data is not accessible through the Service and is used solely for disaster recovery. We do not restore individual records from backups except in the case of a system-wide recovery event.
Account data. Basic account information (name, email, organization name) may be retained in audit logs and backups for a reasonable period after deletion for security, legal, and operational purposes.
6. Your Rights
Access and export. You can access Your Data at any time through the Service. Export tools are available to download your product catalog and client data.
Correction. You can update your account information and Your Data directly within the Service at any time.
Deletion. You may request deletion of your account and associated data by contacting us at support@claritycalc.io. Organization Owners can also cancel their subscription, which initiates the data retention and deletion process described above.
Data portability. The export tools within the Service allow you to download Your Data in standard formats (XLSX) for use with other systems.
If you are located in a jurisdiction that provides additional data protection rights (such as the GDPR or CCPA), we will honor applicable requests. Contact us at support@claritycalc.io to exercise your rights.
7. Children’s Privacy
The Service is not directed at individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected information from a child, we will take steps to delete it promptly.
8. Changes to This Policy
We may update this Privacy Policy from time to time. When we make changes, we will update the “Last updated” date at the top of this page and notify you by email.
Your continued use of the Service after changes take effect constitutes acceptance of the updated policy.
9. Contact
If you have questions about this Privacy Policy or how we handle your data, contact us at:
Codedaptive LLC — support@claritycalc.io