- Sources of Personal Data
- Categories of Personal Data We Collect
- How We Use Your Personal Data
- Data Security and Retention
- Personal Data of Children
- Your Rights and Control Over Your Data
- Contact Clari About Your Privacy
2. Sources of Personal Data
We collect Personal Data about you from:
- when you provide such information directly to us, and
- when Personal Data about you is automatically collected in connection with your use of our Services.
2. Our subsidiaries and affiliates (together, "Affiliates"), when they provide us with Personal Data about you.
3. Third parties, when they provide us with Personal Data about you ("Third Parties"). Third Parties that share your Personal Data with us include:
- Service providers. For example, Clari links to other services, such as Gmail (as described in more detail in the section below titled "Google Services") and Salesforce. Clari does not access any information from these third-party services without your authorization, or by the authorization of your organization. You grant Clari this authorization when you connect these services to Clari, or when your organization's IT team authorizes these connections on your behalf. To opt out of connecting to these services, contact Clari.
- Advertising partners. We receive information about you from some of our service providers who assist us with marketing or promotional services related to how you interact with our websites, applications, products, services, advertisements, or communications.
2.1 Google Services
Generally, Clari requires read-only access to your Business Gmail account. Certain features of the Clari platform (such as Groove by Clari) also require compose/modify access to your Business Gmail account. By authorizing Clari to connect to your account, you are giving Clari access to all email content in your account as defined by Google's Gmail API.
Clari collects email and calendar metadata for the sole business-related use of the user and Clari's Client. The following data is stored:
- Gmail fields (Sender, Recipient, Date, Time, Subject, Attachment Name)
- GCalendar fields (Meeting Organizer, Guests, Date, Time, Meeting Title, Attachment Name)
The data collected is used by Clari to provide you and your business with visibility into sales opportunity activities.
We may also use the data (i) if we reasonably believe such use is required by any law, regulation, or government body or court, (ii) as necessary to help prevent a security threat to the Service, and (iii) to help internally improve the Service.
Clari will not sell your data or use it for serving advertisements.
The data obtained is subject to these additional restrictions:
- Clari will not transfer the data to others unless (i) doing so is necessary to comply with any law, regulation, or government body or court, or (ii) as part of a merger, acquisition, or sale of Clari's assets.
- Clari will not use this Gmail data for serving advertisements.
- Clari will not sell your data.
- The Service will not allow humans to read this data unless necessary to comply with applicable laws or regulations and for occasional support purposes.
- Clari's use and transfer to any other app of information received from Google APIs will adhere to Google API Services User Data Policy, including the Limited Use requirements.
3. Categories of Personal Data We Collect
Category of Personal Data
Personal Data Collected
What is the source of this Personal Data?
You / Third Parties
Customer records identified by state law (including the California Customer Records statute (Cal. Civ. Code § 1798.80(e)))
You / Third Parties
Internet or other similar network activity information
Interactions with a website, application or advertisement.
You / Affiliates / Third Parties
City, State and Country for purposes of data aggregation.
Voiceprint for speaker identification purposes
The following sections provide additional information about how we collect your Personal Data.
3.1 Information Collected Automatically
4. How We Use Your Personal Data
We process Personal Data to operate, improve, understand, and personalize our Services. We use Personal Data for the following purposes:
- To operate and maintain the Service (such as for the purposes of fixing malfunctions, testing our security systems, etc.).
- To enhance, improve and further develop the Service (such as creating new features or functions, refining the user experience, increasing Service technical performance, etc.).
- We will use your contact information to provide you with notices related to your use of the Service.
- We will use your contact information (such as your email address) to provide you with training and emails with relevant product information. You can opt out of receiving these emails, but in such case you may not receive the full benefit of the Service. Opting out can be done by clicking the "manage email settings" link at the bottom of every email.
- To help personalize the Service experience for you (such as remembering your information so you will not have to enter it each time you use the Service).
- To provide you with the features, functions and benefits of the Service (such as advanced audio features; users may elect to upload their voiceprint when setting up individual Copilot settings, and if this feature is used, the voiceprint will only be used for speaker identification on dialer/VOIP calls).
- To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations.
- For the other purposes referenced in the "How We Share Your Personal Data" section below.
- To provide internal development and training to our staff to improve customer experience.
- And for any other business purpose stated when collecting your Personal Data or as otherwise set forth in applicable data privacy laws, such as the California Consumer Privacy Act (the "CCPA").
4.1 How We Share Your Personal Data
We disclose your Personal Data to the following categories of service providers and other parties:
1. Service providers (a full list of which can be found here), including:
- Hosting and other technology and communications providers
- Ad networks
- Security and fraud prevention companies
- Analytics providers
- Staff augmentation and contract personnel
2. Our affiliates
3. Parties who acquire your Personal Data through an acquisition or other change of control
4. Other parties at your direction
- Other users (where you post information publicly or as otherwise necessary to effect a transaction initiated or authorized by you through the Services)
- Third-party business partners who you access through the Services
- Other parties authorized by you
Over the past twelve months, we have disclosed the following categories of your Personal Data to service providers or other parties for the business purposes listed above:
- Personal identifiers
- Customer records identified by state law
- Internet or other similar network activity information
- Geolocation data
- Biometric data
4.2 Sale of Personal Data
We have never sold your Personal Data.
5. Data Security and Retention
Clari takes robust information security measures to protect your Information and to limit the risk that it will be accessed without authorization, including use of certain industry standard technologies and practices. We follow generally accepted standards to protect the personal information submitted to us, both during transmission and once it is received. That said, we cannot guarantee the security of such Information. Unauthorized entry or use, hardware or software failure, and other factors, may compromise the security of user information at any time. No security system is perfect—so your use of the Service is at your own risk.
If we learn of a security systems breach, then we may attempt to notify you via email, phone, physical mail, or by a posting on your Service account page so that you can take appropriate protective steps. Pursuant to our Terms of Service, you have consented to receive such notice by electronic means (provided that such consent is void where prohibited by applicable law). To receive a free written notice of a security breach, or if you have any questions about the security of the Service, please contact us.
In addition to the security measures referenced above, your Service account is protected by a password for your privacy and security. You must prevent unauthorized access to your account and information by selecting and protecting your password appropriately and limiting access to your computer or device and browser by signing off after you have finished accessing your account.
6. Personal Data of Children
7. Your Rights and Control Over Your Data
7.1 Editing Your Profile
Upon request, Clari will provide you with information about whether we hold, or process on behalf of a third party, any of your personal information. If you wish to access, correct, or request deletion of your personal information, fill out this form and a member of the Privacy Team will respond to you. Clari has no direct relationship with the individuals whose personal data it processes within its Service. An individual who seeks access—or who seeks to correct, amend, or delete inaccurate data—should direct his query to Clari's Client (the data controller). If the Client requests Clari to remove the data, we will respond to their request within 30 days. If as an individual, you wish to identify the specific Client who is acting as the data controller of your Information, please contact firstname.lastname@example.org and we will provide their contact information subject to Clari receiving approval of release of that information from the data controller.
7.2 Deleting Your Account
Deletion of your account is subject to the "Limitations on Deletion" section below. When you request for us to delete your account for the Service, your data may be permanently deleted from our servers and access to your account will be disabled. We may retain your information for as long as your account is active or as needed to provide you services, comply with our legal obligations, resolve disputes, and enforce our agreements.
Clari will retain personal data that we process on behalf of our Clients for as long as needed to provide services to our Client. Clari will retain and use this personal information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
7.3 Limitations on Deletion
In addition, copies of your information may remain viewable elsewhere to the extent that it has been publicly published by you or otherwise shared by you with others (such as your User Submissions).
We may also indefinitely retain and use any aggregated data derived from or incorporating your Information after you update or delete it, but not in a manner that would identify you personally.
We may also retain Information collected by Third Party usage tracking services in aggregate form for the purposes of maintaining historical information on usage of our services.
We may also retain your Information to the extent required to comply with (or we deem it reasonable in light of) any laws or regulations.
Clari has no direct relationship with the individuals whose personal data it processes within its Service. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data should direct his query to Clari's Client (the data controller). If the Client requests Clari to remove the data, we will respond to their request within 30 days. If as an individual you wish to identify the specific Client who is acting as the data controller of your Information, please contact us and we will provide their contact information subject to Clari receiving approval of release of that information from the data controller.
You may sign up to receive email or newsletter or other communications from us. If you would like to discontinue receiving this information, you may update your email preferences by using the "Unsubscribe" link found in emails we send to you or by filling out the form in our subscription center.
We collect information for our Clients. If you are a customer of one of our Clients and would no longer like to be contacted by one of our Clients that use our service, please contact the client that you interact with directly.
7.5 State-Specific Privacy Rights
7.5.1 California Resident Rights
Under California Civil Code Sections 1798.83-1798.84, California residents are entitled to contact us to prevent disclosure of Personal Data to third parties for such third parties' direct marketing purposes. In order to submit such a request, please fill out the form in our subscription center.
You have the right to request certain information about our collection and use of your Personal Data over the past 12 months. We will provide you with the following information:
- The categories of Personal Data that we have collected about you
- The categories of sources from which that Personal Data was collected
- The business or commercial purpose for collecting or selling your Personal Data
- The categories of third parties with whom we have shared your Personal Data
- The specific pieces of Personal Data that we have collected about you
If we have disclosed your Personal Data for a business purpose over the past 12 months, we will identify the categories of Personal Data shared with each category of third party recipient.
You have the right to request that we delete the Personal Data that we have collected from you. Under the CCPA, this right is subject to certain exceptions. For example, we may need to retain your Personal Data to provide you with the Services or complete a transaction or other action you have requested. If your deletion request is subject to one of these exceptions, we may deny your deletion request.
7.5.4 Exercising Your Rights
To exercise the rights described above, please fill out this form. Ensure that you (1) provide sufficient information to allow us to verify that you are the person about whom we have collected Personal Data (for example, providing us your enterprise email address used to register for the Services), and (2) describe your request in sufficient detail to allow us to understand, evaluate, and respond to it. Each request that meets both of these criteria will be considered a "Valid Request." We may not respond to requests that do not meet these criteria. We will only use Personal Data provided in a Valid Request to verify you and complete your request.
We will work to respond to your Valid Request within 45 days of receipt. We will not charge you a fee for making a Valid Request unless your Valid Request(s) is excessive, repetitive, or manifestly unfounded. If we determine that your Valid Request warrants a fee, we will notify you of the fee and explain that decision before completing your request.
You may submit a Valid Request using the following methods:
7.5.5 We Will Not Discriminate Against You for Exercising Your Rights Under the CCPA
We will not discriminate against you for exercising your rights under the CCPA. We will not deny you our goods or services, charge you different prices or rates, or provide you a lower quality of goods and services if you exercise your rights under the CCPA. However, we may offer different tiers of our Services as allowed by applicable data privacy laws (including the CCPA) with varying prices, rates, or levels of quality of the goods or services you receive related to the value of Personal Data that we receive from you.
7.5.6 Nevada Resident Rights
If you are a resident of Nevada, you have the right to opt out of the sale of certain Personal Data to third parties who intend to license or sell that Personal Data. You can exercise this right by filling out the form in our subscription center or contacting us with the subject line "Nevada Do Not Sell Request" and providing us with your name and the email address associated with your account.
7.6 European Union Data Subject Rights
If you are located in the EU, United Kingdom, Lichtenstein, Norway, or Iceland, you may have additional rights under the EU General Data Protection Regulation (the "GDPR"). For more information about Clari's compliance with GDPR, please visit our page dedicated to GDPR.
7.6.1 Data Privacy Framework Protections
c/o Clari Privacy
1154 Sonora Court
Sunnyvale, CA 94086
In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, Clari commits to cooperate and comply respectively with the advice of the panel established by the EU data protection authorities (DPAs) and the UK Information Commissioner's Office (ICO) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF.
In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, Clari commits to refer unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF to the Irish Data Protection Commission, an alternative dispute resolution provider based in the European Union. If you are within the EU and do not receive timely acknowledgment of your DPF Principles-related complaint from us, or if we have not addressed your DPF Principles-related complaint to your satisfaction, please visit the Data Protection Commission website for more information or to file a complaint. The services of the Irish Data Protection Commission are provided at no cost to you. If you are within the UK, and do not receive timely acknowledgment of your DPF Principles-related complaint from us, or if we have not addressed your DPF Principles-related complaint to your satisfaction, please visit the UK Information Commissioner's Office website for more information or to file a complaint. The services of the UK Information Commissioner's Office (ICO) are provided at no cost to you.
Clari is responsible for the processing of personal data it receives, under the Data Privacy Framework, and for any subsequent transfers to a third party acting as an agent on its behalf. Clari complies with the Data Privacy Framework Principles for all onward transfers of personal data from the EU and Switzerland, including the onward transfer liability provisions.
With respect to personal data received or transferred pursuant to the Data Privacy Framework, Clari is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, Clari may be required to disclose personal data in response to lawful requests by public authorities, including requests to meet national security or law enforcement requirements.
Under certain conditions, more fully described on the Data Privacy Framework website, you may invoke binding arbitration when other dispute resolution procedures have been exhausted.
9. Contact Clari About Your Privacy
1154 Sonora Court, Sunnyvale, CA 94086
Individuals and data protection supervisory authorities in the EU and the UK may contact our data protection representatives according to Articles 27 EU and UK GDPR:
EU: DP-Dock GmbH, Attn: Clari Inc., Ballindamm 39, 20095 Hamburg, Germany
UK: DP Data Protection Services UK Ltd., Attn: Clari Inc., 16 Great Queen Street, Covent Garden, London, WC2B 5AH, United Kingdom
- June 30, 2023: Updated the personal data collected and the source for the Biometric category. Revisions to How We Use Your Personal Data; added Advanced Audio Features.
- June 6, 2023: Expanded the Categories of Personal Data We Collect to include data captured for additional product offerings.
- August, 27, 2021: Remove Privacy Shield references.
- December 30, 2019: CCPA compliance included.
- November 22, 2019: Revisions to comply with Google Standards.
- May 29, 2018: Added reference to Clari GDPR web link and clarified policy change notification.
- May 21, 2018: Clarified our disclosure policy to state that information will only be disclosed when required by public authorities or the law.