Privacy Policy

Effective date: March 10, 2026

At ClearSpend (“Company”, “we”, “our”, or “us”), your privacy is our priority. This Privacy Policy explains how we collect, use, disclose, and protect your personal data when you use our SaaS spend management platform and website (the “Service”).


1. Information We Collect

We collect personal data necessary to provide and improve our Service:

  • Account Information: Name, email, job title, and company name.

  • Financial & Transactional Data: Invoices, receipts, bank statements, and subscription metadata (vendor names, renewal dates, costs) you upload or sync.

  • Third-Party Integration Data: Data retrieved via APIs (e.g., Plaid, ERP systems, Gmail/Outlook) to track SaaS spend.

  • Usage Data & Identifiers: IP addresses, browser type, and cookies or similar tracking technologies recording your interactions.


2. Legal Basis for Processing (GDPR/UK GDPR)

If you are located in the EEA or UK, we process your personal data under the following legal bases:

  • Performance of a Contract: To provide the Service you signed up for.

  • Legitimate Interests: To improve our platform, ensure security, and conduct analytics.

  • Consent: Where you have explicitly opted-in (e.g., marketing communications).

  • Legal Obligation: To comply with tax, fraud prevention, or regulatory requirements.


3. How We Use Your Personal Data

We use your personal data to:

  • Deliver the Service: Categorize expenses, identify redundant subscriptions, and provide analytics.

  • AI & Automation: Process data using AI/ML (anonymized where possible) to extract insights from documents.

  • Communication: Send system updates, security alerts, and customer support responses.

  • Improvement: Monitor platform performance and develop new tools.


4. AI Processing & Sub-Processors

  • AI Use: Our platform uses AI to automate spend discovery.

  • Sub-Processors: Leading AI providers (e.g., OpenAI, Anthropic) may process uploaded data to extract text. These providers are contractually restricted from using your personal data to train their general models. Temporary processing occurs only for the extraction task.

  • Data Minimization: Only the minimum necessary data is sent; identifiers are anonymized wherever possible.

  • No Selling: We never sell your personal or financial data to third parties.


5. Cookies and Tracking

We use cookies to maintain sessions and improve site functionality:

  • Necessary Cookies: Required for technical reasons (e.g., staying logged in).

  • Analytical Cookies: Help us understand usage patterns (e.g., Google Analytics).

You can manage cookies via your browser, but some features may not function if necessary cookies are disabled.



6. Sharing Personal Data

We share personal data only when necessary:

  • Service Providers: Cloud hosting (AWS/Azure), payment processors (Stripe), and support tools.

  • Legal Compliance: When required by law or valid legal process.

  • Business Transfers: In connection with mergers, acquisitions, or sale of assets.


7. Data Security

We implement rigorous security measures:

  • Encryption: AES-256 at rest; TLS 1.2+ in transit.

  • Access Controls: Multi-factor authentication (MFA) and least-privilege internal access.

  • Audits & Reviews: Regular vulnerability scans and internal security assessments.


8. Data Retention & Deletion

  • Retention: Personal data is kept while your account is active or as required for legal/audit purposes.

  • Right to Erasure: We delete personal data within 90 days of a verified request.

  • Anonymized Data: De-identified data may be retained indefinitely for trend analysis and AI improvement.

9. International Data Transfers

Your personal data may be processed in the U.S., U.A.E., or other countries. For transfers out of the EEA/UK, we use Standard Contractual Clauses (SCCs) or equivalent safeguards to protect your data. By using the Service, you consent to these transfers.


10. Your Rights & Regional Notices

Depending on your location, you have the following rights:

  • Access & Portability: Request a copy of your personal data.

  • Correction/Deletion: Fix errors or remove your data.

  • Marketing Preferences: Opt-out of promotional emails anytime via the “Unsubscribe” link.

  • California Residents (CCPA/CPRA): We do not sell or share personal information for cross-contextual behavioral advertising. You may opt-out of automated decision-making.

To exercise any rights, contact info@clearspend.ai.


11. Children’s Privacy

The Service is intended for business users and not for children under 16. We do not knowingly collect personal data from minors.


12. Changes & Contact

We may update this Privacy Policy. Material changes will be communicated via the platform with an updated Effective Date.

  • Email: info@clearspend.ai

  • Address: Dataspace Analytics LLC, 30 N Gould St, Sheridan, WY 82801-6317, US

  • Website: www.clearspend.ai