Clarity Forge is a productivity platform that helps organisations manage goals, projects, teams and the like with clarity. We are committed to protecting your privacy and being transparent about how we handle your information. This Privacy Policy explains what data we collect, how we use and share it, and your rights regarding your data. We’ve written it in plain English to stay true to our name – creating clarity in everything we do.

Governing Law

Clarity Forge is operated by Clarity Forge Pte. Ltd., a company registered in Singapore. This Privacy Policy shall be governed by and construed in accordance with the laws of Singapore. Any disputes arising under or in connection with this Privacy Policy shall be subject to the exclusive jurisdiction of the courts of Singapore.

Key Highlights

• We don’t sell your data. Ever.
• Data is only shared within your organisation, never between organisations.
• We use data only to operate, improve and support the service.
• We use trusted providers like Google Cloud, Stripe, OpenAI and MailerSend.
• You can integrate third-party services (e.g., Asana, Workday) with clear consent.
• Authentication is handled externally (Google, Apple); we never store passwords.
• Your data is encrypted in transit and at rest.
• You control your data, we’ll help you access, update or delete it.

Information We Collect

We only collect the information we need to provide and enhance the Clarity Forge service. This includes:

• Account Information: When you sign up or are invited to Clarity Forge, we collect basic details like your name, email address and organisation name. If you log in via third-party identity providers (such as Sign in with Apple or Google), we receive information like your name and email from them. We do not store any passwords – authentication is handled by those providers, so your credentials stay safe with them.


• Organisation and Team Data: Clarity Forge is used within organisations. We store information about your organisation and teams as you input it into the platform. This may include a list of employees/users in your workspace, team structures (who reports to whom or team names), and related profile information (like titles or roles).


• Productivity Content: The core of Clarity Forge is the content you and your team put into it. This includes project details, tasks and assignments, calendars or deadlines, identified risks or issues, links to documents or external files, comments and notes, and any other work-related information you submit to the platform. All of this content is partitioned by organisation, meaning users in your company can access the data you share with them in Clarity Forge, but no one from another organisation can see it.


• Third-Party Integration Data: You have the option to connect Clarity Forge with other tools (for example, HR or project management systems). We will only access or import data from these services with your explicit setup and permission. For instance, if you integrate an HRIS, Clarity Forge might receive employee directory information you choose to sync; if you integrate with another project management tool, we might import projects or tasks you select. Separately, Clarity Forge includes AI infrastructure (powered by OpenAI) that may process certain data to enable intelligent features. This includes both interactive use (such as asking for a summary) and behind-the-scenes functionality (such as proactive suggestions or determining what content to highlight). In all cases, we only transmit the minimum necessary data to power these features.


• Payment Information: If your organisation purchases a paid plan, we (or our payment processor) will collect billing details. This may include your organisation’s billing name and address and the payment method. Clarity Forge itself does not store your full credit card or payment instrument details. For security, we use Stripe to handle payment transactions, so your sensitive payment information is transmitted directly to Stripe and not kept on our servers. We only retain basic transaction records (like the last four digits of a card, payment amounts, and dates) for billing history, receipts, and accounting.


• Communications with Us: If you contact Clarity Forge support or communicate with us via email or other channels, we will receive your contact information and any information you choose to provide in your message. This might include feedback, survey responses, or support requests. We keep these communications to respond to you and improve our services.


• Usage Data and Device Information: Like most online services, we automatically collect some data about how you use Clarity Forge. This includes log information such as the date and time you last logged in, the features or pages you use, the types of actions you take (e.g. creating a task or updating a project), and technical data about your device or browser. For example, we might log your IP address, browser type, operating system, device type, and crash reports or performance metrics. This information helps us ensure the service is working properly, to troubleshoot issues, and to understand usage patterns so we can make Clarity Forge better.


• Cookies and Tracking Technologies: We use cookies and similar technologies on our website and within the app. Some cookies are essential for running the service (for example, to keep you logged in or remember your preferences), and others are used for analytics to understand how users interact with Clarity Forge. These technologies may collect information about your browsing actions and usage of the platform over time. We describe our use of cookies in more detail in the Cookies and Analytics section below. You can control cookies through your browser settings and other tools as described later.

How We Use Your Information

We use the collected information solely to provide, maintain and improve the Clarity Forge platform and services. In plain terms, we use your data only to serve you and your organisation. Here’s how we use the data:

• Providing the Service: First and foremost, we use your information to let you and your team effectively use Clarity Forge. This means displaying your projects, tasks, teams and other content to you and the members of your organisation who are supposed to see it. We use account and login information to authenticate you and authorise access to your organisation’s workspace. Team and project data are used to populate the app’s features (so you can, for example, view a team’s tasks or a project’s status).


• Internal Sharing within Your Organisation: Data partitioning by organisation is a key principle of Clarity Forge. Users in your organisation can access the data that has been shared with them in the platform (e.g. team members can see tasks on project, a manager might see tasks of their team). We use your data to enable this kind of internal collaboration. However, we strictly prevent any data from leaking or being accessible to users in other organisations. In short, your company’s data stays within your company’s workspace.


• AI-Powered Features: Clarity Forge includes AI-powered features designed to assist you, such as generating summaries, suggestions, or surfacing insights from your project data. To enable these capabilities, relevant portions of your content (such as a project description, task detail, or note) may be securely sent to our AI infrastructure partner, OpenAI, for processing. This can happen both when you actively use an AI feature and when the system uses AI in the background to enhance your experience (e.g., proactively suggesting content or preparing draft updates). OpenAI processes this data solely to provide the requested functionality and is contractually prohibited from using it for any other purpose. OpenAI does not use the data we send to train their models or improve their services, unless you have separately opted in with them. The AI results are returned to Clarity Forge and shown to you.


• Payments and Subscription Management: We use billing and payment information to handle subscriptions, invoices, and payments for our services. For example, if your organisation is on a paid plan, we use your provided billing address to calculate any taxes and to include on invoices, and we work with Stripe to charge your payment method. We may send billing-related emails (through our email provider) to billing contacts, such as purchase receipts or notices of an upcoming subscription renewal. (Note: As mentioned, credit card data is processed by Stripe, not stored by Clarity Forge.)


• Communications: We use your email and other contact info to send you necessary communications about the service. This includes transactional messages like account confirmations, invitations to join a workspace, password reset or login links, security alerts, and support responses. You may also receive feature-related notifications, such as task reminders, updates like “you’ve been added to a project by your manager,” or other relevant activity in Clarity Forge. These emails are sent via our email service (MailerSend). Occasionally, we may send product announcements or tips to help you get the most out of Clarity Forge, but you can opt out of non-essential communications. We will not spam you or use your information for third-party marketing.


• Customer Support and Service Improvement: If you reach out with a question, feedback, or problem, we will use the information you provided and data from your account to assist you. For example, we might look at error logs or your account settings to troubleshoot an issue. We also analyse support inquiries and feedback to identify common issues or requests, which helps us improve the platform. Internally, we might use some aggregated, anonymised data (that can’t identify you) to understand how the service is used or to prioritise new features.


• Analytics and Product Improvement: We use usage data and cookies to gain insights into how Clarity Forge is performing and being used. For instance, we track which features are most popular or whether a new interface change is helping users complete tasks faster. This analysis might be done with the help of third-party analytics tools (as discussed in Cookies and Analytics below), and it helps us make informed decisions on improving usability, adding capabilities, and fixing pain points. Importantly, these analytics are about usage patterns in the aggregate — we do not peek at your private content for marketing or analyse your personal data for any purpose unrelated to providing the service. Any research or analysis we do is to make Clarity Forge better for you and all our users.


• Security and Fraud Prevention: We may use data (like IP addresses, logs and other usage information) to keep Clarity Forge secure. This includes monitoring for suspicious or malicious activity, debugging to maintain reliability, enforcing our Terms of Service, and preventing misuse of the platform. For example, we might detect repeated failed login attempts to guard against unauthorised access, or use automated tools to prevent spam or bots (which could involve something like CAPTCHA as a challenge). These activities are all aimed at protecting your account and data.


• Legal Compliance and Protection: In certain cases, we may need to process your information to comply with legal obligations or to protect our rights or the rights of others. For example, we may retain and use some information to comply with tax and accounting regulations, to respond to lawful requests by authorities, or to establish, exercise, or defend legal claims. If we are ever required by law to disclose data (such as responding to a court order), we will only disclose the minimum necessary and, when permitted, we will inform you of such disclosure.

We want to be clear: we do not use your personal or organisation data for advertising purposes, nor do we sell your data to anyone. We use your information strictly in line with the purposes above, all of which are geared towards providing you with a useful, secure and improving product. If we ever need to use your information for a new purpose, we will update this Policy and, if required, ask for your permission.

How We Share Your Information

Clarity Forge is not in the business of selling or renting your information. We only share information in a few key scenarios, all related to running our service or as required by law. Here’s who may receive some of your data and why:

• Within Your Organisation: Clarity Forge is built on the belief that transparency drives clarity and better collaboration. As such, many types of data - like goals, team structures and project progress - are visible by default within your organisation to promote alignment and reduce silos. While it’s possible to restrict access to certain information, only clearly sensitive data (such as employee performance reviews) is restricted by default. Your data is never visible to users outside your organisation, and Clarity Forge keeps each customer’s data strictly segregated in our systems.


• Trusted Service Providers (Sub-processors): We use a few trusted third-party companies to help us operate Clarity Forge. They act as our “service providers” (or processors under GDPR, vendors under CCPA) and only process your data under our instructions and for the purposes described in this Policy. Each of these providers has committed to protecting your data in line with strict confidentiality and security obligations. The service providers we rely on include:
  
  
  • Google Cloud Platform (GCP): We host our application and databases on Google Cloud’s infrastructure. All of the data you store in Clarity Forge (your account data, content, etc.) is saved on secure servers provided by Google Cloud. Google Cloud acts as our infrastructure provider – they do not access your data except for storage and computing purposes as needed to keep Clarity Forge running. Google’s data centres have robust physical and digital security measures in place. (For example, data on GCP is encrypted at rest and in transit by default.)
  
  
  • OpenAI: We use OpenAI as an integrated infrastructure provider to power Clarity Forge’s AI features. OpenAI may receive portions of your content for processing, either when you actively invoke an AI feature (e.g., asking for a rewrite or summary), or when the system uses AI in the background to enhance your experience (e.g., prioritising items, drafting a status update, or surfacing relevant content). OpenAI is contractually prohibited from using this data for any purpose other than providing the AI service to Clarity Forge. According to OpenAI’s policies, data sent via the API is not used to improve their models and is retained only temporarily for abuse monitoring. We ensure all data exchanges with OpenAI are secure and scoped to specific AI use cases within Clarity Forge.
  
  
  • Stripe: We use Stripe for all payment processing. When you enter a credit card or payment information, it is transmitted directly to Stripe over an encrypted connection, and Stripe handles the transaction. Stripe may store your payment details (e.g. your card number or bank info) on our behalf to charge your subscription. Clarity Forge itself only receives confirmation of payment and a minimal record (such as a transaction ID or last 4 digits of your card). Stripe is a PCI-DSS-compliant payment processor, which means they meet rigorous security standards for handling payment data.
  
  
  • MailerSend: This service sends out transactional emails for us. We provide MailerSend with your email address and the content of the email that needs to be sent (for example, a welcome invite, a password reset link, a notification about an assigned task, or any other system-generated email from Clarity Forge). MailerSend uses this information solely to deliver the email to you. They do not use your email or message content for any other purpose, and they maintain security and confidentiality of the emails sent.
  
  
  • Analytics Tools: (If applicable) We may use third-party analytics services (such as Google Analytics or similar) to help us understand how our website and app are used. These services might set cookies or use tracking technology to collect usage data (as described in Cookies and Analytics below). Any information shared with such analytics providers is typically anonymised or aggregated (for example, overall usage statistics), and they do not receive your personal content. We use analytics purely to improve the user experience and performance of Clarity Forge.
  
  
• Third-Party Integrations (At Your Direction): When you choose to connect Clarity Forge with another service (e.g. Workday, Asana, etc), you are directing us to exchange data with that service on your behalf. We will only share or retrieve information as needed to make the integration function and only with your explicit instruction. For example, if you link to another project management tools provider, Clarity Forge will fetch data like task names and statuses from that provider to display in your workspace, and it might send updates you make in Clarity Forge back to that provider to keep them in sync. Similarly, connecting an HR system might involve importing your organisation’s employee list or organisational chart into Clarity Forge. These actions are under your control – they require you to initiate the connection and grant permission. We encourage you to review the privacy practices of any third-party service you integrate with, as their handling of data you share with them will be governed by their own privacy policies.


• Legal Compliance and Protection: We may disclose information to third parties (such as courts, law enforcement or government agencies) if we believe that disclosure is reasonably necessary to comply with a law, regulation, valid legal process, or government request (for example, a subpoena or court order). We will only do this after careful review and will limit the disclosure to the information that is lawfully requested. Unless we are legally prevented from doing so or it’s an emergency situation, we will try to notify you if we have to disclose your information in this way. Additionally, we may share information if necessary to enforce our Terms of Service or other agreements, or to protect the rights and safety of Clarity Forge, our customers, or others. For instance, we might share information with law enforcement to investigate a security incident or address fraud.


• Business Transfers: If Clarity Forge is involved in a merger, acquisition, investment, reorganisation, or sale of all or some of its assets, your information may be transferred as part of that deal. We would ensure the new owner continues to honour the commitments we’ve made in this Privacy Policy regarding your personal data. We would also notify you (for example, via email or a notice on our site) of any such change in ownership or control of your personal information, as soon as reasonably possible, explaining any choices you may have.


• With Your Consent: Apart from the cases above, if we ever need to share your information in a way that is not covered by this Privacy Policy, we will ask for your consent. For example, if we wanted to use a testimonial or case study that involves mentioning your name or data, we’d get your permission first. We won’t do anything unexpected with your data without letting you know and getting your okay.

To reiterate, we do not share your personal information with third parties for their own marketing or advertising purposes. We do not sell user data, and we do not disclose any information about our users to outside parties except in the limited ways described above (which are all related to providing our service or meeting legal obligations).

Cookies and Analytics

Cookies are small text files stored on your device by websites or applications. Like most online services, Clarity Forge uses cookies and similar tracking technologies (such as web beacons or local storage) to make our site and app work, to enhance your experience, and to collect usage statistics.

We use cookies in a few ways:

• Essential Cookies: These are necessary for Clarity Forge to function properly. For example, when you sign in, we use a cookie to keep you logged in as you navigate between pages. Essential cookies also help with security (for instance, to detect fraud or remember if you’ve passed an authentication challenge). Without these, the service might not work correctly.


• Preference Cookies: These cookies remember your preferences and settings to make your experience smoother. For instance, a cookie might remember your chosen language or that you’ve dismissed a one-time notification, so you don’t see it again.


• Analytics Cookies: We use these to understand how users interact with our website and app. They allow us to gather information about things like which pages are visited, how long people stay, and which features are used most often. This data helps us identify what’s working and what could be improved. For example, we might use Google Analytics or a similar tool that sets its own cookies to track these metrics. The information we get from analytics cookies is aggregated and does not directly identify individual users. It tells us overall usage patterns (like “X% of users clicked this new button”) rather than “Alice clicked this button at 3:45 PM.” We use these insights to make Clarity Forge more user-friendly and to fix problems.


• Third-Party Cookies for Integrations: If you use certain integrations or visit content that interacts with other sites (for example, if we embed a video or you connect to an external service from within Clarity Forge), those third-parties might set cookies as well. For instance, our marketing website might include content from social media or a video from YouTube, which could set their own cookies. We don’t control those cookies, and their use is governed by the third party’s own policies.

Analytics and Tracking Tools: We currently use analytics solely to improve our product, not for advertising. If we use Google Analytics or similar services, they may use cookies and device identifiers to provide us with information about site traffic and interactions. We do not allow analytics providers to use the data collected for their own purposes – it’s only for our analysis. We respect “Do Not Track” signals or global privacy settings where applicable by not using tracking for advertising purposes, though to be transparent, our site does not have a special DNT response beyond limiting tracking to the purposes described here.

Your Choices: When you first visit our marketing website, you may see a cookies notice or banner (depending on your location) giving you options. You can always choose to disable non-essential cookies. Even if you don’t see a banner, you can control cookies through your browser settings – for example, you can set your browser to refuse certain cookies or to clear cookies when you close it. Just keep in mind that if you disable cookies entirely, some features of Clarity Forge (especially the web app) might not work properly (like staying logged in). For analytics cookies, Google offers an opt-out browser add-on if we use Google Analytics.

We do not use cookies for advertising or to track you across different websites for marketing. Their primary use is to ensure the service functions well and to help us understand how to serve you better. For more information on our use of cookies or to change your preferences, you can contact us anytime (see Contact Us section below).

Data Security

We understand that the data you entrust to Clarity Forge is important and often sensitive (like internal project details, team information, etc.). We take security extremely seriously and have implemented measures to protect your data from unauthorised access, loss, or disclosure. Here are some key aspects of our security program:

• Encryption: All data exchanged with Clarity Forge is encrypted in transit using TLS (Transport Layer Security). This means when you access our app or website, your browser and our servers communicate over HTTPS, ensuring that your data is protected from eavesdropping while it’s moving over the internet. Additionally, our databases on Google Cloud are encrypted at rest (when the data is stored on disk in the data centre). Encryption at rest provides an extra layer of protection in the unlikely event of physical compromise of servers.


• Access Controls and Authentication: Access to your Clarity Forge workspace is protected by strong authentication. Since we use providers like Apple and Google for login, you benefit from their robust security measures (such as two-factor authentication, if you enable it). Within our system, each user only has access to data for their own organisation, and within that, access can be further restricted based on roles or project permissions. Clarity Forge team members will only access your data when absolutely necessary – for example, if you’ve requested support and we need to investigate an issue.


• Organisational Data Partitioning: We keep each organisation’s data separate and logically siloed in our database. This is enforced by our application architecture. When you log into Clarity Forge, you only have a key to your organisation’s “section” of the database. There’s no way for an employee of Company A to accidentally or deliberately retrieve Company B’s data through the app. We routinely test our access controls to ensure this isolation holds strong.


• Network and Infrastructure Security: Our servers are hosted in secure facilities (via Google Cloud) with modern firewalls and intrusion detection systems. We apply security patches and updates to our software dependencies regularly to protect against new vulnerabilities. We also employ techniques like the principle of least privilege in our cloud environment – meaning each component of our infrastructure only has access to what it needs.


• Third-Party Security: We choose industry-leading providers (like Google Cloud, Stripe, etc.) specifically because of their strong security track records. We also review the security practices of any third-party tools or libraries we use. Our contracts with service providers require them to maintain adequate security measures. For example, Stripe is audited to PCI standards for payments, and Google Cloud complies with numerous international security certifications.


• Employee Training and Policies: All Clarity Forge employees are trained on data security and privacy best practices. We have internal policies to safeguard data, including rules about how and when data can be accessed. For instance, employees are prohibited from accessing customer content just out of curiosity – valid business justification is required (like a support case). We also require strong authentication for our internal tools and enforce measures like screen lock, encryption on work devices, etc.


• Testing and Audits: We conduct regular testing of our platform’s security. This includes code reviews, vulnerability scanning, and occasionally engaging third-party security experts to perform penetration testing on Clarity Forge. We fix any findings with high priority.


• Data Backups and Recovery: We backup data periodically in secure, encrypted backups. This is done so that we can recover your information in case of software errors or catastrophic events. Backup data is protected with the same care as live data. We also limit the retention period of backups to avoid keeping data longer than needed (see the Data Retention section below).


• Incident Response: Despite all these measures, no system can be guaranteed 100% secure. In the unlikely event of a security breach that affects your personal data, we have a detailed incident response plan. We will act immediately to contain the breach, mitigate any harm, and ensure security is restored. If a data breach occurs that poses a risk to your rights or privacy, we will notify you and any applicable regulatory authorities as required by law, as soon as possible. We believe in full transparency and will communicate what happened, what data may be affected, and what we are doing in response.

Your data’s security is our responsibility and priority. We continuously work to protect it and to stay up-to-date with best practices in cybersecurity. We also encourage you to help keep your account secure: use strong security on your login provider account, protect access to your devices, and notify us immediately if you suspect any unauthorised activity in your account.

Data Retention

We retain your personal information and content for as long as needed to provide our services and for the purposes described in this Policy. How long we keep data can vary depending on the type of information and how you use Clarity Forge:

• Account Data: If you have an account with Clarity Forge, we keep your account information while your account is active. This includes your profile details, organisation info, and all the content in your workspace (projects, tasks, etc.). We do this so you can continue to use the platform and have your data available from session to session.


• Active Use and Updates: Any data you or your organisation input will remain in the system until it is edited or deleted by you (or your organisation’s admin) or until your account is closed. You have the ability to update or delete certain information directly within Clarity Forge (for example, you can delete a task or remove a project).


• Deleted Content: When you or your organisation delete data from Clarity Forge (like deleting a task or removing an employee from the system), the data may be moved to a "trash" or archived state for a short period (in case it was a mistake and needs restoring) and then permanently removed from our active databases. We aim to purge deleted items from active storage promptly, typically within 30 daysafter deletion. Once purged, the content will no longer be accessible via the app. However, it might remain in our encrypted backups for a little longer until those backups cycle out, as is standard practice.


• Account Deactivation or Organisation Termination: If you or your organisation choose to close your Clarity Forge account, or your subscription ends and you decide not to renew, we will mark the account for deactivation. We may retain the data for a brief grace period in case the organisation wishes to reactivate (for example, if a subscription lapsed unintentionally or you change your mind). After that period, we will begin the process of deleting your data from our systems. Within a defined timeframe (such as 60 days of account closure), we will delete or anonymise the personal data associated with the account, including content. We will also instruct our service providers to delete the personal data they are processing on our behalf (for example, data stored on Google Cloud would be deleted, and MailerSend would no longer hold your email on any active mailing lists).


• Retention for Legal Obligations: In some cases, we might need to retain certain information even after account deletion, if it's necessary for legal compliance. For instance, we may keep payment transaction records or invoices for the period required by tax and accounting laws. Similarly, if we handled a support ticket or if there's a dispute, we might retain correspondence or related data as required. Any data kept for these reasons will be limited to what is necessary and for the duration required by law, and we will continue to protect it according to this Privacy Policy.


• Aggregated or Anonymised Data: Sometimes we may convert your data into an aggregated or anonymised format for analytical purposes (for example, total number of tasks completed across all customers in a year, or overall system usage statistics). Such information no longer identifies you or your organisation. We might retain these aggregate statistics indefinitely to help us understand historical usage or performance trends, but this data cannot be linked back to any individual or organisation.

In summary, we keep your data only as long as you’re using Clarity Forge or as necessary for the reasons we collected it. When we no longer need it, we delete it or anonymise it. If you have specific questions about data retention or want to request deletion of data, you can always contact us (see Contact Us below) and we will be happy to help.

International Data Transfers

Clarity Forge is used by organisations and users around the world. The data we collect may be stored and processed in your home country and/or transferred to other countries where we or our service providers operate, including the United States. For example, we use infrastructure providers like Google Cloud Platform (GCP), which may store data in U.S.-based data centres, and service providers like Stripe or OpenAI, which may process data in the U.S. or other jurisdictions.

These countries may have different data protection laws than your home country. Regardless of where your data is processed, we apply consistent safeguards to protect it as described in this Policy.

If you are located in the European Economic Area (EEA), the United Kingdom, or another region with data transfer restrictions, we rely on a combination of legal mechanisms to support data transfers where required. These may include:

• Standard Contractual Clauses (SCCs) or equivalent safeguards that our service providers agree to under their own terms and Data Processing Agreements (DPAs).


• Service provider commitments to maintain strong security and data protection practices in line with GDPR and other privacy regulations.


• Your consent, where applicable, or other legal bases allowed under data protection law.

We review the privacy practices of our key service providers to ensure they meet our standards and support compliance with international data regulations. However, we encourage you to contact us if you have specific questions about data transfers or legal bases applicable to your organisation.

By using Clarity Forge, you understand that your information may be transferred to our facilities and those of our service providers in multiple countries. We will always do our best to ensure such transfers are done securely and in compliance with applicable privacy laws. If you have questions about international data transfers or need more specific information on where your data is stored, please reach out to us.

Your Rights and Choices

We believe you should have meaningful control over your personal information. Clarity Forge respects your rights to know about, access, manage, and delete your data. We strive to extend these rights to all users, regardless of where you live, and we also comply with specific rights granted by laws such as the PDPA in Singapore, the GDPR in Europe, and the CCPA in California.

That said, some data rights - particularly around deletion or restriction - may be limited in cases where we are under a contractual obligation to provide services to your organisation. For example, if your organisation has an active subscription and your use of Clarity Forge is part of that service, some rights (such as deletion) may need to be exercised through your organisation’s administrator or may be limited until the contract ends.

Our approach balances individual privacy rights with our legitimate interest in delivering the services our customers have asked us to provide.

Below is a summary of your key data protection rights:

• Right to Know and Access: You have the right to know what personal information we collect about you, why we collect it, how we use it, and who we share it with. Much of this is detailed in this Privacy Policy. You also have the right to request a copy of your personal data, including both data you provided and data generated through your use of the service (to the extent it’s personal). In many cases, you can access this information directly in Clarity Forge - for example, your projects, tasks, or profile information - but we can also provide it in a standard digital format upon request.


• Right to Correction (Rectification): If any personal data we have about you is inaccurate or incomplete, you have the right to request corrections. You can typically update profile details yourself, or ask us for help. Note that much of the content in Clarity Forge is user-generated - for example, a teammate may reference you in a task description - so those changes may need to be handled within your team. For the data we control, we’ll make updates promptly.


• Right to Deletion (“Right to be Forgotten”): You can request that we delete your personal data. However, this right is not absolute. We may need to retain data to comply with legal obligations, resolve disputes, or fulfil a service contract (for example, if your organisation has an ongoing subscription that depends on certain data remaining available). If your Clarity Forge account is provided through an organisation, deletion requests may need to be coordinated with your admin. We will honour deletion requests to the fullest extent permitted by law and applicable agreements. We’ll let you know if any requested deletion isn’t feasible and explain why (e.g., if deletion would break required functionality). Where possible, deleted data will be removed from active systems or anonymised.


• Right to Restrict Processing: You have the right to request that we limit our use of your personal data in certain circumstances - for example, if you’re contesting its accuracy or objecting to our processing. Note that some restrictions may impact your ability to use the service. For organisational accounts, these restrictions may also require coordination with your administrator. For California residents, this includes the right to opt out of any “sale” or certain types of “sharing” of personal data (as defined by California law). Clarity Forge does not sell personal data or share it for behavioural advertising.


• Right to Object: In certain jurisdictions (such as the EU), you may object to our processing of your personal data if it’s based on our legitimate interests or used for direct marketing. For example, if you prefer we not use your data for product improvement or analytics, let us know and we’ll assess the request. You can always object to marketing emails and unsubscribe at any time.


• Right to Data Portability: You have the right to receive your personal data in a portable format. This includes data you've provided and, in some cases, system-generated data related to your account. You may want this if switching to another service. We offer tools to export your data in standard formats like JSON and are happy to assist if needed.


• Right Not to Be Subject to Automated Decision-Making: Clarity Forge does not make decisions about you that have legal or similarly significant effects using only automated processing. Our AI features are designed to assist you, not make binding decisions about you. If that ever changes, we’ll provide notice and the opportunity to opt out or request human involvement.


• Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights. This means we won’t limit your service, raise prices, or reduce functionality (except as necessary based on your request—for example, if you delete account data, you may no longer be able to use the account).


• Additional Rights for California Residents: The CCPA (as amended by the CPRA) gives California residents specific rights to know, delete, correct, and opt out of certain types of data use. We do not sell or share your data for third-party marketing. If you have questions or requests under California law, contact us and we’ll respond in accordance with legal requirements.


• Additional Rights for EU/EEA Users: You have the right to lodge a complaint with your local data protection authority. We’d appreciate the opportunity to resolve your concern first, but it’s your right to escalate.


• Additional Rights for Singapore Residents: Under the PDPA, you have rights to access and correct your personal data, and to withdraw consent for its use. Some rights (e.g., withdrawal of consent) may affect our ability to provide the service, particularly if your access is through an organisation. We will respond to all requests in line with PDPA requirements.


• Opting Out of Communications: You can always opt out of non-essential communications. Use the unsubscribe link in marketing emails, adjust your notification settings in the app, or contact us directly. Transactional emails (like invoices, account updates, or service alerts) may still be sent when necessary to fulfil our contract with you or your organisation.


• Exercising Your Rights: To make a privacy-related request, contact us using the details in the “Contact Us” section below. We may need to verify your identity before processing requests (for example, by confirming your account email or other known details). Where the request relates to an organisation-managed account, we may also loop in your workspace admin. We’ll respond within legally required timeframes and explain any decisions or limitations clearly. Most rights can also be exercised directly through your Clarity Forge account.

Children’s Privacy

Clarity Forge is designed for use by organisations and professionals. It is not aimed at children under the age of 16, and in particular not directed to children under 13. We do not knowingly collect personal information from anyone under 13 years old. If you are under 16, we encourage you to use Clarity Forge only with the involvement and consent of a parent or guardian (for example, if a school or youth group uses Clarity Forge, it should be under appropriate supervision). If you are under 13, you should not use Clarity Forge or provide any personal data through our service without parental consent, as we intend our platform for a general audience of adult users.

If we become aware that we have inadvertently collected personal information from a child under 13 (or the relevant minimum age in your jurisdiction) without proper consent, we will take steps to delete that information as soon as possible. For example, if an underage user was identified, we would deactivate the account and remove their data from our files. If you are a parent or guardian and you believe your child under 13 has provided personal information to us without your consent, please contact us immediately (see Contact Us below) so we can investigate and take appropriate action.

We do not intentionally restrict minors above 13 from using the service, but the platform’s content is business-oriented and usage by minors is expected to be very limited.

Regardless of age, all users must agree to this Privacy Policy and our Terms of Service. If a minor does use the service (with proper permission), their information will be treated just as described in this Policy – we won’t use it for anything other than providing the service.

In summary, while minors are not the intended audience for Clarity Forge, we aim to protect the privacy of any minor who may use the platform. We encourage families to discuss their children’s online use and to supervise as necessary to ensure safe practices.

Changes to This Privacy Policy

We may update or modify this Privacy Policy from time to time to reflect changes in our business, legal requirements, or the features of our service. If we make material changes (changes that significantly affect how your data is used or your rights), we will notify you prominently. We might notify you by email (sent to the address associated with your account) and/or by placing a notice within the Clarity Forge app or on our website prior to the change becoming effective. The “Last Updated” date at the top of this Policy will always indicate when the latest changes were made.

We encourage you to periodically review this Privacy Policy to stay informed about how we are protecting the personal information we collect. If you continue to use Clarity Forge after an updated Privacy Policy takes effect, it means you acknowledge and agree to the revised policy. However, if any changes require your consent by law (for example, if in the future we wanted to use your data for a new purpose that requires consent), we will make sure to obtain that consent.

Contact Us

Your feedback and questions about privacy are important to us. If you have any questions, concerns, or requests regarding this Privacy Policy or how Clarity Forge handles your data, please do not hesitate to contact us.

We will respond to inquiries as soon as possible, typically within a few business days. If you need to exercise any of your rights described above, contacting us via email is usually the fastest way, but you can use any contact method that is convenient for you.

Thank you for trusting Clarity Forge with your organisation’s productivity data. We value that trust and are committed to keeping your information safe and your privacy respected. If there’s anything unclear in this Policy or if you need further information, just ask – we believe in creating clarity, especially when it comes to your privacy.