Legal

Privacy Policy

Last updated: 17 June 2026 · Effective: 17 June 2026

1. Overview

Klauzify ("we", "us"), operating at klauzify.com, provides an automated clause-extraction tool for agreements and similar documents. This policy explains what we collect, why we collect it, who we share it with, and how long we keep it. You can use the free tier without providing personal information — no account is required.

2. What We Collect

• Account information (Pro and verified users): Your email address and a salted hash of your password (PBKDF2). We never store your raw password.
• Session cookies: A signed session cookie that keeps you logged in. No third-party tracking cookies are set.
• Document text: Text you paste or extract from an uploaded PDF, sent to an AI provider for analysis and then discarded. We do not write document text to our database.
• Rate-limit counters: A daily count of free analyses, keyed by account ID when logged in or by IP address when anonymous. Stored in Cloudflare KV with an auto-expiry of roughly 26 hours.
• Server logs: Standard request metadata captured by Cloudflare (IP, user agent, timestamps), used for security and abuse prevention.
• Billing details (Pro): Handled entirely by Stripe. We receive a customer reference and subscription status; we never see your full card details.
• Contact form submissions: The name, email, topic, and message you send through our contact form, delivered to us via Web3Forms.

3. How We Use It

• To operate, secure, and improve the Service;
• To enforce per-account and per-IP rate limits on the free tier;
• To send transactional email — account verification, password reset, billing receipts — via Resend;
• To process Pro subscriptions and respond to billing questions;
• To respond to contact-form inquiries;
• To comply with legal obligations.

We do not sell your personal data to third parties, and we do not use your document text to train any model.

4. AI Processing of Document Text

When you analyse a document, the text is transmitted to an external AI provider so the model can return extracted clauses:

• Free tier: Cloudflare Workers AI (Llama-class models). Processing occurs on Cloudflare's infrastructure under its terms.
• Pro tier: Anthropic (Claude Haiku 4.5). Document text is sent over HTTPS to the Anthropic API and handled under Anthropic's commercial terms. Anthropic does not train its models on data sent through the API.

Klauzify does not retain a copy of your document text after the response is returned.

5. Cookies

We use only essential cookies — currently a session cookie for logged-in users. We do not set analytics or advertising cookies. Your browser's Do Not Track signal is respected by default because we do not run third-party trackers.

6. Third-Party Processors

• Cloudflare — hosting (Pages), edge functions, database (D1), key-value store (KV), and free-tier AI inference (Workers AI).
• Anthropic — Pro-tier clause extraction via the Claude API.
• Stripe — payment processing for Pro subscriptions.
• Resend — transactional email (verification, password reset).
• Web3Forms — delivery of contact form submissions.

7. Retention

• Document text: not retained.
• Rate-limit counters: auto-expire ~26 hours after the day's first request.
• Server logs: per Cloudflare's defaults (typically up to 30 days).
• Contact form messages: up to 12 months, then deleted.
• Free or unverified accounts: retained until you delete the account.
• Pro accounts: retained while active, plus up to 90 days after cancellation for billing reconciliation, then deleted on request.

8. Your Rights

Depending on where you live, you may have the right to:

• Access the personal data we hold about you;
• Correct inaccurate data;
• Delete your account and associated data;
• Export your data in a portable format;
• Object to or restrict certain processing;
• Withdraw consent where processing is based on consent.

To exercise any of these rights, use the contact form.

9. Children

The Service is not intended for children under 13. We do not knowingly collect personal information from anyone under 13.

10. Security

We use HTTPS in transit, hash passwords with PBKDF2, isolate Pro analysis behind authenticated sessions, and rely on Cloudflare and Stripe for infrastructure-level protections. No service is perfectly secure; please use a strong, unique password.

11. Changes to This Policy

We may update this policy from time to time. The "Last updated" date at the top will reflect any change. Material changes affecting Pro subscribers will be communicated by email.

12. Contact

Questions, requests, or concerns? Reach us through the contact form.