Privacy Policy
Effective date: April 13, 2026
Your privacy is our business. ClearOps protects your privacy by making sure to collect and handle personal information in a responsible way. Our privacy policy takes dives deep into exactly how ClearOps collects and uses your personal information. It’s highlighting your rights when it comes to personal data and how you can argue your rights.
”ClearOps”, ”we” ”our”, or ”us” refers to ClearOps GmbH, Baierbrunner Straße 21, 81379 Munich. In accordance with EU data protection legislation, we are responsible for the personal data that you provided us with, or that we collected from you. All processing of your personal data by ClearOps is done in accordance with applicable data protection legislation.
The Privacy Policy about data protection applies to the use of the website www.clearops.com.
1. General
Contact ClearOps’ Data Protection Office at any time at privacy@clearops.com to exercise your rights under applicable data protection laws.
ClearOps has appointed an external Data Protection Officer (DPO) in accordance with Art. 37 GDPR. You can reach the DPO at: privacy@clearops.com.
2. Data processing
ClearOps is responsible for the personal data collected and processed by us and our subcontractors within the framework of our services (the “ClearOps Services”) and for the processing of personal data through our digital channels, such as this website and/or other digital touch points.
2.1. Types of processed data
- Name
- Address data (street, house number, postal code and city)
- Contact data (e. g. email, phone numbers)
- Content data (e.g. text entries, history);
- Usage data (e.g. visited websites, access times, location);
- Meta/communications data (e.g. device information, IP addresses);
ClearOps does not process special categories of personal data.
2.2. Categories of Data Subjects
“User”, “you” or “yours” refers to you as the visitors, supplier’s, partner’s, vendor’s, customer’s and users of ClearOps Services.
2.3. Purpose of processing
When processing data, ClearOps ensures compliance with contractual, legal, and security obligations while enhancing service functionality and user experience. Whenever possible, only anonymized data will be used to achieve these objectives. We process your personal data for the following purposes:
2.3.1. Provide and Administrate Your Access to ClearOps Services
ClearOps must process User data to verify identity, create and manage accounts, and facilitate authentication for secure access. This includes managing subscriptions, user preferences, and permissions within the service environment. The legal basis for this processing is Art. 6(1)(b) GDPR (performance of a contract).
2.3.2. Fulfill Our Contractual and Legal Obligations
Data processing ensures that ClearOps can comply with agreements made with users. Legal obligations such as invoicing, tax regulations, financial reporting, and compliance with data protection laws (e.g., GDPR) require the collection and storage of certain User information. The legal basis for this processing is Art. 6(1)(b) GDPR (performance of a contract).
2.3.3. To Answer Customer Service Issues
User interactions and queries require data processing to identify accounts, track service usage, and resolve complaints or inquiries efficiently. This may include analyzing previous interactions and troubleshooting service issues. The legal basis for this processing is Art. 6(1)(b) GDPR (performance of a contract).
2.3.4. Data Analytics
Data analytics help tailor ClearOps Services to individual User preferences, optimizing functionality and navigation. User behavior insights allow for a more personalized experience, enhancing usability and efficiency. Where possible, anonymized data will be utilized to enhance the user experience. The legal basis for this processing is Art. 6(1)(a) GDPR (consent).
2.3.5. Secure Information and Infrastructure to Provide ClearOps Services
Security measures such as encryption, fraud detection, and access control mechanisms rely on data processing. Monitoring and logging User activities help prevent unauthorized access and maintain the integrity of the system. Processing data aids in detecting suspicious activities, preventing fraudulent transactions, and mitigating security risks. This includes identifying policy violations, restricting unauthorized activities, and conducting internal investigations if necessary. Wherever possible, anonymized data will be used to prevent and investigate misuse without compromising security. The legal basis for this processing is Art. 6(1)(f) GDPR (legitimate interest) and Art. 6(1)(c) GDPR (legal obligations).
2.3.6. Further Develop the ClearOps Services
Collected data supports product improvements, feature enhancements, and innovation in services. Feedback analysis and usage statistics help identify trends and areas for technological advancements. Anonymized data will be prioritized for development purposes. The legal basis for this processing is Art. 6(1)(a) GDPR (consent).
2.3.7. Google Analytics
We use Google Analytics, a web analytics service provided by Google LLC (Google Ireland Limited for users in the EU), to analyze and improve the performance of our website. Google Analytics uses cookies to collect information about how visitors use our website. The data generated by these cookies is usually transmitted to a Google server in the United States and stored there. However, due to IP anonymization, your IP address will be shortened beforehand within the European Union or the European Economic Area, ensuring that no direct personal identification is possible.
The collected data may also be transferred to servers of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. For the USA, there is an adequacy decision by the European Commission ("EU-U.S. Data Privacy Framework"), on the basis of which Google is obliged to maintain an adequate level of data protection. The processing of data is based on your consent according to Art. 6(1) (a) GDPR. You can revoke your consent at any time. Further information about Google Analytics’ data processing can be found in Google’s privacy policy at https://policies.google.com/privacy.
2.3.8. Rollbar
We use Rollbar, an error monitoring service provided by Rollbar, Inc., 548 Market St, Suite \#60587, San Francisco, California 94104-5401, USA, to diagnose and resolve incidents when users report errors or when we otherwise become aware of malfunctioning features. In this context, Rollbar helps us reproduce and remediate faults by processing technical error data generated at the time of the issue (e.g., time of the error, error messages/stack traces, device and browser information, and potentially IP address or identifiers contained in the transmission). This processing is carried out on the basis of our legitimate interests in ensuring the security, stability, and proper operation of our website and services pursuant to Art. 6(1)(f) GDPR.
Where we use Rollbar for ongoing monitoring and trend analysis (e.g., continuous collection of error events and diagnostics to detect patterns, identify recurring issues, and improve reliability and performance), we process the related data on the basis of your consent pursuant to Art. 6(1)(a) GDPR. You may withdraw your consent at any time with effect for the future via our consent management/cookie settings.
Data transfers to the USA.
Because Rollbar, Inc. is based in the United States, data may be transferred to the USA. Such transfers may be based on the European Commission’s adequacy decision for the EU-U.S. Data Privacy Framework where applicable, and/or on appropriate safeguards such as the EU Standard Contractual Clauses (Art. 46 GDPR) as incorporated in Rollbar’s data protection documentation (DPA/SCCs) https://docs.rollbar.com/docs/privacy-policy.
Further information on Rollbar’s data processing can be found in Rollbar’s privacy policy: https://docs.rollbar.com/docs/privacy-policy.
2.3.9. Amplitude
We use Amplitude, a product analytics service provided by Amplitude, Inc., 201 3rd Street, Suite 200, San Francisco, CA 94103, USA, to diagnose and resolve technical issues where this is necessary to handle customer-initiated support requests (for example, when we investigate reported malfunctions by reviewing relevant usage signals and technical diagnostics associated with the reported issue). This processing is carried out on the basis of our legitimate interests in ensuring the stability, security, and proper operation of our website and services pursuant to Art. 6(1)(f) GDPR.
Where we use Amplitude for continuous monitoring and analysis of how our website and features are used (e.g., to understand interaction patterns and systematically improve performance and usability), we process the related data on the basis of your consent pursuant to Art. 6(1)(a) GDPR. You may withdraw your consent at any time with effect for the future via our consent management/cookie settings (Opt-out tool: Click on consent manager button bottom-right of the screen). Further information on Amplitude’s processing can be found in Amplitude’s Privacy Notice at https://amplitude.com/privacy.
Because Amplitude, Inc. is based in the United States, personal data may be transferred to the USA. Such transfers may be based on the European Commission’s adequacy decision for the EU-U.S. Data Privacy Framework (where applicable) and, as an additional safeguard/fallback, on the EU Standard Contractual Clauses (Art. 46 GDPR) as incorporated into Amplitude’s Data Processing Addendum.
2.3.11. Salesforce and Marketing Automation (Pardot)
We use Salesforce (Salesforce, Inc., USA) and Salesforce Pardot for processing enquiries submitted through web forms on our website (e.g., demo requests, event registrations, whitepaper downloads) and for marketing automation purposes including email campaigns and lead nurturing. When you submit a form, the data you enter (typically name, email address, company, and your enquiry) is transmitted to Salesforce servers. For email communications sent via Salesforce, we may track whether emails are opened and whether links are clicked. Form submissions for the purpose of responding to your enquiry are processed on the basis of Art. 6(1)(b) GDPR (pre-contractual measures). Email tracking and marketing automation activities are based on your consent pursuant to Art. 6(1)(a) GDPR. Salesforce, Inc. is certified under the EU-U.S. Data Privacy Framework. Further information is available at https://www.salesforce.com/company/privacy/.
2.3.12. Advertising and Conversion Tracking
We use Google Ads (including Google DoubleClick, Google Conversion Linker, and Google Syndication) and LinkedIn Insight Tag to measure the effectiveness of our advertising campaigns and to understand how users interact with our website after viewing or clicking on an advertisement. These services place cookies and use tracking pixels that may transmit data (including your IP address and browsing behaviour) to servers of Google LLC (USA) and LinkedIn Corporation (USA). Both providers are certified under the EU-U.S. Data Privacy Framework. The processing is based on your consent pursuant to Art. 6(1)(a) GDPR in conjunction with § 25 TDDDG. You may revoke your consent at any time through our consent management tool.
2.3.13. Embedded Third-Party Content
Our website embeds content from third-party providers to display videos, presentations, and scheduling functionality. This includes YouTube (Google LLC, USA), Vimeo (Vimeo, Inc., USA), Canva (Canva Pty Ltd, Australia), LinkedIn (LinkedIn Corporation, USA), and Microsoft Bookings (Microsoft Corporation, USA). When you access a page containing embedded content, a connection is established to the respective provider’s servers and your IP address is transmitted. These providers may also set cookies. Where embedded content loads automatically upon page access, the processing is based on your consent pursuant to Art. 6(1)(a) GDPR in conjunction with § 25 TDDDG. For scheduling tools used to book appointments, the processing is based on Art. 6(1)(b) GDPR (pre-contractual measures). Google LLC, LinkedIn Corporation, and Microsoft Corporation are certified under the EU-U.S. Data Privacy Framework.
2.3.14. External Resources and Content Delivery
Our website loads external resources to ensure proper display and functionality. This includes Google Fonts (loaded via the Google Webfonts API from Google LLC servers), jsDelivr, UNPKG, and other content delivery networks. When your browser requests these resources, your IP address is transmitted to the respective provider. The use of externally hosted fonts and libraries is a technical constraint of the current website platform. We plan to migrate to locally hosted resources in a future version of the website. The processing is based on Art. 6(1)(f) GDPR (legitimate interest in the correct display and functionality of our website).
2.3.15. B2B Website Analytics (SalesViewer)
We use SalesViewer (SalesViewer GmbH, Germany) to identify which companies visit our website based on IP address resolution. SalesViewer does not identify individual persons but associates website visits with company-level information derived from publicly available IP registration data. The processing is based on Art. 6(1)(f) GDPR (legitimate interest in understanding corporate interest in our services). You may object to this processing at any time.
2.3.16. Website Hosting and Infrastructure
Our marketing website is hosted on Webflow (Webflow, Inc., USA). Webflow’s infrastructure uses Cloudflare (Cloudflare, Inc., USA) as a content delivery network and Fastly (Fastly, Inc., USA) as a load balancer. When you visit our website, your IP address and request metadata are processed by these infrastructure providers as part of normal web hosting operations. Google Tag Manager (Google LLC, USA) is used as a technical tag management container to load the analytics and marketing scripts described in this policy; Google Tag Manager itself does not collect personal data. Webflow, Inc., Cloudflare, Inc., Fastly, Inc., and Google LLC are certified under the EU-U.S. Data Privacy Framework. The processing is based on Art. 6(1)(f) GDPR (legitimate interest in operating a functional and secure website).
2.3.17. Processing of Personal Data in the Context of Job Applications
If you apply for a position with us, we process the personal data you provide as part of the application process (e.g., contact details, résumé, certificates, qualifications). This data is processed solely for the purpose of carrying out the application procedure and making a decision regarding the establishment of an employment relationship. Your data will only be shared internally with individuals involved in the specific recruitment process. It will not be disclosed to third parties. If no employment relationship is established, your data will be deleted no later than six months after the conclusion of the application process, unless legal retention obligations apply or you have explicitly consented to longer storage (e.g., for inclusion in a talent pool). The legal basis for processing your application data is § 26 BDSG in conjunction with Art. 6(1)(b) GDPR. Where you consent to inclusion in our talent pool for future opportunities, the legal basis for continued storage is Art. 6(1)(a) GDPR. Applications are managed through our applicant tracking system Personio (Personio SE & Co. KG, Germany), which is embedded on our careers page.
2.4. Data Not Collected Directly from You (Art. 14 GDPR)
In the context of our sales and marketing activities, our Sales team may supplement existing contact records with publicly available professional information obtained from business networking platforms (in particular LinkedIn) and company websites. This typically includes professional contact details such as name, job title, employer, and business email address. This data is used for direct business communication, event invitations, and maintaining accurate customer and prospect records. The processing is based on Art. 6(1)(f) GDPR (legitimate interest in maintaining accurate business contacts and conducting targeted B2B outreach). Data subjects are informed of the processing at the latest upon first communication. You may object to this processing at any time by contacting us at privacy@clearops.com.
3. Cookies
Cookies are a standard technology consisting of small text files stored on the User's device. We use both first-party cookies and third-party cookies, which might receive your personal data. They help enhance browsing experience by making the website more convenient and secure. Additionally, cookies can be used to tailor website content to visitors’ interests or improve offerings through statistical analysis. The processing of personal data through cookies that are essential for the website’s operation and functionality is carried out as necessary. All other cookies (Analytics, Marketing and Personalization) require your consent, which can be managed via our consent banner you can always access at the bottom of the website. The storage of and access to information on your device through non-essential cookies requires your prior consent pursuant to § 25 of the German Telecommunications Digital Services Data Protection Act (TDDDG).
Users can also manage their cookie preferences through their browser settings, or our cookies consent manager. However, it is important to note that disabling cookies may limit or even prevent certain website functionalities.
4. Legal bases and storage period
Unless explicitly stated otherwise, we retain your personal data only for as long as necessary to fulfill the intended purposes or as required by applicable retention regulations. Additionally, your data will be deleted once it is no longer needed to comply with contractual or legal retention obligations (e.g., tax and commercial law requirements) or to address potential warranty and similar obligations.
We may also retain your personal data for the purpose of asserting, exercising, or defending legal claims. If your data can no longer be processed for its original purpose but is still subject to retention requirements, it will be archived and removed from active processing or storage locations. It will then be fully deleted from operational systems, with access strictly restricted.
Once all retention obligations have been met, legal rights to storage have expired, and applicable deletion periods have lapsed, the relevant data will be permanently deleted as part of our routine processes.
5. Your rights as a Data Subject
Under applicable law, you are entitled to the following rights concerning your personal data. If you wish to exercise these rights, please submit your request to the Data Protection Officer via email or postal mail, ensuring that your identity is clearly stated (see Section 1).
5.1. Right of access
You have the right to request confirmation from us regarding whether your personal data is being processed. If so, you are entitled to receive, at no cost, information about the personal data we have stored about you, along with a copy of that data.
5.2. Right to rectification
You have the right to request the prompt correction of any inaccurate personal data we hold about you. Additionally, considering the intended purposes, you may also request the completion of any incomplete personal data, including through a supplementary statement.
5.3. Right to erasure ("Right to be forgotten")
You have the right to request the immediate deletion of your personal data, and we are obligated to comply unless legal or contractual obligations require us to retain certain records. In such cases, further processing of your data will be restricted.
If we have made your personal data public and are required to erase it, we will take appropriate measures, considering available technology, implementation costs, and technical feasibility, to inform relevant data controllers of your request to delete any copies or replications of the data.
5.4. Right to restriction of processing
You have the right to request a restriction on the processing of your data, particularly in cases where immediate deletion is not feasible. Additionally, you may ask us to limit processing to only the personal data essential for the provision of our ClearOps Services.
5.5. Right to data portability
You have the right to obtain the personal data you have provided to us in a structured, commonly used, and machine-readable format. Additionally, you have the right to transfer this data to another controller without any interference from us.
5.6. Right to object
You have the right to object, at any time and for reasons related to your particular situation, to the processing of your personal data, including profiling based on relevant provisions. In such cases, we will cease processing your personal data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or if the processing is necessary for the establishment, exercise, or defense of legal claims.
5.7. Right of withdrawal of a declaration of consent given under data protection law
You have the right to withdraw your previously given consent for data processing at any time, without the need to provide a reason. If there is no other legal basis justifying the continued processing of your data, your personal information must be promptly deleted. Otherwise, the processing of your personal data must be temporarily restricted (blocked).
5.8. Right to appeal to a supervisory authority
You have the right to appeal to a supervisory authority, particularly in the Member State of your residence, workplace, or the location where the alleged infringement occurred, if you believe that the processing of your personal data is unlawful.
For ClearOps the competent supervisory authority is the Bayerische Landesamt für Datenschutzaufsicht, Promenade 18, D-91522 Ansbach, Germany. Email: poststelle@lda.bayern.de.
6. Data security
We are committed to ensuring the security of your personal data in accordance with applicable data protection laws and the best available technical measures. To protect your data from accidental or unlawful destruction, loss, alteration, unauthorized access, disclosure, or any other unlawful forms of processing, we implement a range of technical, physical, and organizational safeguards.
All personal data transmissions, including order processing and customer logins, are encrypted using the SSL (Secure Socket Layer) protocol. However, we must highlight that data transmission over the Internet, particularly via email communication, may still present security vulnerabilities, and complete protection cannot be guaranteed.
Access to personal data is strictly controlled and limited to authorized personnel, who can only retrieve data via encrypted connections. By default, access to personal data is blocked, and only employees with specific authorization are granted access based on a strict role and permission framework. Furthermore, our system’s performance and availability are continuously monitored by both internal and external services to maintain security and reliability. Our technical and organizational security measures are regularly updated to align with the latest technological advancements.
While we strive to provide uninterrupted service, we cannot guarantee availability at all times, as occasional disturbances, interruptions, or failures may occur. In the unfortunate event of a data breach that poses a risk to your personal information, we will promptly notify you and the relevant regulatory authorities. Our notification will include details on the extent of the breach, the data involved, potential impacts on the service, and the measures we are taking to secure the data and mitigate any adverse effects.
7. Automated decision-making
No automated decision-making will be done on the basis of the collected personal data.
8. Transfer of data to third parties, data transfer to non-EU/EEA countries
8.1. General
We generally use your personal data exclusively within our company. ClearOps may share your personal data to partners who perform services on behalf of ClearOps. These recipients only have the right to process your personal data in connection with performing a service for ClearOps. Your data will only be shared with third parties under specific circumstances: if you have given your explicit consent, if the transfer is necessary for the fulfillment of a contract, if we are legally required to do so (e.g., for tax compliance or participation in criminal investigations), or if the transfer is necessary to protect our legitimate interests, provided that your fundamental rights and freedoms requiring the protection of personal data do not outweigh these interests.
When third parties are involved in fulfilling contractual obligations, they will receive personal data only to the extent necessary for the provision of their respective services. If we engage external service providers for data processing, we ensure through contractual agreements that they process personal data strictly in compliance with data protection laws and this Privacy Policy, while also safeguarding the rights of the individuals concerned.
Furthermore, the transfer of personal data to institutions or individuals outside the EU/EEA is only permitted under the conditions set out in Article 44 and subsequent provisions GDPR. In such cases, adequate protection is ensured through appropriate safeguards, such as the EU Commission’s standard contractual.
8.2. Website Hosting
The hosting services provided by Amazon Web Services EMEA Sarl support the operation of our online platform by offering essential infrastructure and platform services, computing capacity, storage space, database solutions, security measures, and technical maintenance. To enhance security, we also utilize the Amazon Web Application Firewall. Further details regarding data protection and IT security can be found at AWS Privacy.
The processing of your personal data is based on our legitimate interest in ensuring the efficient and secure operation of this online platform. Data is stored in the AWS Ireland region. Additionally, AWS Web Services participates in the EU-US Data Privacy Framework, which governs the lawful and secure transfer of personal data from EU citizens to the United States when necessary. More information on this framework is available at European Commission.
9. Changes to the Data Protection Declaration
We reserve the right to make changes to this Privacy Policy. If such changes occur, the latest version will be available on our website, www.clearops.com.
(Last update: April 2026)