<- Back to home

Clairvyn Private Limited

Privacy Policy

Effective Date: 14 March 2026

Privacy Policy

Clairvyn Private Limited operates an AI-powered architectural floor plan generation service (the "Platform") accessible at www.clairvyn.com. This Privacy Policy explains how we collect, use, share, and handle information in connection with the Platform. By using the Platform, you agree to the practices described here.

We are a startup in active development. Our services, infrastructure, and data practices evolve over time. This policy reflects our current practices and our general approach to data handling. Where we make material changes, we update this policy.

1. Who We Are

Legal Name: Clairvyn Private Limited

CIN: U62099TN2025PTC180011

GSTIN: 33AAMCC6875A1ZO

Registered Address: No. 136/1, No. 8/9, Parvallal Street, Murugappa Nagar, Ennore RS, Ambattur, Tiruvallur, Tamil Nadu 600057, India

Contact: hello@clairvyn.com | www.clairvyn.com

Grievance Officer: Ronak Marlecha, Co-Founder and CFO. Contact: hello@clairvyn.com

For applicable regulatory purposes, Clairvyn Private Limited acts as the Data Fiduciary under the Digital Personal Data Protection Act, 2023 of India (DPDP Act), the Data Controller under the General Data Protection Regulation (EU) 2016/679 (GDPR), and a business under the California Consumer Privacy Act as amended by the California Privacy Rights Act (CCPA/CPRA).

2. Definitions

"Platform" means the AI-powered architectural floor plan generation service operated by Clairvyn Private Limited at www.clairvyn.com and all associated applications, APIs, tools, and services.

"User" or "you" means any person or entity that accesses or uses the Platform.

"Account" means a registered user profile on the Platform.

"Input" means any content you submit through the Platform, including prompts, parameters, preferences, and requirements.

"Output" means content generated by the Platform in response to your Input.

"Data Opt-Out" means a status under which a User's Inputs, Outputs, and usage information are not included in datasets shared with external commercial partners. The Data Opt-Out does not affect the collection or use of information that is operationally necessary for Clairvyn to provide, secure, and improve the Platform.

"Partner Data" means information derived from User data that has been processed to reduce identification risk and that may be shared with research, development, or commercial partners under appropriate safeguards.

3. Information We Collect

We collect information to operate and improve the Platform, understand usage, personalise your experience, process payments, prevent fraud, and meet our legal obligations. The categories below describe what we currently collect and the types of information we may collect as the Platform grows. We may collect additional categories of information in the future, and we will describe such collection at the relevant time.

3.1 Information You Provide

When you create an Account, we collect information you submit directly. This currently includes your full name, email address, city and country of location, the name of your educational institution or organisation, and a password. Passwords are processed and stored in hashed or encrypted form by our authentication provider. We do not store plaintext passwords.

We may also ask for additional profile information to understand our Users and improve the Platform. This may include professional background, years of experience, intended use case, and other demographic or preference information you choose to share. You are not required to provide optional profile information. Where we introduce new fields, we describe them at the point of collection.

When you subscribe to a paid plan, you provide payment information through our payment processor. We receive a transaction summary and reference from the processor. We do not collect or store raw payment card numbers, bank credentials, or similar sensitive payment data.

3.2 Information We Collect Automatically

When you use the Platform, we and our service providers automatically collect information about your activity and environment. This includes information about your Inputs and Outputs, how you interact with Platform features, your device and browser characteristics, network information, IP address, session data, error and diagnostic information, and usage patterns. We use this information to operate the Platform, improve its performance, detect and prevent abuse and fraud, develop features, and understand how the Platform is used.

We may use our own analytics systems and third-party analytics and measurement tools for these purposes. The specific tools and methods we use may evolve over time.

3.3 Information From Third-Party Services

When you authenticate through a third-party login provider, we receive authentication information and the profile data associated with that login. We may also receive information from our infrastructure providers, payment processors, and other service partners in connection with operating the Platform.

3.4 Inferences

We may derive information from the data we collect, including inferences about your professional background, usage preferences, skill level, and design patterns. We use inferences to improve the Platform, personalise your experience, and develop products and features.

4. How We Use Information

We use information for the following purposes. Because we are building a developing product, we may use information for additional purposes that we describe at the relevant time.

4.1 Operating and Delivering the Platform

We use your information to create and manage your Account, authenticate you, generate Outputs in response to your Inputs, process payments, manage your subscription, and communicate with you about the Platform. This use is necessary to perform our contract with you. Legal basis: GDPR Article 6(1)(b) (contractual necessity); DPDP Act Section 6(1) (consent at registration).

4.2 Platform Improvement and AI Development

We use Inputs, Outputs, usage data, and inferences to improve the Platform's AI systems, algorithms, output quality, and features. This includes training and refining our proprietary models using data from all Users. This internal improvement activity applies to all Users and is not affected by the Data Opt-Out, which relates to external sharing only. We consider this use to be within Users' reasonable expectations when they use an AI generation service. Legal basis: GDPR Article 6(1)(f) (legitimate interests in developing and improving the Platform); DPDP Act Section 6(1).

4.3 Analytics, Measurement, and Personalisation

We use usage data and inferences to measure Platform performance, understand how features are used, personalise the experience, and support product decisions. We may use internal analytics tools and third-party analytics providers for these purposes. Legal basis: GDPR Article 6(1)(f) (legitimate interests in understanding and improving the service); DPDP Act Section 6(1).

4.4 Security, Fraud Prevention, and Abuse Detection

We use device, network, session, and behavioural data to detect, investigate, and prevent fraud, abuse, security threats, and violations of our Terms of Service. We may share information with authorities where required by law or where we reasonably believe disclosure is necessary to protect Users or the public. Legal basis: GDPR Article 6(1)(f) (legitimate interests in protecting the Platform and its users); DPDP Act Section 6(1).

4.5 Legal and Regulatory Compliance

We process information to comply with applicable law, respond to lawful requests from governmental or judicial authorities, satisfy accounting and tax obligations, and fulfil our commitments under this policy. Legal basis: GDPR Article 6(1)(c) (legal obligation); DPDP Act Section 6(1).

4.6 External Data Sharing with Partners

Subject to the Data Opt-Out described in Section 6, we may process and share Partner Data with research, development, and commercial partners. This sharing is based on your consent given at Account creation. Legal basis: GDPR Article 6(1)(a) (consent); DPDP Act Section 6(1). You may withdraw this consent at any time through the Data Opt-Out mechanism in Section 6.

4.7 Communications

We use your contact information to send service notifications, Account updates, subscription information, and information about new features or products. You may manage communication preferences in your Account settings or by contacting hello@clairvyn.com.

5. Sharing and Disclosure

We do not sell your personal information for monetary consideration. We may share information as described below.

5.1 Service Providers

We share information with third-party service providers who help us operate the Platform. These providers are engaged to perform services on our behalf and are permitted to use data only for those purposes. Our current primary providers include cloud infrastructure providers, an AI model provider accessed through a routing service, an authentication provider, a payment processor, and accounting software. We may engage additional providers as the Platform develops.

5.2 Partner Data Sharing

We may share Partner Data with organisations in the architecture, construction, technology, education, or research sectors for research and development, product improvement, and commercial purposes, subject to appropriate contractual safeguards and the Data Opt-Out as described in Section 6. Partner Data is processed using measures reasonably designed to reduce identification risk before sharing. We do not represent that such processing eliminates all re-identification risk under all circumstances.

5.3 Legal Requirements and Safety

We may disclose information where we believe in good faith that disclosure is required by law, court order, or regulatory authority, or where we reasonably believe disclosure is necessary to protect the safety, rights, or property of Clairvyn, our Users, or the public. Where legally permitted, we will attempt to notify affected Users of such disclosure.

5.4 Business Transfers

If Clairvyn undergoes a merger, acquisition, sale of assets, restructuring, or similar transaction, User information may be transferred as part of that transaction. We will notify registered Users of any such transfer through the Platform or by email.

5.5 With Your Consent

We may share information with third parties where you have given us separate, specific consent to do so.

6. The Data Opt-Out

6.1 What the Data Opt-Out Is

The Data Opt-Out is a feature that, when active for a User, excludes that User's Inputs, Outputs, and usage information from Partner Data shared with external organisations. It is automatically active for Users on subscription plans that include this feature. No action is required by those Users to activate it. Information about which plans include the Data Opt-Out is available on the Platform's pricing page at www.clairvyn.com.

Users on plans that do not include the automatic Data Opt-Out are included in Partner Data sharing by default. Those Users may opt out of Partner Data sharing at any time using the opt-out control in their Account settings or by contacting hello@clairvyn.com. Opting out does not affect Platform access or pricing.

All Users retain their full statutory privacy rights under applicable law regardless of which plan they hold. The Data Opt-Out is a commercial product feature relating to Partner Data sharing. It is not a prerequisite to exercising any legal right, including the right to access, correct, delete, or restrict personal data. Those rights are available to all Users under Section 9.

6.2 What the Data Opt-Out Does Not Cover

The Data Opt-Out does not affect the collection or internal use of information that is necessary for Clairvyn to provide, secure, and improve the Platform. This includes Account information, authentication data, device and network information, interaction logs, billing data, and data used for Clairvyn's internal AI development and improvement activities.

6.3 Effect on Historical Data

Where a User opts out of Partner Data sharing, we take commercially reasonable steps to exclude that User's data from future Partner Data sharing. Data already processed and shared with a partner prior to the opt-out request may not be retrievable. Where practicable, we will request that relevant partners cease further use of data attributable to that User, but we cannot guarantee the actions of independent third parties.

6.4 Plan Changes

The Data Opt-Out applies prospectively from the date it becomes active. Data collected before a Data Opt-Out was active may have been included in Partner Data sharing under the terms applicable at that time. Data collected while a Data Opt-Out is active is not included in Partner Data sharing, regardless of any subsequent plan change.

7. AI Processing and Third-Party AI Providers

When you submit an Input, it is transmitted to our AI infrastructure for processing. We use third-party AI model providers, including through an AI routing service, to generate Outputs. These providers process your Inputs as part of service delivery and are subject to contractual restrictions on further use. We rely on representations from our AI providers regarding their data handling practices but cannot independently verify all such representations.

8. Data Retention

We retain information for as long as reasonably necessary to fulfil the purposes described in this policy, comply with legal obligations, resolve disputes, enforce our agreements, and support business operations. Specific retention periods depend on the category of information and the purpose of processing.

Account information is generally retained for the duration of the Account and for a reasonable period following closure. Billing and transaction records are retained for the period required by applicable tax and accounting law, which in India is generally seven years. Technical and operational logs are retained for the period reasonably necessary for security, debugging, and operational purposes. Inputs and Outputs are retained for a period that enables the features you use on the Platform, and may be retained in modified or aggregated form for longer periods for improvement purposes. We may delete or anonymise data at our discretion when it is no longer needed for any retained purpose.

9. Your Privacy Rights

You have rights in relation to your personal information under applicable law. To exercise any right, contact hello@clairvyn.com with your request. We will respond within the period required by applicable law. Verification may be required. No User is penalised or disadvantaged for exercising any privacy right.

9.1 Rights Under the DPDP Act (Users in India)

Under the DPDP Act 2023, you have the following rights as a Data Principal. Subject line prefix for all requests: DPDP Rights Request.

Right to information: you may request a summary of personal data being processed about you and the identities of third parties with whom it has been shared, under Section 11 of the DPDP Act.

Right to correction and erasure: you may request correction of inaccurate or incomplete personal data, and erasure of data no longer needed for the purpose for which it was collected, under Section 12 of the DPDP Act. Certain data may need to be retained despite an erasure request where required by law or for the establishment, exercise, or defence of legal claims.

Right to withdraw consent: you may withdraw consent to any processing that is based on consent under Section 6(4) of the DPDP Act. Withdrawal is prospective. It does not affect processing that occurred before withdrawal.

Right to nominate: you may nominate another person to exercise your data rights in the event of your death or incapacity under Section 14 of the DPDP Act.

Right to grievance redressal: you may raise a grievance with the Grievance Officer at hello@clairvyn.com under Section 13 of the DPDP Act. We aim to address grievances within the period required by law. Unresolved matters may be escalated to the Data Protection Board of India.

9.2 Rights Under the GDPR (Users in the EEA)

EEA Data Subjects have the following rights under the GDPR. Subject line prefix for all requests: GDPR Rights Request.

Right of access (Article 15): receive confirmation of whether we process personal data about you and a copy of that data with supplementary information.

Right to rectification (Article 16): request correction of inaccurate or incomplete data.

Right to erasure (Article 17): request deletion of personal data where the applicable legal basis no longer exists. This right is subject to exceptions, including legal retention obligations and the establishment or defence of legal claims.

Right to restriction (Article 18): request that we limit processing to storage only in specified circumstances, including while accuracy is contested, where processing is unlawful but you oppose erasure, or where you need data for legal claims.

Right to portability (Article 20): request your personal data in a structured, machine-readable format where processing is based on consent or contract and is automated.

Right to object (Article 21): object to processing based on legitimate interests at any time. We will cease that processing unless we demonstrate compelling legitimate grounds. You may object to direct marketing at any time with unconditional effect.

Rights related to automated decisions (Article 22): the Platform does not make decisions with legal or similarly significant effects on individuals through fully automated means. AI generation of design drafts does not constitute such a decision.

Right to lodge a supervisory authority complaint: you may contact the supervisory authority in your member state of residence, work, or the location of the alleged infringement. A directory of EEA supervisory authorities is available at https://edpb.europa.eu. You may also direct GDPR-related requests to hello@clairvyn.com.

Cross-border transfers: where we transfer personal data from the EEA to countries without an adequacy decision, we rely on appropriate transfer mechanisms under Article 46 of the GDPR, which may include standard contractual clauses or other approved mechanisms. The specific transfer mechanism may vary by recipient.

9.3 Rights Under the CCPA/CPRA (California Residents)

California residents have the following rights. Subject line prefix: CCPA Rights Request.

Right to know: categories of personal information collected, sources, business purposes, and categories of third parties with whom shared. Available twice per 12-month period at no charge.

Right to delete: request deletion of personal information, subject to exceptions for legal retention, fraud prevention, completing a transaction, and internal operational uses.

Right to correct: request correction of inaccurate personal information.

Right to opt out of sharing: Clairvyn does not sell personal information for monetary consideration. Partner Data sharing as described in this policy may constitute sharing under CPRA. You may opt out at any time through your Account settings or by contacting hello@clairvyn.com with subject line CCPA Opt-Out. We aim to honour Global Privacy Control signals from California users as opt-out signals for Partner Data sharing.

Right to limit sensitive personal information: we do not collect sensitive personal information as defined under Section 1798.140(ae) CCPA/CPRA.

Right to non-discrimination: we do not deny, degrade, or differentiate service based on your exercise of CCPA/CPRA rights. Differences in subscription plan pricing reflect the features of each plan.

10. Security

We apply technical, organisational, and procedural measures reasonably designed to protect information from unauthorised access, disclosure, alteration, and loss. These measures are commensurate with the nature of the data we hold and the risks of its processing. No security measure provides absolute protection, and we do not guarantee that the Platform is secure against all threats. You are responsible for maintaining the security of your Account credentials.

11. Cross-Border Transfers

We operate globally and transfer personal data internationally. We rely on appropriate legal mechanisms for cross-border transfers as required by applicable law. For transfers from the EEA, this may include standard contractual clauses approved by the European Commission or other mechanisms permitted under GDPR Article 46. For transfers from India, we apply safeguards consistent with the requirements of the DPDP Act. Transfer mechanisms may vary by recipient and may change over time.

12. Age Requirements

The Platform is intended for users who are at least 18 years of age. By creating an Account, you represent that you are at least 18 years old, or that you are between 13 and 18 and have obtained consent from your parent or legal guardian, with that parent or guardian agreeing to this Privacy Policy and our Terms of Service on your behalf.

We do not independently verify the age of Users. You accept responsibility for the accuracy of this representation. If we become aware that a User is under the age of 13 without verified parental consent, we will take reasonable steps to delete their Account and associated data. We do not knowingly collect personal data from children under 13 without parental consent.

13. Data Breach

In the event of a personal data breach, we will take steps required by applicable law, which may include notifying relevant regulatory authorities and affected Users within the timeframes specified by law. Our response to any breach will be guided by the severity of the breach, applicable legal requirements, and the practical measures available to us at the time.

14. Grievance Redressal

Grievance Officer: Ronak Marlecha, Co-Founder and CFO. Email: hello@clairvyn.com. Address: No. 136/1, No. 8/9, Parvallal Street, Murugappa Nagar, Ennore RS, Ambattur, Tiruvallur, Tamil Nadu 600057, India. We aim to acknowledge grievances promptly and resolve them within the period required by applicable law.

15. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify registered Users of material changes by email before they take effect, or by posting a notice on the Platform. The updated policy will show its effective date. Continued use of the Platform after a material change constitutes acceptance of the revised policy. If you do not accept a material change, you may close your Account by contacting hello@clairvyn.com.