# Privacy Policy

**Last Updated: February 8, 2026**

## 1. Introduction

CleanDrive (“we,” “us,” “our,” or “Company”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our web application and services (the “Service”).

Please read this Privacy Policy carefully. If you do not agree with our policies and practices, please do not use our Service.

## 2. Information We Collect

### 2.1 Information You Provide Directly

**Account Information:**

– Email address

– Password (encrypted)

– Name and profile information

– Organization/company details

– Phone number (if provided)

**Payment Information:**

– Billing address

– Payment method details (processed securely through Stripe)

– Invoice and transaction history

– Subscription details and billing cycle information

**User-Generated Content:**

– Documents you upload for processing

– Images for OCR (Optical Character Recognition) analysis

– Search queries and preferences

– Notes and annotations

**Communication Data:**

– Messages sent through our support system

– Feedback and inquiries

– Correspondence with our team

### 2.2 Information Collected Automatically

**Usage Data:**

– Browser type and version

– Device information

– IP address

– Operating system

– Pages visited and time spent

– Referral source

– Features used and interactions

– Performance metrics

**Cookies and Tracking Technologies:**

– Session cookies

– Persistent cookies

– Local storage

– Analytics tools

### 2.3 Third-Party Information

– Information from payment processors (Stripe)

– Information from authentication services (Supabase)

– Information from AI services (Google Gemini API)

## 3. How We Use Your Information

We use collected information for:

**Service Delivery:**

– Creating and maintaining your account

– Processing transactions and sending related information

– Providing customer support and responding to inquiries

– Delivering the Service as described

**Service Improvement:**

– Analyzing usage patterns and trends

– Developing new features and improvements

– Personalizing your experience

– Troubleshooting and debugging

**Communication:**

– Sending service announcements and updates

– Notifying you of changes to our policies

– Marketing communications (with your consent)

– Responding to your requests

**Legal and Security:**

– Complying with legal obligations

– Enforcing our Terms of Service

– Protecting against fraud and illegal activity

– Ensuring data security and integrity

## 4. Data Sharing and Disclosure

### 4.1 Third-Party Service Providers

We share information with trusted third parties to operate our Service:

**Stripe (Payment Processing):**

– Payment information is securely transmitted to Stripe

– Stripe processes payments according to their Privacy Policy

– PCI DSS compliant

**Supabase (Database & Authentication):**

– User authentication data

– Account preferences and settings

– Database records

**Google Gemini API:**

– Documents and images you submit for AI processing

– User queries for analysis

– Only transmitted when you actively request processing

### 4.2 Legal Requirements

We may disclose your information when:

– Required by law, regulation, or legal process

– Necessary to protect our rights, privacy, safety, or property

– To prevent or investigate possible wrongdoing

– To comply with court orders or governmental requests

### 4.3 Business Transfers

If CleanDrive is involved in a merger, acquisition, bankruptcy, or asset sale, your information may be transferred as part of that transaction. We will provide notice before your information becomes subject to a different privacy policy.

### 4.4 Other Disclosures

We do not sell, trade, or rent your personal information to third parties. We do not share your information for marketing purposes without your explicit consent.

## 5. Data Security

### 5.1 Security Measures

We implement comprehensive security measures:

– SSL/TLS encryption for data in transit

– AES-256 encryption for sensitive data at rest

– Secure password hashing

– Regular security audits and testing

– Access controls and authentication protocols

– Secure API communications

### 5.2 Limitations

While we strive to protect your information, no security system is impenetrable. We cannot guarantee absolute security. You are responsible for maintaining the confidentiality of your account credentials.

### 5.3 Data Breach Notification

In the event of a data breach, we will notify affected users via email and through the Service as required by applicable law, typically within 30 days of discovery.

## 6. Data Retention

**Account Data:**

– Retained while your account is active

– Deleted upon account termination, with a 30-day grace period for data recovery

**Payment Information:**

– Stripe retains payment data according to their retention policy

– We do not store full credit card numbers

**Usage Data:**

– Typically retained for 12 months for analytics

– May be anonymized and retained longer for statistical purposes

**User-Generated Content:**

– Retained as long as your account is active

– Deleted within 30 days of account deletion

– You may request deletion at any time

**Communications:**

– Support tickets retained for 2 years

– Email communications retained for 1 year unless required longer

## 7. Your Rights and Choices

### 7.1 Access and Portability

You have the right to:

– Access your personal information

– Request a copy of your data in a portable format

– Submit requests via your account settings or contacting us

### 7.2 Correction and Deletion

You have the right to:

– Correct inaccurate information

– Delete your account and associated data

– Request deletion of specific information

### 7.3 Marketing Communications

You can:

– Opt-out of promotional emails by clicking “Unsubscribe”

– Manage communication preferences in account settings

– Contact us to opt-out of all marketing

### 7.4 Cookies and Tracking

You can:

– Disable cookies through browser settings

– Opt-out of analytics tracking

– Use do-not-track signals (though we may not honor all)

### 7.5 Privacy Requests

To exercise these rights, contact us at: **support@cleandrive.io** or through your account settings.

We will respond to verified requests within 30 days as required by law.

## 8. International Data Transfers

Your information may be transferred to, stored in, and processed in countries other than your country of residence, including the United States. These countries may have data protection laws that differ from your home country.

By using the Service, you consent to the transfer of your information to countries outside your country of residence, which may provide a different level of data protection than your home country.

If you are located in the EU, UK, or Switzerland:

– We rely on Standard Contractual Clauses

– We ensure adequate safeguards for international transfers

– Your rights under GDPR/UK GDPR/Swiss DPA apply

## 9. Compliance with Regulations

### 9.1 GDPR (European Union)

If you are located in the EU:

– Your data is processed lawfully with your consent

– You have the right to access, rectify, and erase your data

– You have the right to restrict processing and data portability

– You have the right to lodge complaints with supervisory authorities

– We have appointed Data Protection measures as required

### 9.2 CCPA (California)

If you are a California resident:

– You have the right to know what personal information is collected

– You have the right to know whether your information is sold

– You have the right to delete your information

– You have the right to opt-out of the sale/sharing of your information

– You have the right to non-discrimination for exercising your rights

### 9.3 Other Regulations

We comply with applicable privacy laws in all jurisdictions where we operate.

## 10. Children’s Privacy

CleanDrive is not intended for users under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that we have collected information from a child under 13, we will promptly delete such information.

For users between 13-18, parental consent may be required in certain jurisdictions.

## 11. Third-Party Links and Services

Our Service may contain links to third-party websites and services. This Privacy Policy applies only to CleanDrive. We are not responsible for the privacy practices of third-party services, including:

– Stripe’s payment processing

– Google’s services

– Supabase or other service providers

Please review the privacy policies of any third-party services you use.

## 12. Cookies and Similar Technologies

### 12.1 Types of Cookies

**Essential Cookies:**

– Session management

– Authentication and security

– Load balancing

**Analytical Cookies:**

– Google Analytics

– Performance and usage metrics

– User behavior analysis

**Functional Cookies:**

– User preferences

– Feature settings

– Personalization

### 12.2 Cookie Management

You can control cookies through:

– Browser settings

– Cookie consent banner on our website

– Do-not-track signals (if supported)

## 13. California Consumer Privacy Act (CCPA)

If you are a California resident, you have specific rights:

**Right to Know:** You can request what personal information we collect, use, and share.

**Right to Delete:** You can request deletion of personal information, subject to certain exceptions.

**Right to Opt-Out:** You can opt-out of the “sale” or “sharing” of your personal information.

**Right to Correct:** You can request correction of inaccurate personal information.

**Right to Limit Use:** You can limit our use of sensitive personal information.

To exercise these rights, submit a request at: **support@cleandrive.io** or through your account settings.

## 14. Updates to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes by:

– Posting the updated policy on our website

– Updating the “Last Updated” date

– Sending you an email notification

– Requiring your explicit consent where required by law

Your continued use of the Service after changes constitutes your acceptance of the updated Privacy Policy.

## 15. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy, please contact us:

**Email:** support@cleandrive.io

**Mailing Address:**

CleanDrive

616/5, Etul Kotte

Kotte

**Privacy Team:**

privacy@cleandrive.io

**For EU/UK Residents:**

GDPR inquiries: privacy@cleandrive.io

**Response Time:** We will respond to all privacy inquiries within 30 days.

## 16. Additional Rights for Specific Regions

### EU/UK/Swiss Residents

– Right to lodge a complaint with your supervisory authority

– Right to withdraw consent at any time

– Right to object to processing

### Virginia, Colorado, Connecticut, Utah Residents

You have similar rights under respective state privacy laws. Please contact us to exercise these rights.

—

**This Privacy Policy is effective and binding upon the user’s use of the Service.**

For the most current version, visit: https://cleandrive.io/privacy-policy-2