Privacy Policy

Last updated: 13 December 2025

This Privacy Policy explains how Clarixa.ai (“we”, “us”, “our”) collects, uses, shares, and protects personal data when you visit our website, contact us, book appointments, submit forms, or interact with our AI-enabled services (including Voice AI and Conversational AI).

Note: This is a website privacy policy. If you become a client, additional terms (including a Data Processing Addendum) may apply depending on the engagement and configuration.

1. Who we are

Controller: Clarixa.ai
Address: Kilmanahan, Clonmel, County Tipperary, Ireland
Contact email: [email protected]

2. What personal data we collect

2.1 Data you provide to us

  • Identity and contact data (e.g., name, email address, phone number, business name, job title).
  • Enquiry and form data (e.g., messages, questionnaire answers, preferences).
  • Appointment and meeting data (e.g., requested times, notes you provide, meeting links).
  • Billing/payment-related data where applicable (typically processed by our payment providers; we may receive limited transaction metadata).

2.2 Data collected automatically

  • Device and usage data (e.g., IP address, browser type, pages viewed, clicks, timestamps, approximate location).
  • Cookie and similar technology data (see our Cookie Policy for details and controls).

2.3 AI interaction and communications data

If you interact with our AI features (for example via web chat, inbound/outbound voice calls, or messaging), we may process:

  • Chat messages and conversation logs.
  • Call audio and call metadata (time, duration, routing).
  • Call transcripts and summaries (Voice AI transcribes calls).
  • Intents, tags, and workflow outcomes (e.g., appointment created, enquiry routed, support ticket logged).

3. How we use your personal data

  • To respond to enquiries and provide requested information.
  • To provide our services, including onboarding, support, and account administration.
  • To schedule, manage, and run appointments (including reminders).
  • To operate AI features such as Voice AI and Conversational AI (e.g., answering questions, triage, booking, support).
  • To operate and improve our website and user experience (analytics, testing, debugging).
  • To send marketing communications where permitted, and to respect opt-out choices.
  • To protect our business and users (security monitoring, fraud prevention, logging).
  • To comply with legal obligations and respond to lawful requests.

4. Legal bases (EEA/UK)

Where GDPR or UK GDPR applies, we rely on one or more of the following legal bases depending on context:

  • Contract (or steps before entering a contract) – delivering requested services, managing accounts and appointments.
  • Legitimate interests – securing our systems, improving our services, and basic business communications (balanced against your rights).
  • Consent – non-essential cookies, certain marketing communications, and (where required) call recording/transcription.
  • Legal obligation – tax, accounting, and compliance requirements.

Call recording/transcription requirements vary by country and, in some places, by state/province. Where required, we will obtain consent or provide appropriate notice before recording/transcribing.

5. Cookies, analytics, and advertising technologies

We use cookies and similar technologies to run our website, understand usage, and (where you opt in) measure and personalise advertising. Tools we may use include:

  • Google Analytics 4 (GA4)
  • Meta Pixel
  • LinkedIn Insight Tag
  • TikTok Pixel
  • Hotjar

Details on categories and controls are provided in our Cookie Policy and our cookie preference centre.

6. Our platforms and service providers

We use a CRM and automation platform (the “Platform”) to store and manage enquiries, appointments, workflows, and communications. In the HighLevel ecosystem, certain services may be branded as LeadConnector in a white-label context. Depending on configuration and region, we may use LeadConnector/HighLevel components to deliver services.

6.1 Support access and global team

Our team members and authorised contractors (including support) may be located in different countries. Access is role-based and limited to what is necessary for support, delivery, and security.

6.2 Messaging and communications providers

We may use third-party communications providers to send and receive messages (e.g., SMS, WhatsApp, iMessage, and similar channels). Providers can vary by region and availability. Where possible, we may use LeadConnector-supported services; however, in Ireland this may not always be available and we may use providers such as Phonovation and/or ComReach. We may also use providers such as Twilio. The exact providers we use may change over time.

6.3 Calendars and appointment tools

We may integrate with calendar tools (such as Google Calendar) to create and manage appointments. This may process appointment details (e.g., name, contact details, time/date, notes). Storage location depends on your interaction and the configured tools.

7. Sharing of personal data

We may share personal data with:

  • Service providers (processors) who help us run our website, CRM, analytics, communications, and support.
  • Professional advisers (legal, tax, accounting) where necessary.
  • Authorities where required by law or to protect rights, safety, and security.
  • Business transferees (e.g., in a merger or sale), subject to appropriate safeguards.

We do not sell personal data for money. Some advertising technologies may be treated as “sharing” under certain US laws (see Section 12).

8. International transfers

Your information may be processed in countries outside your home country, including outside the EEA/UK. Where required, we use recognised transfer safeguards such as Standard Contractual Clauses and/or other lawful mechanisms.

9. Data retention

We retain personal data only for as long as necessary for the purposes described in this Policy, including legal, tax, and accounting obligations. Retention periods depend on the type of data and context (e.g., leads, clients, support tickets, call transcripts). You can request more detail by emailing [email protected].

10. Security

We use appropriate technical and organisational measures to protect personal data, including access controls, authentication, and monitoring. No method of transmission or storage is 100% secure, but we work to reduce risk appropriately.

11. Your rights (EEA/UK)

You may have rights including access, correction, deletion, restriction, objection, portability, and the right to withdraw consent (where processing is based on consent). You also have the right to lodge a complaint with your supervisory authority (in Ireland, the Data Protection Commission).

To exercise rights, email [email protected].

12. United States (including California)

If you are a US resident, you may have additional rights under state privacy laws. For California residents, the CCPA/CPRA may provide rights to know, access, delete, correct, and opt out of certain data uses.

Do Not Sell or Share (California): Some advertising technologies (such as pixels) may be considered “sharing” for cross-context behavioural advertising. You can opt out by rejecting advertising cookies in our cookie preference centre and/or using browser/device controls.

13. Canada

If you are in Canada, we handle personal information in line with applicable Canadian privacy laws (including PIPEDA and provincial laws where applicable). You may request access and correction, and you may withdraw consent subject to legal/contractual restrictions.

14. Children

Our website and services are not intended for children. We do not knowingly collect personal data from children. If you believe a child has provided us with data, contact us and we will take appropriate steps.

15. Changes to this Policy

We may update this Policy from time to time. We will post the updated version on our website and update the “Last updated” date.

© Clarixa.ai. All rights reserved.