Privacy Policy

Introduction

Welcome to Klime (“we,” “our,” or “us”). We are committed to protecting your privacy and ensuring you have a positive experience on our website and in using our products and services. This Privacy Policy outlines our practices regarding the collection, use, and disclosure of information when you use our Service. By using our Service, you agree to the collection and use of information in accordance with this policy, our Security Policy, and our Terms of Service.

Our Goals

We built Klime with privacy as a core principle. We believe in collecting only what's necessary and being transparent about how data flows through our system:

• Data Minimization: We collect and retain only the data necessary to provide our service. You control what events and user information you send to Klime through our SDKs.
• Tenant Isolation:Each customer's data is strictly isolated. Your analytics data cannot be accessed by other customers, and all queries are scoped to your organization.
• No Cross-Customer Data Sharing: We never combine or share data between customers. Your customer insights remain exclusively yours.
• Account Deletion: You can request deletion of your account and associated data at any time by contacting us. We will process deletion requests in accordance with applicable data protection laws.

Contact Information

Klime is operated by and a registered trade name of Vesper Interactive B.V., a company registered in the Netherlands. We encourage our customers to visit and meet us in person. Warning: You may get a hug.

Information We Collect

We only collect and store the minimum information necessary to provide our service:

• Email address (for account creation and notifications)
• Name (if provided)
• Organization name (for multi-tenant isolation)
• Profile image (if provided via your account or Google/Slack OAuth)
• Payment information (processed by Stripe, not stored by us)
• OAuth profile data when signing in via Google or Slack (name, email, profile image)

Analytics Data (Your Customer Data)

When you integrate our SDKs, or connect a third-party analytics tool (such as Segment, PostHog, or Google Tag Manager), we collect the event data you choose to send:

• Events:User actions and product interactions (e.g., “Button Clicked”, “Feature Used”)
• User identifiers: The user IDs you assign to identify your customers
• Group identifiers:Account, team, or organization IDs to identify your customer's company
• User traits: Profile information you send via identify calls (e.g., email, name, plan)
• Group traits: Organization-level attributes you send via group calls (e.g., company name, plan, employee count)
• Event context: SDK version, library identifier, and platform metadata sent alongside events

Important:You control what data is sent to Klime. Our SDKs only transmit the events and properties you explicitly track. When using third-party forwarding (Segment, PostHog, or GTM), you control which events are routed to Klime through those tools' configuration. We recommend not sending sensitive personal information (such as passwords, payment details, or health data) through any analytics integration.

AI Conversations

When you use our AI chat features (web or Slack), we store:

• Your questions and prompts
• AI-generated responses
• Tool calls and results (searches, data lookups)

This conversation history enables continuity across sessions and helps us improve our service.

Email Engagements

When you CC or forward emails to your organization's Klime email address:

• Email content (subject, body, attachments metadata)
• Sender and recipient information
• Email headers for threading and deduplication

We use AI to parse forwarded emails and extract relevant metadata. Email content may contain personal information about your customers.

Slack Integration

When you connect Klime to your Slack workspace:

• Slack team ID and name
• Bot access tokens (encrypted at rest using AES-256-GCM)
• Messages that mention @klime (for AI responses)
• Channel information where the bot is invited
• Alert and digest delivery preferences (channel IDs, frequency settings)

Slack Connect Conversations

When you invite @klime to a Slack Connect shared channel, we store message content from that channel to provide conversation tracking and AI-powered insights. This includes:

• Message text and timestamps
• Display names of participants (both internal and external)
• Whether a participant is external to your workspace
• Thread structure

Stored messages are used to generate daily transcript summaries on your customer pages and can be referenced by the AI assistant. External participants in shared channels are visible to your team but their data is not shared with other customers.

CRM Integration (Pipedrive)

When you connect Klime to your Pipedrive account:

• OAuth access and refresh tokens (encrypted at rest using AES-256-GCM)
• Pipedrive organization, person, and deal metadata used for customer matching
• Contact email addresses for matching Pipedrive contacts to your analytics data
• Mail thread metadata synced from connected Pipedrive mailboxes

We use this data to link CRM records to your product analytics and surface relevant context on customer detail pages. Pipedrive data is scoped to your organization and not shared with other customers.

Custom Email Domains

When you configure a custom email domain for outreach, we store the domain name, DNS verification records, and sending configuration. DNS records are managed through our email provider (Resend) and verified to confirm domain ownership.

AI Memory

Our AI assistant can store persistent context about your organization (such as product terminology or business context you share in conversation) to improve future responses. This memory is scoped to your organization and can be viewed and managed in your settings.

Technical Information

We collect minimal technical information for service functionality:

• IP address (for security and rate limiting)
• Browser type and version (for compatibility)
• SDK version and platform (for debugging and compatibility)
• Session information (for authentication)

How We Use Your Information

We use the collected information for the following purposes:

• To provide and maintain our Service
• To generate customer health scores, churn risk detection, and growth signals from your analytics data
• To compute feature adoption metrics across your customer base
• To power the AI assistant, which can query your analytics data, explore events, and draft customer outreach
• To generate AI-powered insight descriptions, event classifications, and conversation summaries
• To parse inbound emails and match them to your customers
• To send daily and weekly digests via Slack and email
• To deliver real-time alerts for configured events
• To match and link CRM records to your product analytics
• To enable engagement tracking for customer communication
• To analyze your website during onboarding to suggest AI context for your organization
• To notify you about changes to our Service
• To provide customer support
• To detect, prevent, and address technical issues and abuse
• To comply with legal obligations

Data Sharing and Disclosure

We do not sell, trade, or otherwise transfer your personal information to third parties, except as described below:

AI Service Providers

To provide AI-powered features, we share relevant context with Anthropic (Claude). AI is used for:

• Chat responses (web and Slack): your questions, conversation history, and analytics context needed to answer them
• Insight generation: aggregated metrics and activity timelines to produce human-readable insight descriptions
• Email parsing: inbound email content to extract structured metadata and match emails to customers
• Event classification: event name lists to suggest display names and categories
• Outreach drafting: customer context to generate draft messages
• Slack conversation summaries: message content from monitored channels to produce daily transcripts
• Website analysis: publicly available website content during onboarding to suggest AI context

We minimize the data shared with AI providers to what is necessary for each specific task. Anthropic does not train models on your data. All AI processing is scoped to your organization.

Essential Service Providers

We work with trusted partners who assist us in operating our service:

• Analytics infrastructure: Tinybird for event storage and aggregation
• Authentication: Google and Slack as OAuth providers for sign-in
• Cloud infrastructure: Amazon Web Services for compute (ECS/Fargate), edge delivery (CloudFront), message queuing (SQS), and PostgreSQL database hosting (RDS Aurora). Account and engagement data is stored in the EU.
• Communication tools: Slack for bot integration, notifications, and conversation monitoring
• CRM integration: Pipedrive for CRM data sync (when you connect your Pipedrive account)
• Email services: Resend for transactional emails, inbound email processing, and custom domain management
• Error monitoring: Sentry for application error tracking and debugging
• Payment processors: Stripe for billing and subscription management

These partners have access only to specific information needed to perform their functions and are contractually obligated to maintain confidentiality.

Legal Requirements

We may disclose your information if required by law, court order, or legal process, or if we believe disclosure is necessary to protect our rights, your safety, or the safety of others. We will notify you of such requests unless prohibited by law.

Data Security

We implement industry-standard security measures to protect your information, including encryption in transit and at rest, tenant isolation, and restricted access controls. See our Security Policy for details on our security practices.

Data Retention

We retain your information as follows:

• Account information (email, name) — retained until account deletion
• Organization settings and preferences — retained until account deletion
• Event data — retained for the duration of your subscription
• User and group traits — retained for the duration of your subscription
• Conversation history — retained until account deletion or manual clearing
• AI memory — retained until manually deleted or account deletion
• Email engagements — you can hide individual engagements from your timeline at any time
• Email content and metadata — retained until account deletion
• Slack messages (from monitored Slack Connect channels) — retained until account deletion
• CRM data (Pipedrive contacts, organizations, mail metadata) — retained while the integration is connected; removed on disconnection or account deletion
• Custom domain configuration — retained while the domain is connected; DNS records removed on disconnection
• Hidden events and customers — data is retained but excluded from dashboards, insights, and AI processing. You can unhide at any time to restore visibility.

To request deletion of your account and data, contact us at hello@klime.com.

Your Rights

We believe you should have complete control over your data. Under applicable data protection laws (including GDPR and CCPA), you have the following rights:

• Access & Portability: Request copies of your account data and analytics
• Correction: Update or correct your account information at any time
• Deletion: Request deletion of your account and all associated data
• Restriction: Limit how we process your data while maintaining your account
• Objection: Object to specific processing activities

For any data requests or questions, contact us at hello@klime.com.

Cookies and Tracking Policy

We use only essential cookies that are necessary for the basic functionality of our Service:

• Authentication cookies to maintain your logged-in session
• Session cookies for security and CSRF protection

We do not use:

• Third-party analytics or tracking cookies
• Advertising pixels or retargeting
• Cross-site tracking
• Behavioral profiling cookies

Your Customer Data and Privacy

As a customer intelligence platform, we process data about your customers on your behalf. You are the data controller for your customer data, and we act as a data processor.

You are responsible for:

• Ensuring you have appropriate consent or legal basis to collect and share data with us
• Providing privacy notices to your users about your use of analytics tools
• Complying with applicable privacy laws in your jurisdiction

To help you maintain privacy compliance, we can delete specific user or group data upon request. Contact us at hello@klime.com.

International Data Transfers

Your information may be transferred to and processed in countries other than your own, including the United States and European Union. We ensure that such transfers are conducted in accordance with applicable data protection laws and implement appropriate safeguards, including Standard Contractual Clauses where required.

Children's Privacy

Our Service is not intended for use by children under the age of 13. We do not knowingly collect personal information from children under 13. If you become aware that a child has provided us with personal information, please contact us immediately.

Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the “Last updated” date. For significant changes, we may also notify you via email.

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

Questions About Your Privacy?

We're committed to transparency about our privacy practices. If you have any questions about this policy, how we handle your data, or want to exercise your rights, we're here to help.