Privacy Policy

Clara — describe a goal, get an automation

Last updated: May 20, 2026

This Privacy Policy explains how Clara (“the App”, “we”, “us”) collects, uses, and protects information when you use our mobile application and related services. By using the App, you agree to this policy. If you do not agree, please do not use the App.

Data controller AiBanta
Email: contactus@aibanta.com

1. Who this policy applies to

This policy applies to users of the Clara app on Android (and other platforms where the App is offered). It covers data processed through the App and our backend API at clarabanta.up.railway.app.

2. Information we collect

Depending on how you use the App, we may process the following categories of data:

Account and profile data — such as email address, display name, and a user identifier, when you sign in or when a profile is associated with your use of the App.
Content you provide — natural-language goals, automation requests, answers to clarification questions, and related context you enter in the App.
Automations and execution data — generated workflows, workflow names, run history, status, and outputs produced when automations run.
Technical and usage data — device type, operating system, app version, language settings, IP address, and timestamps needed to operate the service, secure our systems, and troubleshoot issues.

The App requests Internet access only. It does not require access to your contacts, camera, microphone, precise location, or device storage for core functionality.

3. How we use your information

We use collected information to:

Provide, maintain, and improve the App and backend services;
Clarify your requests and generate automations using AI-assisted processing;
Store and sync your workflows and profile across sessions;
Run scheduled or on-demand automations you configure;
Respond to support requests and communicate about the service;
Protect against abuse, fraud, and security incidents; and
Comply with legal obligations.

4. Legal basis (EEA / UK users)

If you are in the European Economic Area or the United Kingdom, we process personal data on these bases:

Contract — to provide the App and features you request;
Legitimate interests — to secure, improve, and operate our services, balanced against your rights;
Consent — where required (for example, optional communications); and
Legal obligation — where applicable law requires processing.

5. Third-party services

We use trusted providers to host and operate the App. Data may be shared with them only as needed to deliver the service:

Hosting and API — our backend runs on cloud infrastructure (e.g. Railway) that processes requests from the App.
Database and authentication — user profiles and workflows may be stored using Supabase (database and authentication services).
AI processing — text you submit may be sent to third-party AI providers (such as OpenAI) to clarify intent, generate workflows, and evaluate results. Those providers process data under their own terms and privacy policies.
Fonts — the App may load typography from Google Fonts when displaying the interface; Google may receive standard technical data (such as IP address) as described in Google’s Privacy Policy.

We do not sell your personal information. We do not use third-party advertising or analytics SDKs in the App as of the date above.

6. Data retention

We retain personal data for as long as your account is active or as needed to provide the service, unless a longer period is required by law. Workflow and run data are kept to let you access your library and history. You may request deletion of your account and associated data (see Section 8).

7. Security

We use reasonable technical and organizational measures to protect data, including encryption in transit (HTTPS) and access controls on our systems. No method of transmission or storage is completely secure; we cannot guarantee absolute security.

8. Your rights and choices

Depending on your location, you may have the right to:

Access, correct, or delete your personal data;
Restrict or object to certain processing;
Data portability;
Withdraw consent where processing is based on consent; and
Lodge a complaint with your local data protection authority.

To exercise these rights, contact us at YOUR_PRIVACY_EMAIL@example.com. We will respond within the timeframes required by applicable law.

You can stop all collection by uninstalling the App. Disabling Internet access prevents the App from communicating with our servers.

9. International transfers

Your data may be processed in countries other than your own, including countries that may not provide the same level of data protection. Where required, we rely on appropriate safeguards (such as standard contractual clauses) for transfers from the EEA/UK.

10. Children

The App is not directed at children under 16 (or the minimum age in your jurisdiction). We do not knowingly collect personal data from children. If you believe a child has provided us data, contact us and we will delete it.

11. Changes to this policy

We may update this Privacy Policy from time to time. We will post the revised version with an updated “Last updated” date. Material changes may be communicated through the App or by other reasonable means where required by law.

12. Contact

For privacy questions or requests:

YOUR_PRIVACY_EMAIL@example.com
[YOUR_LEGAL_NAME_OR_COMPANY]