Privacy Policy

CLEERA, INC.

PRIVACY POLICY

Last Updated: April 23, 2026

This Privacy Policy describes how Cleera, Inc. (“Cleera,” “we,” “us,” or “our”) collects, uses, discloses, and protects information in connection with our website at www.cleera.co (the “Site”) and our behavioral analytics and AI agent platform (the “Platform,” and together with the Site, the “Services”). This Policy applies to merchant customers who register for and use the Platform (“Merchants”) and to visitors to the Site. Any capitalized terms not defined herein shall have the meaning set forth in Cleera’s Terms of Service.

Questions about this Policy may be directed to privacy@cleera.co.

1. Information We Collect

1.1  Information You Provide to Us

We collect information that Merchants provide directly when registering for or using the Services, including:

  • Account Information: name, business name, email address, and password (stored in hashed form).

  • Payment Information: billing address and payment card details, which are processed and stored directly by our payment processor, Stripe. Cleera does not store full payment card numbers.

  • Integration and Configuration Data: information Merchants provide when connecting third-party platforms (such as Shopify) or configuring the Platform, including product catalog data, store configuration, and context used to personalize agent behavior.

  • Communications: emails, support requests, feedback, and other messages sent to us.

1.2  Information Collected Automatically

When Merchants and Site visitors use the Services, we automatically collect certain information, including:

  • Usage and Log Data: login activity, dashboard interactions, feature usage, API calls, access logs, and other information about how the Platform is accessed and used.

  • Device and Technical Data: IP address, browser type and version, device type, operating system, referring URL, and pages visited on the Site.

  • Cookies and Similar Technologies: session identifiers and analytics data collected through cookies and similar technologies, as further described in Section 6.

1.3  Information Collected Through the Platform on Merchant Storefronts

When the Platform is deployed on a Merchant’s storefront, it collects the following categories of information about Shoppers on the Merchant’s behalf:

  • Behavioral and Session Data: browsing events, page views, product interactions, add-to-cart actions, session duration, and similar storefront activity.

  • Agent Interaction Data: messages, queries, and any images that Shoppers submit to the Cleera-powered AI agent.

  • Device and Technical Data: IP address (used at the country or region level), browser type, device type, and session identifiers.

  • Authenticated Identity Data (if enabled): where a Merchant has enabled identity-linking, and a Shopper is authenticated on the Merchant’s storefront, Cleera may receive a customer ID or email address from the Merchant’s platform solely to personalize agent responses.


Cleera does not intentionally collect sensitive personal information (such as Social Security numbers, financial account numbers, precise geolocation, or health data) from Shoppers. 

2. How We Use Information

2.1  To Provide and Operate the Services

We use Merchant account and usage information to:

  • create and manage accounts and authenticate access to the Platform;

  • process payments and manage subscriptions;

  • deliver, maintain, and support the Platform and its features;

  • respond to support requests and other inquiries; and

  • send transactional and administrative communications, including account confirmations, payment receipts, security alerts, and service notices.

2.2  To Improve and Develop the Services

We use usage data and, in aggregated and de-identified form, Platform interaction data to analyze how the Services are used, troubleshoot issues, improve existing features, and develop new capabilities. Data used for this purpose is aggregated and de-identified prior to use such that it cannot reasonably be linked to any individual Merchant or Shopper.

2.3  To Deliver AI-Powered Agent Responses

To generate real-time agent responses on Merchant storefronts, Cleera transmits relevant Shopper behavioral context and chat content to third-party AI model providers (currently Anthropic, OpenAI, and Google) via their APIs. This transmission is solely for inference, generating a response to a Shopper’s query. See Section 4 for more information about our AI providers.

2.4  For Safety, Security, and Legal Compliance

We use information as necessary to detect and prevent fraud, abuse, and security incidents; enforce our Terms of Service; protect the rights and safety of Cleera, our customers, and others; and comply with applicable legal obligations.

2.5  Marketing Communications

We may send Merchants product updates and other marketing communications. Merchants may opt out at any time by using the unsubscribe link in any marketing email or by contacting privacy@cleera.co. Opting out of marketing communications does not affect transactional or administrative messages.

3. How We Share Information

Cleera does not sell personal information. We do not share personal information with advertisers, data brokers, or third parties for cross-context behavioral advertising purposes. We share information only as described below.

3.1  Business Transfers

If Cleera is involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of all or substantially all of our assets, personal information may be transferred as part of that transaction. We will provide notice before personal information is transferred and becomes subject to a materially different privacy policy.

3.2  Legal Requirements and Protection of Rights

We may disclose information where we have a good-faith belief that disclosure is necessary to: (a) comply with a legal obligation, subpoena, court order, or valid governmental request; (b) enforce our Terms of Service or other agreements; (c) detect, prevent, or address fraud, security, or technical issues; or (d) protect the rights, property, or safety of Cleera, our customers, or others. Where legally permissible, we will attempt to notify affected parties before complying with government or law enforcement requests.

3.3  With Your Consent

We may share information in other ways with a Merchant’s consent or at a Merchant’s direction.

4. AI Model Providers

The Platform uses large language models operated by third-party AI providers to generate agent responses. When a Shopper interacts with the Platform on a Merchant’s storefront, relevant context (including behavioral signals and chat content) is transmitted to one or more of these providers via their APIs to produce a response.

Each AI provider’s handling of data submitted through their API is governed by their respective API data processing terms and privacy policies. Cleera selects AI providers that offer data processing commitments at the API level consistent with Cleera’s service provider obligations, and does not authorize AI providers to use submitted data to train their models beyond what their API terms expressly permit.

Merchants are independently responsible for reviewing the terms of each AI provider whose models are used through the Platform. Cleera will notify Merchants of any material changes to its AI provider relationships.

5. Data Retention

We retain personal information only as long as necessary for the purposes set out in this Policy or as required by applicable law. Our retention practices are as follows:

Merchant account data

Duration of active account + 90 days post-termination, then deleted or anonymized

Shopper Interaction Data

Up to 12 months from collection on a pseudonymous basis, then deleted or anonymized

Payment and billing records

As required by applicable tax and financial recordkeeping laws (generally 7 years)

Security and access logs

Up to 12 months, or longer if required in connection with a security incident

Aggregated and anonymized data

Indefinitely (no personal information retained)


Merchants may request earlier deletion of their account data as described in Section 7.

6. Cookies and Tracking Technologies

6.1  Site Cookies

The Cleera website uses cookies and similar technologies to recognize returning visitors, analyze Site usage, and improve our content and services. We use the following categories of cookies:

  • Strictly Necessary: required for core Site functionality such as session management and authentication. These cannot be disabled.

  • Analytics: help us understand how visitors use the Site in aggregate. This data is used in anonymized form only.

  • Preference: remember your settings and choices across sessions.

You can manage or disable cookies through your browser settings. Disabling certain cookies may affect Site functionality.

6.2  Platform Tracking on Merchant Storefronts

The Cleera JavaScript snippet deployed on Merchant storefronts uses session identifiers and behavioral tracking to deliver the Platform’s analytics and AI agent services. This tracking is performed on behalf of the applicable Merchant and is subject to that Merchant’s privacy policy and any consent mechanisms the Merchant has implemented on their storefront. Cleera does not use storefront tracking for advertising, retargeting, or any purpose outside of the contracted service. 

6.3  Do Not Track

Some web browsers transmit "Do Not Track" signals to websites. Because there is currently no universally accepted standard for how websites should respond to such signals, Cleera's Site does not respond to Do Not Track requests at this time. 

7. Your Privacy Rights and Choices

7.1  All Merchants

Merchants may at any time:

  • access and update account information through the Platform dashboard;

  • request correction of inaccurate personal information by contacting privacy@cleera.co;

  • request deletion of their account and associated personal information by contacting privacy@cleera.co. we will process deletion requests within 30 days, subject to our retention obligations and applicable law; and

  • opt out of marketing communications by using the unsubscribe link in any marketing email or by contacting privacy@cleera.co.

7.2  California Residents (CCPA/CPRA)

California residents have the following rights under the CCPA/CPRA with respect to personal information Cleera holds about them as a business:

  • Right to Know: you may request disclosure of the categories and specific pieces of personal information we have collected about you, the sources of that information, our business or commercial purposes for collecting it, and the categories of third parties with whom we share it.

  • Right to Delete: you may request deletion of personal information we have collected about you, subject to certain exceptions permitted by law.

  • Right to Correct: you may request correction of inaccurate personal information we hold about you.

  • Right to Opt Out of Sale or Sharing: Cleera does not sell personal information or share it for cross-context behavioral advertising. If our practices change, we will update this Policy and provide an appropriate opt-out mechanism.

  • Right to Limit Use of Sensitive Personal Information: Cleera does not use sensitive personal information for purposes beyond those permitted under Cal. Civ. Code § 1798.121.

  • Right to Non-Discrimination: we will not discriminate against you for exercising any of your CCPA/CPRA rights.

To submit a rights request, please contact us at privacy@cleera.co. We will respond to verifiable requests within 45 days, with an extension of up to an additional 45 days where reasonably necessary (with notice). We may need to verify your identity before processing your request.

You may designate an authorized agent to submit a CCPA/CPRA rights request on your behalf. To do so, you must provide the authorized agent with written permission to submit the request, and we may require you to verify your identity directly with us before processing the request. We may deny a request from an authorized agent who does not provide sufficient proof of authorization.

7.3  Note for Shoppers

If you are a Shopper who interacted with a Cleera-powered agent on a Merchant’s storefront and wish to exercise privacy rights with respect to that interaction, please contact the applicable Merchant directly. The Merchant is the business responsible for your personal information under applicable law. Cleera will cooperate with Merchants in responding to verifiable consumer requests to the extent Cleera has the technical capability to do so.

8. Data Security

We implement and maintain commercially reasonable technical and organizational security measures designed to protect personal information against unauthorized access, disclosure, alteration, loss, or destruction. These measures include encryption of data in transit (TLS) and at rest, access controls and authentication requirements for Platform access, and regular review of our security practices.

In the event of a security breach affecting personal information, we will notify affected Merchants without undue delay and will comply with any applicable data breach notification requirements, including California’s breach notification statutes (Cal. Civ. Code §§ 1798.29 and 1798.82). Where required by law, Cleera will also fulfill any direct notification obligations to affected individuals.

Merchants are responsible for maintaining the security and confidentiality of their account credentials. Please notify us immediately at privacy@cleera.co if you suspect unauthorized access to your account.

9. Processing Shopper Data on Behalf of Merchants

When the Platform is deployed on a Merchant’s storefront, Cleera processes Shopper personal information as a service provider on that Merchant’s behalf. In this capacity, Cleera:

  • processes Shopper personal information only for the business purposes specified in its agreement with the applicable Merchant;

  • does not sell or share Shopper personal information;

  • does not use Shopper personal information for any purpose unrelated to the contracted service;

  • does not combine Shopper personal information received from Merchants with personal information from other sources except as permitted by applicable law; and

  • assists Merchants in responding to verifiable consumer requests from Shoppers to the extent Cleera has the technical capability to do so.

Merchants are responsible under applicable privacy law for their own Shopper data practices, including maintaining a compliant privacy policy on their storefront, providing required notices to Shoppers, and obtaining any required consents for the deployment of the Platform.

10. Children’s Privacy

The Services are directed to businesses and are not directed to children under 13. Cleera does not knowingly collect personal information directly from children under 13. If we learn that we have inadvertently collected personal information from a child under 13, we will promptly delete it. If you believe we may have collected such information, please contact us at privacy@cleera.co.

Cleera’s Platform may be deployed on Merchant storefronts that are accessible to individuals under 18. Merchants are responsible for implementing appropriate disclosures, consent mechanisms, and controls on their storefronts with respect to minor visitors, including compliance with the Children’s Online Privacy Protection Act (“COPPA”) where applicable.

11. Third-Party Websites and Services

The Site and Platform may contain links to, or integrate with, third-party websites and services. This Policy does not apply to any third-party website or service. We encourage you to review the privacy policies of third parties you interact with in connection with the Services. Cleera is not responsible for the privacy practices or content of third-party websites or services.

12. Changes to This Policy

We may update this Policy from time to time to reflect changes in our practices, the Services, or applicable law. When we make material changes, we will update the “Last Updated” date at the top of this Policy and notify Merchant account holders by email or through an in-Platform notice at least thirty (30) days before the changes take effect. Your continued use of the Services after the effective date of any updated Policy constitutes your acceptance of the revised terms.

13. Contact Us

If you have questions, concerns, or requests regarding this Policy or our privacy practices, please contact us at:

Cleera, Inc.
447 Sutter St, Ste 506-1476
San Francisco, CA 94108
privacy@cleera.co


We will respond to privacy-related inquiries within thirty (30) days of receipt.