KleverDev
Sign Up

Privacy Policy

Our privacy policy and how we use your data

Last Updated: July 2025

Introduction

KleverDev Limited ("KleverDev", "we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use our Salesforce Copilot platform ("Service").

We are a company registered in New Zealand with our principal office at 145 Nelson St, Auckland 1010, New Zealand. For data protection matters, you can contact us at legal@kleverdev.com.

Information We Collect

Personal Information

We collect the following types of personal information:

Account Information:

  • Email address (required for account creation)
  • Full name
  • Profile picture (optional)
  • Company name and role (optional)
  • Account preferences and settings

Authentication Data:

  • OAuth tokens for third-party services (Google, Salesforce)
  • Multi-factor authentication settings
  • Session tokens and login history

Salesforce Integration Data:

  • Salesforce instance URLs
  • Salesforce user IDs
  • OAuth access and refresh tokens (encrypted with AES-256-GCM)
  • Salesforce permissions and role information

Communication Data:

  • Chat conversations and messages
  • Support inquiries and contact form submissions
  • Email communications and notifications
  • In-app messages and alerts

Usage Information

Service Usage:

  • Features accessed and frequency of use
  • Time spent using the Service
  • Chat interaction patterns
  • Error logs and diagnostic information

Technical Information:

  • IP address and location information
  • Device type and browser information
  • Operating system and version
  • Referrer URLs and page views

Billing Information:

  • Subscription plan details
  • Payment processing information (processed by Stripe)
  • Billing history and invoice data
  • Credit usage and consumption patterns

Automatically Collected Information

We automatically collect certain information through:

  • Cookies: For authentication, preferences, and analytics
  • Server Logs: For security, performance monitoring, and troubleshooting
  • Analytics: Via Sentry for error tracking and performance monitoring
  • Email Tracking: Via Resend for email delivery and engagement

How We Use Your Information

Service Provision

  • Account Management: Create and manage your account
  • Authentication: Secure login and session management
  • Salesforce Integration: Connect and interact with your Salesforce instance
  • AI Processing: Provide AI-powered chat assistance through OpenAI
  • Feature Delivery: Enable core platform functionality

Communication

  • Service Communications: Send transactional emails and notifications
  • Support: Respond to inquiries and provide customer support
  • Updates: Notify you of service changes, updates, and new features
  • Marketing: Send promotional communications (with consent)

Improvement and Analytics

  • Service Improvement: Analyze usage patterns to enhance the Service
  • Performance Monitoring: Monitor system performance and reliability
  • Error Detection: Identify and resolve technical issues
  • Security: Detect and prevent fraud and unauthorized access

Legal and Business

  • Compliance: Meet legal and regulatory requirements
  • Billing: Process payments and manage subscriptions
  • Business Operations: Conduct internal business operations
  • Legal Protection: Protect our rights and interests

How We Share Your Information

Third-Party Service Providers

We share your information with trusted third-party service providers:

OpenAI (AI Processing):

  • Chat messages for AI response generation
  • Processed under zero-retention policy (OpenAI does not store or train on your data)
  • Subject to OpenAI's privacy policy and data processing terms

Stripe (Payment Processing):

  • Payment information and billing data
  • Subscription management and recurring billing
  • Fraud detection and prevention

Salesforce (Integration):

  • OAuth authentication and authorization
  • Data access for Service functionality
  • Subject to Salesforce's privacy policy and terms

Sentry (Error Monitoring):

  • Error logs and performance data
  • Technical diagnostics and troubleshooting
  • No personal information is shared

Resend (Email Services):

  • Transactional emails and notifications
  • Email delivery and engagement tracking
  • Subject to Resend's privacy policy

Legal Requirements

We may disclose your information when required by law or to:

  • Comply with legal processes or government requests
  • Protect our rights, property, or safety
  • Prevent fraud or security threats
  • Enforce our Terms of Service or other agreements

Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the business transaction. We will notify you of any such change in ownership or control.

Data Security

Security Measures

We implement appropriate technical and organizational measures to protect your information:

  • Encryption: Data encrypted in transit (TLS 1.3) and at rest (AES-256)
  • Access Controls: Role-based access and multi-factor authentication
  • Regular Audits: Security assessments and vulnerability testing
  • Employee Training: Privacy and security awareness programs
  • Incident Response: Procedures for security incident handling

Data Breach Procedures

In the event of a data breach, we will notify affected users and relevant authorities as required by law. We will take immediate steps to contain and remediate any security incident.

Data Retention

Retention Periods

We retain your information for the following periods:

  • Account Data: While your account is active and for 30 days after deletion
  • Chat Conversations: Indefinitely while your account is active
  • Billing Records: 7 years for tax and accounting purposes
  • Logs and Analytics: 12 months for security and performance monitoring
  • Marketing Communications: Until you unsubscribe or withdraw consent

Data Deletion

You can request deletion of your account and associated data at any time. We will process deletion requests within 30 days, subject to legal retention requirements.

Your Rights

Access and Control

You have the following rights regarding your personal information:

  • Access: Request a copy of your personal information
  • Correction: Update or correct inaccurate information
  • Deletion: Request deletion of your account and data
  • Portability: Export your data in a machine-readable format
  • Objection: Object to certain processing activities
  • Restriction: Limit how we process your information

Marketing Preferences

You can control marketing communications by updating your preferences in your account settings or using the unsubscribe link in any marketing email.

Exercising Your Rights

To exercise your rights, contact us at legal@kleverdev.com. We will respond to your request within 30 days, subject to verification of your identity.

International Data Transfers

Cross-Border Transfers

Your information may be transferred to and processed in countries other than New Zealand, including:

  • United States: OpenAI, Stripe, Sentry, and other service providers
  • European Union: Some analytics and monitoring services
  • Global: Cloud infrastructure and CDN services

Safeguards

We ensure appropriate safeguards for international transfers through:

  • Standard contractual clauses approved by data protection authorities
  • Adequacy decisions for transfers to approved countries
  • Certification schemes and codes of conduct
  • Contractual obligations with service providers

Children's Privacy

Our Service is not intended for children under 18 years of age. We do not knowingly collect personal information from children under 18. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.

Changes to This Privacy Policy

Updates and Notifications

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

  • Posting the updated policy on our website
  • Sending email notifications to registered users
  • Displaying in-app notifications for significant changes

Continued Use

Your continued use of the Service after changes become effective constitutes acceptance of the updated Privacy Policy.

Contact Information

If you have questions about this Privacy Policy or our data practices, please contact us:

KleverDev Limited
145 Nelson St, Auckland 1010, New Zealand
Email: legal@kleverdev.com

Data Protection Officer

For privacy-related inquiries or to exercise your data rights, contact our data protection team at legal@kleverdev.com.

Regulatory Authorities

You have the right to lodge a complaint with:

  • New Zealand: Privacy Commissioner (privacy.org.nz)
  • European Union: Your local data protection authority
  • California: California Attorney General

This Privacy Policy supports our commitment to transparency and data protection. See also our Terms of Service and Cookie Policy.