← Back to Klarix

Privacy Policy

Effective: February 21, 2026  |  Last updated: February 21, 2026

1. Who We Are

Klarix ("we," "us," "our") is a competitive intelligence service operated by Michael Baylard, based in Illinois, United States. This policy explains how we collect, use, store, and protect your personal information when you visit klarix.ai ("the Site") or use our services.

2. Information We Collect

Information you provide directly:

  • Name, email address, company name, job title, and phone number (via forms, calls, or email)
  • Billing and payment information (processed by Stripe; we do not store card details)
  • Business context you share during onboarding (target market, competitors, ideal customer profile)
  • Communications you send to us (email, chat, call transcripts)

Information collected automatically:

  • Device type, browser type and version, operating system
  • IP address and approximate geographic location
  • Pages visited, time on page, referral source, and click behavior
  • Cookies and similar technologies (see Section 5)

Information we do not collect:

  • Social Security numbers, government IDs, or financial account numbers
  • Biometric data or health information
  • Information from minors (see Section 9)

3. How We Use Your Information

  • To provide, maintain, and improve our competitive intelligence services
  • To communicate with you about your subscription, deliverables, and support
  • To process payments and manage billing
  • To send service-related announcements (delivery notifications, product updates, security alerts)
  • To analyze site usage and improve our website experience
  • To prevent fraud, abuse, and enforce our Terms of Service
  • To comply with legal obligations and respond to lawful requests

We do not sell, rent, or trade your personal information to third parties for marketing purposes. We do not use your data for automated decision-making or profiling that produces legal effects.

4. Legal Basis for Processing (GDPR)

If you are in the EU/EEA, we process your data under the following legal bases:

  • Contract performance — to deliver services you've subscribed to
  • Legitimate interest — to improve our services, prevent fraud, and communicate service updates
  • Consent — where required (e.g., optional marketing emails), which you may withdraw at any time
  • Legal obligation — to comply with applicable laws

5. Third-Party Services & Data Sharing

We share data only with service providers who need it to operate our business:

  • Calendly — scheduling (name, email)
  • Vercel — website hosting and analytics (anonymized usage data)
  • Stripe — payment processing (PCI-DSS Level 1 compliant; we never access your full card number)
  • Neon (PostgreSQL) — secure cloud database storing account and deliverable data (encrypted at rest)
  • Anthropic (Claude) & Groq — AI language models used to generate your deliverables (market context and business information you provide may be processed; no personal contact data is sent)
  • Apollo.io — contact data sourcing and enrichment (used to build your decision-maker database)
  • Email provider — service communications (name, email)

We may also disclose information if required by law, court order, or government request, or to protect the rights, property, or safety of Klarix, our clients, or the public.

We do not sell personal information as defined under the California Consumer Privacy Act (CCPA) or any other privacy law.

6. Cookies & Tracking

Our site uses minimal cookies:

  • Essential cookies — required for the site to function (session management, security)
  • Analytics cookies — help us understand usage patterns (anonymized, no personal identifiers)

We do not use advertising cookies, retargeting pixels, or cross-site tracking. You can disable cookies in your browser settings; essential site functionality will still work, but analytics features may be affected.

7. Data Security

We implement industry-standard measures to protect your information:

  • All data transmitted over HTTPS/TLS encryption
  • Secure hosting on Vercel's infrastructure (SOC 2 compliant)
  • Payment processing via Stripe (PCI-DSS Level 1)
  • Access controls limiting data access to authorized personnel only
  • Regular review of security practices

No method of internet transmission or electronic storage is 100% secure. While we take reasonable precautions, we cannot guarantee absolute security.

8. Data Retention

  • Active subscription: We retain your data for the duration of your subscription.
  • After cancellation: Account records retained for up to 12 months for accounting, legal, and dispute resolution purposes.
  • Deliverables: Your business context and deliverables are deleted within 30 days of account closure upon written request.
  • Website analytics: Anonymized analytics data may be retained indefinitely in aggregate form.
  • Communications: Email and call records retained for up to 24 months for quality and compliance purposes.

9. Your Rights

Depending on your jurisdiction, you have the right to:

  • Access — request a copy of the personal data we hold about you
  • Correction — request correction of inaccurate or incomplete data
  • Deletion — request deletion of your personal data ("right to be forgotten")
  • Portability — receive your data in a structured, machine-readable format
  • Restriction — request that we limit processing of your data
  • Objection — object to processing based on legitimate interest
  • Opt-out — opt out of non-essential communications at any time

California Residents (CCPA/CPRA):

  • Right to know what personal information we collect, use, and disclose
  • Right to delete personal information we hold about you
  • Right to opt out of the "sale" or "sharing" of personal information — we do not sell or share your data
  • Right to non-discrimination for exercising your privacy rights
  • Right to correct inaccurate personal information

EU/EEA Residents (GDPR):

  • All rights listed above, plus the right to withdraw consent at any time
  • Right to lodge a complaint with your local data protection authority
  • Data transfers outside the EU are protected by Standard Contractual Clauses where applicable

To exercise any of these rights, email michael@klarix.ai with the subject line "Privacy Request." We will verify your identity and respond within 30 days (45 days for complex requests, with notice).

10. International Data Transfers

Klarix operates from the United States. If you access our services from outside the US, your data may be transferred to and processed in the United States. By using our services, you consent to this transfer. For EU/EEA residents, we rely on Standard Contractual Clauses and other approved mechanisms to ensure adequate protection.

11. Children's Privacy

Our services are directed to businesses and are not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If we become aware that we have collected data from a minor, we will promptly delete it and terminate any associated account.

12. Do Not Track Signals

Our site does not currently respond to "Do Not Track" (DNT) browser signals, as there is no industry-wide standard for DNT compliance. However, we do not engage in cross-site tracking.

13. Changes to This Policy

We may update this policy from time to time. For material changes, we will notify you via email (if we have your address) and update the "Last updated" date above. Minor changes (e.g., formatting, clarifications) may be made without notice. Continued use of our services after changes constitutes acceptance of the revised policy.

14. Contact

For privacy-related questions, data requests, or complaints: