Last Updated: 13th April 2025
At Clabaire, we are committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your personal information when you use our website and services.
Contact: support@clabaire.com. You can reach us at any time with privacy questions using this email.
1. Information We Collect
We only collect the minimum personal information required to provide our services.
A. When You Sign Up for an Account
We collect:
- Name
- Email Address
- A password (stored in encrypted form — we cannot see it)
B. When You Subscribe to Our Services
We do not collect or store your payment card details. When you subscribe, you are redirected to Stripe, who handles all payment information. On our website, we only store your Stripe customer identifier and subscription details (status, renewal date, price) so we can manage your access.
Your full card number, expiration date, security code, billing address, and country are entered directly into Stripe and are never stored on our servers. These details remain with Stripe and can be managed through Stripe’s billing portal.
Automatically when you use our site:
- One essential session cookie to keep you logged in
- Server log files (IP address, browser type, pages visited) retained briefly for security purposes
We do not use tracking cookies, analytics cookies, advertising cookies, or social media cookies. Form submissions are processed without storing your IP address.
2. Legal Basis for Processing
We process your personal data on the following legal bases (as required by GDPR Article 6):
- Contract performance: to deliver the course you have subscribed to, manage your account, and process your payments.
- Legitimate interest: to prevent fraud, maintain site security, and improve our service.
- Legal obligation: to meet tax, accounting, and other statutory requirements under Austrian law.
3. How We Use Your Information
We use the collected data to:
- Provide access to courses, lessons, and premium content.
- Manage user accounts and process payments.
- Send transactional emails (welcome, cancellation, goodbye)
- Respond to support requests
- Meet legal, tax, and security requirements
We do not share, sell, or rent your data to third parties.
4. Payment Processing
We use Stripe to process payments. Stripe is PCI-DSS compliant and handles all payment data directly. When you subscribe:
- You enter your payment details on Stripe’s hosted checkout page
- Stripe processes the payment and notifies us of the outcome
- We receive only non-sensitive information about your subscription (status, currency, last 4 digits)
Stripe’s own privacy policy applies to your payment data: https://stripe.com/privacy
5. Email Delivery
Transactional emails (welcome, cancellation, account notifications) are sent from our own mail server. We do not use third-party email marketing or transactional email services. Email content is not shared with any external provider beyond your own email provider, which is naturally required for delivery.
6. No Tracking or Third-Party Services
We respect your privacy and do not use the following tracking technologies:
- Google Analytics or other analytics services
- Advertising trackers (Google Ads, Facebook Pixel, etc.)
- Session recording or heatmap services
- Keystroke logging
- Remarketing audiences
- Social media tracking pixels
Your activity on our website is not monitored for advertising or behavioral profiling.
7. International Data Transfers
Some of your personal data may be transferred outside the European Economic Area, primarily to Stripe Inc. (USA) for payment processing. Stripe relies on Standard Contractual Clauses approved by the European Commission to ensure your data receives equivalent protection to that required under EU law. No other international transfers take place.
8. Data Protection & Security
We implement reasonable measures to protect your data:
- HTTPS encryption for all traffic to and from our website
- Secure storage of account credentials (passwords are hashed)
- Secure payment processing through Stripe
- Limited data collection — we only collect what is essential
- Access to personal data is restricted to the site owner
9. Your Rights
Under the EU General Data Protection Regulation (GDPR), you have the right to:
- Access the personal data we hold about you
- Rectify inaccurate or incomplete data
- Erase your data (“right to be forgotten”)
- Restrict or object to processing in certain circumstances
- Data portability — receive your data in a structured, machine-readable format
- Withdraw consent at any time where processing is based on consent
To exercise any of these rights, contact us at support@clabaire.com.
You also have the right to lodge a complaint with a supervisory authority. In Austria, this is the Datenschutzbehörde (https://www.dsb.gv.at). If you reside in another EU country, you may complain to the authority in your country of residence.
10. Data Retention
- Active accounts: retained for as long as your account is active
- Subscription records: retained for 7 years after your last transaction, as required by Austrian tax law (§ 132 BAO)
- Server logs: retained briefly for security purposes
- Deleted accounts: personal data is deleted within 30 days of your account deletion request, except for invoice records retained for the 7-year tax period
11. Children
Our services are not directed at children under 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will delete it.
12. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. Any changes will be posted on this page with a revised last updated date. Material changes will be communicated via email to active subscribers.