Privacy Policy
Last updated: April 25, 2026
1. Who is the data controller
Cloozr ("Cloozr", "we") is operated by EMAudition, with registered office at 10 rue Albert de Vatimesnil, 92300 Levallois-Perret, France. We act as the data controller within the meaning of the General Data Protection Regulation (GDPR) for the personal data we collect in connection with the Service.
Data Protection Officer: dpo@cloozr.com.
2. Data we collect
We collect the following categories of data:
- Account data: email address, first name, password (hashed).
- Profile data: role, description of the product sold, deal size, custom objections.
- Usage data: call transcripts, prospect briefs, session scores, history.
- Technical data: IP address, device identifiers, error logs, browser type.
- Support data: messages you send us.
3. Purposes and legal bases
| Purpose | Legal basis |
|---|---|
| Account creation and management | Performance of contract |
| Service delivery (AI, transcription, reports) | Performance of contract |
| Security, fraud prevention | Legitimate interest |
| Product improvement | Legitimate interest |
| Customer support | Performance of contract |
| Marketing communications | Consent (revocable) |
4. Recipients and processors
Your data may be shared with the following categories of recipients:
- Hosting and infrastructure: Lovable Cloud (infrastructure), Supabase (database and authentication).
- Artificial intelligence: Anthropic (Claude models for analysis); Deepgram (audio transcription).
- Payment (Merchant of Record): Stripe acts as Merchant of Record for the sale of subscriptions, payment handling, VAT and invoicing. Stripe processes your payment data as an independent data controller. See their privacy policy.
- Professional advisors: legal, accounting, as needed.
- Competent authorities when required by law.
5. International transfers
Some processors (notably Anthropic, Deepgram, Stripe (USA, with EU Standard Contractual Clauses)) are located outside the European Economic Area. When this is the case, transfers are framed by the Standard Contractual Clauses of the European Commission or by an adequacy decision. You can contact us to obtain a copy of the safeguards in place.
6. Retention period
- Account data: throughout the lifetime of the account, then 3 years after the last activity.
- Sessions and transcripts: throughout the subscription, then 90 days, then deletion.
- Billing data: 10 years (legal accounting obligation).
- Technical logs: 12 months maximum.
7. Your rights (GDPR)
You have the following rights over your personal data:
- Access: obtain a copy of your data.
- Rectification: correct inaccurate data.
- Erasure: delete your data ("right to be forgotten").
- Restriction of processing.
- Portability: receive your data in a structured format.
- Objection to processing based on legitimate interest.
- Withdrawal of consent at any time, without retroactive effect.
- Complaint to the CNIL (cnil.fr).
To exercise these rights, write to us at dpo@cloozr.com. We respond within one month.
8. Security
We implement appropriate technical and organizational measures to protect your data: encryption in transit (TLS) and at rest, access controls, strong authentication, logging, tenant isolation (Row-Level Security in the database).
9. Cookies
We use only strictly necessary cookies for the operation of the Service (authentication, preferences). No advertising or third-party analytics cookies are placed without your consent.
10. Changes
This policy may be updated. Material changes will be notified to you by email or via the Service before they take effect.
Contact: dpo@cloozr.com.