Privacy Policy

AWho We Are

CLFNCE OÜ is a company registered in Estoniaunder company number 17165857, with its registered office at Harju maakond, Tallinn, Kesklinna linnaosa, Järvevana tee 9, 11314, Estonia

We operate in compliance with theGeneral Data Protection Regulation (GDPR) andEstonian data protection laws. We are committed to ensuring the protection of your personal data and have implemented technical and organizational security measures accordingly.

For privacy-related concerns, you may contact our Data Protection Officer (DPO) atterms@cleo.finance.

BInformation We Collect

We collect and process the following types of personal data:

• Personal Identifiers:  Name, email address.

• Authentication Data: Managed by Auth0, a third-party authentication provider. We do not store passwords or authentication data. Auth0 provides secure login options, including:

  • Email & password authentication  (fully managed by Auth0).

  • OAuth login via Google and Facebook (if enabled).

• Usage Data: IP address, device information, and access logs (stored by Auth0 for security and breach prevention).

• Communication Data: Any data provided through customer support, contact forms, or feedback submissions.

For more details on how Auth0 processes authentication data, refer to their Privacy Policy:https://auth0.com/privacy.

CHow We Use Your Data

We process your personal data for the following lawful purposes under Article 6(1) of the GDPR:

• Contractual necessity: To provide and maintain our services.

• Legitimate interests: To improve our platform, prevent fraud, and secure our services.

• Legal obligation: To comply with financial and regulatory requirements.

• Consent: When you voluntarily opt in to receive marketing communications.

You can withdraw your consent at any time by contacting us.

DData Sharing & Third Parties

We do not sell or rent your personal data. However, we use third-party service providers to help operate our platform securely and efficiently. These providers process data on our behalf, ensuring compliance with data protection laws.

Authentication & Security

• Auth0 - Handles user authentication, password management, and login security. We do not store passwords or authentication data.

  • Privacy Policy:https://auth0.com/privacy

Payment Processing

• Stripe - Processes payments securely. We do not store or have access to your payment details (card numbers, billing addresses, etc.).

  • Privacy Policy:https://stripe.com/privacy

Cookie Consent Management

• Cookiebot - Manages cookie consent to ensure compliance with GDPR and other privacy regulations.

  • Privacy Policy:https://www.cookiebot.com/en/privacy-policy/

Analytics & Performance

We use third-party analytics tools to understand user behavior and improve our services. These tools collect anonymized or pseudonymized data about your website interactions:

• Google Analytics - Tracks website usage patterns, such as page visits, time spent on site, and traffic sources. Users can opt out via Google's opt-out tools.

  • Privacy Policy:https://policies.google.com/privacy

  • Opt-out:https://tools.google.com/dlpage/gaoptout

• Microsoft Clarity - Provides heatmaps and session recordings to help us analyze user interactions with our website. No personally identifiable information (PII) is collected.

  • Privacy Policy:https://privacy.microsoft.com/en-us/privacystatement

Email & Communications

• Brevo (Sendinblue) - We use Brevo to send emails, including account-related notifications, newsletters, and customer service messages. Your email address and related metadata may be processed by Brevo. You can opt out of marketing emails at any time.

  • Privacy Policy:https://www.brevo.com/legal/privacypolicy/

Each provider processes data according to their respective Privacy Policies, linked above. We ensure that all third-party partners comply withGDPR and implement security measures to protect your data.

EInternational Data Transfers

If we transfer personal data outside the European Economic Area (EEA), we ensure that such transfers are protected by:

• The EU Standard Contractual Clauses (SCCs).

• Adequate protection frameworks (e.g., adequacy decisions under Article 45 GDPR).

For further details, contact our DPO atterms@cleo.finance.

FData Retention

We retain your personal data only as long as necessary for the purposes outlined in this Privacy Policy. Once expired, data is securely deleted or anonymized.

GYour Rights Under GDPR

You have the following rights under GDPR:

• Right to access, rectify, or erase your data
• Right to restrict or object to processing
• Right to data portability
• Right to withdraw consent

To exercise these rights, contact terms@cleo.finance.

How to Lodge a Complaint

If you believe your data rights have been violated, you can lodge a complaint with theEstonian Data Protection Inspectorate (Andmekaitse Inspektsioon):

• Website: www.aki.ee

• Email: info@aki.ee

HSecurity Measures & Breach Notification

We implement technical and organizational security measures to protect your data from unauthorized access, loss, or misuse. These include:

• Data encryption
• Regular security audits
• Access controls and authentication measures

Breach Notification

In the unlikely event of a data breach that poses a risk to your rights, we will notify:

• The Estonian Data Protection Inspectorate within 72 hours

• Affected users (as required underArticle 33 GDPR)

IUpdates to This Privacy Policy

We may update this Privacy Policy to reflect legal or operational changes. We will notify users via Website notifications.

JContact Information

For any questions, contact us at:

Email: support@cleo.finance

Address: 

CLFNCE OÜ, Harju maakond, Tallinn, Kesklinna linnaosa, Järvevana tee 9, 11314, Estonia, Estonia