Privacy Policy

Client Alcove ("we", "us", "our") provides a client collaboration portal for freelancers and small agencies (the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard information when you use the Service and our website.

1. Who we are

Data Controller: Client Alcove.
Contact: privacy@clientalcove.com

2. Information we collect

• Account information: name, email address, password (hashed), profile details.
• Client & project content: files, messages, comments, and metadata you upload or create while using the Service.
• Billing information: payment method and billing details are processed by our payment processor (e.g., Stripe). We store limited billing metadata (subscription plan, status, last 4 digits, expiry month/year).
• Usage data: log data, device information, IP address, timestamps, pages viewed, referrers, and actions taken (e.g., file uploads, invites).
• Cookies & similar technologies: cookies, local storage, and pixels for authentication, preferences, analytics, and marketing.

3. How we use information

• Provide, operate, and maintain the Service.
• Authenticate users and secure accounts.
• Process subscriptions and payments.
• Send transactional messages (invitations, notifications, receipts).
• Monitor usage, improve features, and develop new functionality.
• Provide customer support and respond to enquiries.
• Comply with legal obligations and enforce our Terms.
• With consent, send product updates and marketing communications (you can opt out at any time).

4. Legal bases (EEA/UK users)

• Contract: to provide the Service you requested.
• Legitimate interests: to secure the Service, prevent abuse, and improve the product.
• Consent: for non-essential cookies or marketing emails.
• Legal obligation: to keep certain records for tax and compliance.

5. Sharing of information

We share information with trusted processors as needed to run the Service (e.g., cloud hosting, storage, analytics, email delivery, and payments). These providers process data under our instructions and appropriate safeguards. We may disclose information if required by law or to protect rights, safety, and integrity of the Service.

6. International data transfers

If we transfer your personal data outside the UK/EEA, we use appropriate safeguards such as the UK International Data Transfer Addendum and/or the EU Standard Contractual Clauses, plus supplementary measures where necessary.

7. Data retention

We keep personal data only as long as needed for the purposes above and to comply with legal obligations. You can request deletion of your account and associated content (subject to certain exclusions such as billing records we must retain).

8. Your rights (EEA/UK)

• Access, correct, or delete your personal data.
• Object to or restrict certain processing.
• Data portability.
• Withdraw consent at any time (where processing is based on consent).
• Lodge a complaint with your local supervisory authority (e.g., ICO in the UK).

To exercise rights, contact privacy@clientalcove.com.

9. Security

We use technical and organisational measures to protect your information (encryption in transit, role-based access controls, private storage buckets, signed URLs, and regular security reviews). No method of transmission or storage is 100% secure; use strong passwords and enable available security controls.

10. Children

The Service is not directed to children under 16. If you believe a child has provided us personal data, contact us to request deletion.

11. Third-party links

Our website may link to third-party sites. Their privacy practices are governed by their own policies.

12. Changes to this policy

We may update this Privacy Policy from time to time. We will post the new version and update the "Last updated" date. Material changes may be communicated by email or in-product notice.

13. Contact

Questions or requests: privacy@clientalcove.com