Claros
Sign in
Back to welcome
Legal

Privacy Policy

How Claros handles account, practice, and client information in the clinical workspace.

Last updated: May 12, 2026

Who this policy covers

This Privacy Policy applies to Claros visitors, invited account holders, and professional users who use Claros to manage a psychology practice workspace.

When a professional enters client or patient information into Claros, that professional or their practice is responsible for having the appropriate privacy notice, consent, professional basis, and legal authority for that information.

Information we process

  • Account and profile details, such as name, email address, phone number, practice name, practice address, preferences, and authentication details.
  • Practice records entered by users, including client identifiers, contact details, appointment data, session notes, goals, attention flags, working relationship assessments, billing records, and reports.
  • Integration data, such as calendar connection status, event metadata, invoice configuration, and AI API configuration when the user chooses to connect those services.
  • Operational data, such as device, browser, log, security, and usage information needed to keep the service reliable and secure.
  • Support communications sent to Claros by email or another support channel.

Why we process information

  • To provide, secure, maintain, and improve the Claros workspace.
  • To authenticate users and protect accounts from unauthorized access.
  • To store and organize practice records at the direction of the professional user.
  • To enable optional integrations requested by the user, such as calendar sync, invoicing, export, or AI-assisted summaries.
  • To comply with applicable legal, security, accounting, and professional obligations.

Sensitive health and clinical information

Claros is designed for professional practice administration and may contain health-related or other special-category information when a user enters it. Users should enter only the information needed for their professional work and should avoid storing emergency or crisis communications in Claros.

If you use Claros in a HIPAA-regulated context, do not store protected health information unless Claros has agreed in writing to the required business associate terms for your use case.

Sharing and processors

We do not sell personal data and we do not use practice records for advertising. We share information only when needed to provide Claros, comply with law, protect the service, or follow the user’s instructions.

  • Hosting, database, authentication, email, monitoring, and security providers.
  • Optional integration providers selected by the user, such as calendar, invoicing, export, or AI providers.
  • Professional advisers, authorities, or other parties where required by law or necessary to protect rights, safety, and security.

International transfers

Claros may use service providers in different countries. Where required, we rely on appropriate safeguards such as contractual protections, provider security commitments, and transfer mechanisms recognized by applicable data protection law.

Retention and deletion

We keep account and practice data for as long as needed to provide the service, meet legal obligations, resolve disputes, preserve security, and support professional recordkeeping. Users can export practice data and may request deletion where available and legally appropriate.

Some information may remain in backups, logs, financial records, or security records for a limited period where retention is necessary.

Your rights and choices

Depending on where you are located, you may have rights to access, correct, export, delete, restrict, or object to processing of personal data. You may also have the right to lodge a complaint with your data protection authority.

If you are a client or patient of a professional using Claros, please contact that professional first for requests about your clinical record. Claros will support professional users in responding to valid requests where required.

Security

We use technical and organizational safeguards designed to protect information, including access controls, authentication, encrypted transport, and operational security practices. No system can be guaranteed perfectly secure, so users should also protect account credentials and limit access to authorized staff.

Contact

Questions about this Privacy Policy can be sent to claros.work@gmail.com. If a professional practice provides Claros to you, that practice may also be the right contact for privacy requests about your clinical record.