Privacy Policy

Learn about our practices regarding the collection, use and disclosure of the information we process

Information Collection | Information Sharing and Disclosure | Data Retention
Applicable to customers on any plan

This Privacy Policy covers a part of our policies regarding our Customer's data shared within our reach. The complete document will be created over time as we acquire more users. Right now, it does not apply to any third-party websites, services or applications, even if they are accessible through our Services. When we refer to "Cliosight" ("we", "our" or "us"), we mean the Cliosight entity that acts as the controller or processor of your information. Please refer to the section titled 'Identity of the Data Controller and Data Processor' for more information.

Introduction

This Privacy Policy applies to: Cliosight's developer tools and platform that enable Customers and their Authorized Users to build, deploy and use Custom Apps (individually and collectively, the "Services"); Cliosight.co.in (the "Website"); and other interactions you may have with Cliosight. In this Privacy Policy, "you" and "your" refer to the person or entity visiting our Website or using our Services. If you are a purchaser of our Services, you are a "Customer"/"Client". If you are authorized by a Customer to use our Services, you are an "Authorized User". Where Cliosight collects information that is associated with an identified or identifiable individual and is protected as personal data under applicable data protection law, it is referred to as "Personal Data". Personal Data that is de-identified or aggregated to the extent that it is no longer reasonably associated with an identified or identifiable natural person may be used by Cliosight for any purpose. Customers can create an application, workflow or process that is customized, programmed or developed using the Services ("Custom App"). Databases, applications and software products also interoperate with the Services which are provided by a Customer or a third-party, and not Cliosight. This Privacy Policy does not apply to any external Products or any third-party websites, services or applications, even if they are accessible through our Services, ("Third-Party Services") which are provided under their own terms of service and privacy policy. A separate master subscription agreement may govern the provision, access and use of the Services (the "Subscription Agreement"), including the processing of electronic data or content that an Authorized User submits to a Custom App ("Customer Data") but excluding such external Products and the Services. The Customer (e.g., your employer or another entity or person) that entered into the agreement with Cliosight controls its instance of the Services and any associated Customer Data. If you have any questions about specific settings and privacy practices, please contact the Customer whose Service you use.

Identity of the Data Controller and Data Processor

Certain jurisdictions distinguish between a "controller" or "processor" of Personal Data. A controller is the decision-maker and exercises overall control over how and why Personal Data is collected and used. In general, the Customer is the controller of Customer Data. A processor acts on behalf of, and only on the instructions of, the relevant controller. In general, Cliosight is the processor of Customer Data and the controller of Other Information (which is described in the 'Information Cliosight Collects and Receives' section below).
Cliosight registered in Bangalore, Karnataka, India as a Sole Proprietorship in IT Services is the controller of Other Information and a processor of Customer Data.

Information Cliosight Collects and Receives

Cliosight collects and receives the following information through the Services, Website and your other interactions with the platform. This information includes Customer Data and other information and data ("Other Information"):

Customer Data

Customers or Authorized Users submit Customer Data to Cliosight when they use the Services. We also collect, generate and/or receives the following categories of Other Information:

Service Information
We may collect information you post to, or collect from, Authorized Users of the Services. We use this information to operate, maintain, and provide to you the features and functionality of the Services. For example:
Account Information: To help us deliver the Services, you or our Customer (e.g. your employer) may supply Cliosight with an email address, username, first and last name, your company's name, your (and/or your company's) physical address and other account set up details. Customers that subscribe to the Services provide Cliosight (or its third-party payment processors) with billing details such as payment information and a billing address. You can also choose to provide us with additional information through our Services, for example, your birthdate and/or phone number.
Profile and Organizational Information: When your Cliosight account is active, you or your organization may provide information during the operation of your account, such as roles and permissions of particular Authorized Users, such as "admins," "builders" or "end users."

Usage Information
We may also collect and aggregate information about the use of our Website and our Services. That information includes:
Device Information: browser and device data, device type, screen resolution, browser type, operating system name and version, language, as well as add-ons for your browser.
Log Information: including your IP address, the pages visited and links clicked on our Website, the time spent on those pages, and the page that was visited before our Website.
Services Metadata: When a Customer or an Authorized User interacts with the Services, metadata is generated that provides additional context about the way that Customer and Authorized User configures and uses the Services. For example, Cliosight logs page views (including page URL), query saves (including the name and type), component creation and the type, query preview (including name and type), and connections to Third Party Services (including name and type).
Location Information: We receive information from you, our Customer and other third parties that helps us approximate your location. We may, for example, use a business address submitted by your employer (who is our Customer) or an IP address received from your browser or device to determine approximate location. Cliosight will also collect location information from your device in accordance with the consent process provided by your device.
Cookie Information: We may also permit third-party online advertising networks to collect information (through cookies or similar tracking technologies) about your and others' use of our Services and any of your mobile or web applications, in order to allow those third-party networks to display ads that may be relevant to your interests on our Services as well as on other websites or apps.
Third-Party Services: A Customer can choose to permit or restrict Third Party Services for its instance of the Services and Custom Apps. Typically, Third Party Services are databases, APIs, software or applications that integrate with our Services, and a Customer can permit its Authorized Users to enable and disable these integrations for its Custom Apps. Authorized Users should check the privacy settings and notices in these Third-Party Services to understand what data may be disclosed to Cliosight. When a Third-Party Service is enabled, Cliosight is authorized to connect and access Other Information made available to us in accordance with our agreement with the Third-Party Service and any permission(s) granted by our Customer (including, by its Authorized User(s)). Examples of information which Cliosight may receive in this manner include whether you successfully subscribed for a new account or license for a third-party application in a way that is attributable to Cliosight usage activity. We do not, however, receive or store passwords for any of these Third-Party Services when connecting them to the Services.
Contact Information: In accordance with the consent process provided by your device or other third-party API, any contact information that an Authorized User chooses to import (such as an address book or calendar from a device or API) is collected when using the Services.
Third-Party Data: Cliosight may receive data about organizations, industries, lists of companies that are Customers, Website visitors, marketing campaigns and other matters related to our business from parent corporation(s), affiliates and subsidiaries, our partners, or others that we use to make our own information better or more useful. This data may be combined with Other Information we collect and might include aggregate-level data, such as which IP addresses correspond to zip codes or countries. Or it might be more specific: for example, how well an online marketing or email campaign performed.
AI App Generation Prompts and Output: Certain optional features of the Services, when enabled, use artificial intelligence models to help you develop Custom Apps based on your natural language instructions. When you use such features, you may collect your prompts and generated output.
Additional Information Provided to Cliosight: We also receive Other Information when submitted to our Websites or in other ways, such as responses or opinions you provide if you participate in a focus group, contest, activity or event, information you provide if you apply for a job with Cliosight in the future, enroll in a certification program or other educational program hosted by Cliosight or a vendor, request support, interact with our social media accounts or otherwise communicate with Cliosight. In general, you are not subject to a statutory or contractual obligation to provide Customer Data or Other Information (together, "Information"). However, various Other Information is collected automatically and, if you do not provide certain information (such as account setup details), we may be unable to provide the Services.

How We Share And Disclose Information

This section sets out how Cliosight may share and/or disclose the Information described under 'Information Cliosight Collects and Receives' above. Except as set out below, we do not sell, trade, or otherwise transfer to outside parties your Information. Designated members of our staff may access your Information to help our customers with any questions they have, including help using our Services, investigating security issues, or following up on bug fixes with a Customer. This activity is logged in our system for compliance, and we maintain different levels of access for its employees depending on their role in our company. The policies and practices for sharing and/or disclosure of Customer Data to third parties is determined by the Customer. Cliosight has no control over the Customer's or any other third parties' choice to share and/or disclose Information.
Customer's Instructions
Cliosight may share and disclose Information in accordance with a Customer's instructions and with appropriate consent, including any applicable terms in the Terms, Subscription Agreement, DPA and the Customer's use of Services functionality and in compliance with applicable law and legal process. Some sharing at a Customer's request may incur additional fees. To enable Cliosight to follow our Customer's instructions, we provide several administrator controls to allow Customers to manage their accounts. Some examples are given below:
We follow Customer's instructions to allow Authorized Users to use various features, such as connecting a Custom App to a Third Party Service or publishing a Custom App to other Authorized Users. We also follow Customer and Authorized User instructions on how a user's profile may be displayed. Customers may also provide their Authorized Users with the ability to edit, delete or use Custom Apps and any associated Customer Data.
Displaying the Services When an Authorized User submits Information to the Services or a Custom App, it may be displayed or discoverable to other Authorized Users in the same account or Custom App. For example, an Authorized User's email address may be displayed with their profile. Collaborating with Others. The Services provide different ways for Authorized Users working in independent Custom Apps to collaborate. Information, such as an Authorized User's profile and organizational information, may be shared, subject to the policies and practices of the Custom Apps you use. For example, to enable connecting, an Authorized User's profile may be shared. In many instances Cliosight either includes administrator controls or individual controls, depending on the use case. Authorized Users may also decide to expand the visibility of certain content.
Customer Access Authorized Users and other Customer representatives and personnel may be able to access, modify, or restrict access to Information. This may include, for example, your employer using Service features to export logs of Custom App activity, or accessing or modifying your profile details.
Public Sharing or Embedding If you enable a public sharing or embedding of your Cliosight applications, any information or content that you voluntarily disclose in your application may become available to the public. If you remove information that you posted to the Services, copies may remain viewable in cached and archived pages of the Service, or if other users of the Services have copied or saved that information.
Third-Party Service Providers and Partners We may disclose your Information to third-party service providers (for example, payment processing and data storage and processing facilities) that we use to provide the Services. We limit the Information provided to these service providers to that which is reasonably necessary for them to perform their functions, and we require them to agree to maintain the confidentiality of such Information.
We may contract with third-party service providers to assist us in better understanding our Website visitors. These service providers are not permitted to use the information collected on our behalf except to help us conduct and improve our business.
Third-Party Services Customer may enable or permit Authorized Users to authenticate and enable Third-Party Services. We require each Third-Party Service to disclose all permissions for information access in the Services, but we do not guarantee that they do so. When enabled, Cliosight may share Information with Third-Party Services. Third-Party Services are not owned or controlled by Cliosight and third parties that have been granted access to Information may have their own policies and practices for its collection, use, and sharing. Cliosight may also receive payment from third-party services for licenses and subscriptions attributable to Cliosight usage activity. Please check the permissions, privacy settings, and notices for these Third-Party Services or contact the provider for any questions. Forums. The information you choose to provide in a community forum including personal data will be publicly available.
Aggregated or De-identified Data We may disclose or use aggregated or deidentified Information for any purpose. For example, we may share aggregated or deidentified Information with prospects or partners for business or research.
With Consent Cliosight may share Information with third parties when we have consent to do so. For Services registered to corporate entities, Cliosight may share Information with consent of the Customer or authorized corporate officer.

Data Retention

Customer's Data

Cliosight retains Customer Data in line with the Customer's instructions (including through use of the Services, the performance of any applicable terms in the agreement). The deletion of Customer Data and other use of the Services by the Customer may result in the deletion and/or de-identification of certain associated Other Information. For more detail, please review Cliosight's Security Practices Page or contact the customer support - support@cliosight.co.in.

Other Information

Other Information relating to you is retained by us for as long as reasonably necessary for the purposes described in this Privacy Policy (see the 'How We Process your Information and our Legal Bases for Doing So' section above). We may need to retain your Other Information for a period of time after you or your admin has deactivated your account to pursue our legitimate business interests, comply and demonstrate compliance with relevant legal obligations, resolve disputes, conduct audits and enforce our agreements with the Customer or third parties. Cliosight retains data in accordance with records retention obligations and limitation periods that respect the applicable laws. For example, Cliosight will retain:
-- Service Information for as long as you use the Services.
-- Other Information for legal reasons where applicable (e.g. comply with applicable law when we have a legal obligation to retain information or to respond to a legal request).

Your Rights

You have a right to object to processing of your Personal Data where we rely on legitimate interests. You can exercise this right by emailing support@cliosight.co.in. In the event that you submit an objection, we will cease processing your information for the relevant purposes unless we have compelling grounds to continue the processing or it is necessary for legal claims. Cliosight may also process Other Information that constitutes your Personal Data for direct marketing purposes. You have a right to object to Cliosight's use of your Personal Data for direct marketing purposes at any time by emailing Us.

Your Privacy Rights

Law requires that we detail the categories of personal information that we collect and disclose for certain "business purposes," such as to service providers that assist us with securing our services or marketing our products, and to such other entities as described in earlier sections of Privacy Policy. In addition to the information provided above in the 'Information Cliosight Collects And Receives' section, we collect the following categories of personal information from you, your employer, data analytics providers, data brokers, and Third-Party Services for our business purposes:
Identifiers/contact information;
Commercial information;
Internet or electronic network activity information;
Financial information;
Geolocation information;
Professional or employment-related information;
Inferences drawn from any of the above categories.

We collect this information for the business and commercial purposes which will be detailed at a later stage in this page. We share this information as described in the 'How We Share and Disclose Information' section above. Cliosight does not sell (as such term is defined in the CCPA or otherwise) the personal information we collect (and will not sell it without providing a right to opt out). We may also share personal information (in the form of identifiers and internet activity information) with third party advertisers for purposes of targeting advertisements on external websites, applications, and services. In addition, we may allow third parties to collect personal information from our sites or services if those third parties are authorized service providers who have agreed to our contractual limitations as to their retention, use, and disclosure of such personal information, or if you use our sites or services to interact with third parties or direct us to disclose your personal information to third parties.

Security

Cliosight takes security seriously. Our servers rented from AWS have round-the-clock security, fully redundant power systems and physical audit logs. Protecting Customer Data is a top priority for Cliosight. As a matter of principle, Cliosight takes a minimalist approach to any storing or processing of Customer Data. For example, for self-hosted versions of Cliosight that are configured with Customer Owned databases, no Cliosight systems store Customer Data and no personnel have technical or logical access to any Customer Data. For cloud-based software-as-a-service versions of Cliosight that are configured with external databases, Cliosight does not store any Customer Data unless your company configures a Job to cache data into an in-built database; even in those cases, Customer Data is only stored for the duration your company specifies and can be disabled or invalidated by your company at any time using the Job. For further information on the administrative, physical, and technical safeguards for the security, confidentiality and integrity of your information please see Cliosight's Security Practices Page.
Cliosight is unable to guarantee that Information stored on our systems or otherwise in our care during transmission through the internet will be absolutely safe from intrusion by bad actors given the nature of communications and information processing technology. We do not and cannot control or endorse what is on third-party sites that may be linked to our Service or Website.

Changes To This Privacy Policy

Cliosight may make occasional changes to this Privacy Policy along with the pending sections on laws governing consumer data by consumer privacy act. If we decide to change our Privacy Policy, we will post those changes on this page. If we are going to use Personal Data collected through the Site in a manner materially different from that stated at the time of collection, then we will notify users via email and/or by posting a notice on our Site for 30 days prior to such use or by other means as required by law. Please work with your administrator to deactivate your account if you disagree with any change to this Privacy Policy. To request the erasure of your Personal Data, please contact the Customer that authorized your access to the Services as they control this information.