Privacy Policy

Clara ("we," "our," or "us") is an open-source, privacy-first wellbeing assistant. We are committed to protecting your personal data and being transparent about how it is handled. This Privacy Policy explains what data we collect, how we use it, and the choices you have.

We collect only what is necessary to provide the service:

• Account information — If you sign in, we receive your name and email from our authentication provider (WorkOS). We do not store passwords.
• Conversations — The messages you exchange with Clara are stored in our database so you can return to them later.
• Memories — Facts and patterns Clara learns about you are encrypted with a unique per-user key using AES-256-GCM before storage. They cannot be read without your key.
• Usage data — We track token consumption (aggregated daily, per model) to enforce plan limits. We do not track page views, clicks, or behavior.
• Settings — Your preferences (name, language, tone, focus areas) are stored to personalise your experience.
• Payment information — Billing is handled entirely by Stripe. We store your Stripe customer ID and subscription status but never see or store your card details.

• Memories are encrypted end-to-end with AES-256-GCM using a unique key per user. The key itself is encrypted with a server master key.
• Embedding vectors used for memory search are sign-flipped with a per-user random vector, preventing reverse-engineering of content from embeddings alone.
• All communication between your browser and our servers is encrypted via HTTPS/TLS.
• The codebase is open source — you can inspect exactly how your data is processed.

Clara uses the following third-party services:

• OpenAI — Your messages are sent to OpenAI's API to generate responses. OpenAI's data usage policies apply to these interactions.
• Stripe — Handles payment processing. Stripe's privacy policy governs how they handle your payment information.
• WorkOS — Provides authentication. WorkOS receives only the minimum data needed for sign-in.

We use a minimal set of cookies strictly necessary for the service to function:

• Session cookie — Keeps you signed in.
• Anonymous ID cookie — If you use Clara without signing in, a cookie identifies your anonymous session so conversations persist.

We do not use analytics cookies, advertising cookies, or any third-party tracking.

Your data is retained for as long as your account exists. If you delete your account, all associated data (conversations, memories, settings, usage records) will be permanently deleted. You can also delete individual conversations or memories at any time.

You have the right to:

• Access the data we hold about you
• Request deletion of your data
• Export your conversations and memories
• Withdraw consent at any time by deleting your account

Clara is open source. You can self-host the entire application, meaning your data never leaves your own infrastructure. When self-hosted, no data is shared with us.

We may update this policy from time to time. If we make material changes, we will notify you through the application. Continued use after changes constitutes acceptance.

If you have questions about this privacy policy or your data, please open an issue on our GitHub repository or reach out through the application.