Privacy Policy

Your Privacy Matters to Us

Explore our Privacy Policy to learn how we collect, use, and safeguard the information you share with us.

Privacy Policy

Your Privacy Matters to Us

Explore our Privacy Policy to learn how we collect, use, and safeguard the information you share with us.

Updated

October 2025

Privacy Policy


This Privacy Policy describes the policies and procedures of Claribi OÜ (“Claribi”, “Claribi Console”, “company”, "we," "our," or "us") on the collection, use, and disclosure of your information when you access our website located at https://claribi.ai/ (including any subdomains, the "Site") or utilize our AI-powered analytics platform (the "Service").


By accessing or using our Site or Service, you signify that you have read, understood, and agree to our collection, storage, use, and disclosure of your personal information as described in this Privacy Policy and our Terms of Service.


This policy applies to all visitors of our Site and registered users of our Service. We are committed to protecting and respecting your privacy in compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR).


Our Service is engineered on a "zero-data-exposure" principle. The Service is designed to provide AI-driven insights for Power BI by exclusively processing report metadata. We do not access, store, copy, or otherwise process the underlying raw data contained within your reports. This is contingent on your correct use and configuration of the Service. You are responsible for the metadata you upload to the Service.



Owner and Controller

The "provider", "website owner", and "personal data controller" (jointly the "Controller") of https://claribi.ai/ as defined by the GDPR and other applicable regulations on the protection of personal data is:

  • Company: Claribi OÜ

  • Legal address: Harju maakond, Tallinn, Kesklinna linnaosa, Ahtri tn 12, 15551

  • Register Code: 17294684

  • Country of incorporation: Republic of Estonia

  • Contact Email: info@claribi.ai



Information We Collect

We may collect and process the following data about you, which we categorize as follows:

A. Information You Voluntarily Provide:

  • Contact and Professional Data: When you complete a form to request a demonstration, initiate a free trial, or contact us for inquiries, we collect personal identifiers and professional information. This includes, but is not limited to, your full name, email address, company name, job title, and the content of your correspondence.

  • Account and Payment Data: Upon subscribing to a commercial plan for our Service, we collect information necessary for account registration and billing. This may include your name, email address, billing address, and payment information. All payment card data is securely processed by our designated third-party payment processors. We do not retain or store full payment card details on our servers.

  • Service-Related Metadata: To provision the Service, our platform requires the uploading of Power BI report metadata. This metadata, which includes data such as report names, table structures, and column identifiers, is necessary to enable the natural language query functionality. We explicitly do not collect or process the underlying business data in your reports. You acknowledge that metadata fields (such as table names, report names, or column identifiers) may themselves contain sensitive or personal information. You are solely responsible for reviewing, anonymizing, or pseudonymizing your metadata before uploading it to the Service. Our 'zero-data-exposure' principle refers to the underlying raw data within your reports, which we are architecturally prevented from accessing, not the metadata you choose to upload.


B. Information Collected Automatically:

  • Log and Usage Data: We automatically collect technical data when you interact with our Site and Service. This information may include your Internet Protocol (IP) address, browser type and version, operating system, device information, pages viewed, access times, and referring website addresses. This data may be used in an aggregated or anonymized form for statistical analysis.

  • Cookies and Tracking Technologies: We utilize cookies and similar tracking technologies to monitor activity on our Site and store certain information. This data is used to analyze Site performance, optimize user experience, and ensure the functionality of our Site.

  • Analytics: We may engage third-party analytics service providers (e.g., Google Analytics, Framer Analytics) to assist in the analysis of our Site traffic and usage patterns. These third-party providers have their own privacy policies governing their use of such information.



How We Use Your Information:

We use the information we collect for the following legitimate business purposes: 

  • Service Provision and Maintenance: To create and manage your account, deliver the functionalities of the Service, process transactions, and manage your subscription. 

  • Service Improvement and Development: We utilize metadata and aggregated usage analytics to diagnose technical issues, understand user behaviour, and to enhance, innovate, and develop new features for our Service. It is our policy that your specific report metadata is not used to train AI models for the benefit of any other customer or third party. 

  • Communication: To respond to your inquiries, provide customer and technical support, and send administrative information, such as service-related updates. We may also send marketing communications, from which you may opt-out at any time. 

  • Security and Compliance: To maintain the security and integrity of our platform, prevent fraud, enforce our terms of service, comply with legal and regulatory obligations, respond to legal process or enforceable governmental requests, and protect our rights, privacy, safety, or property, and/or that of you or others. 



Data Security:

We implement and maintain robust technical, administrative, and physical security measures designed to protect the information we process from unauthorized access, disclosure, alteration, or destruction. 


Our Service architecture is designed to be a zero-data-exposure platform. All operations involving your sensitive business data occur within your own Power BI environment. The metadata we process for the Service is encrypted in transit using industry-standard protocols and encrypted at rest. 


Notwithstanding these measures, no method of transmission over the Internet or method of electronic storage is 100% secure. Therefore, while we strive to use commercially acceptable means to protect your personal data, we cannot guarantee its absolute security. You acknowledge that you provide your personal information at your own risk. 



Disclosure of Your Information (Sub-processors)

We do not sell, rent, or trade your personal information. We may share your information with trusted third-party service providers (sub-processors) who perform services on our behalf, solely for the purposes described in this policy. These include:

  • Payment Processors: To securely process your subscription payments.

  • Cloud Infrastructure Providers: To host our platform and store your encrypted metadata.

  • AI Service Providers: We may utilize third-party AI APIs (e.g., OpenAI, Google Gemini) to power our natural language query features. These providers are contractually obligated to process your metadata only as instructed by us and are prohibited from using it for their own model training or other purposes.

  • Analytics and Error Logging Services: To assist in monitoring, diagnosing, and improving our Site and Service.


We conduct due diligence on our sub-processors and require them to maintain a level of data protection and security that is no less protective than our own.


We may also disclose your personal data in the good faith belief that such action is necessary to:

  • Comply with a legal obligation (including to meet national security or law enforcement requirements).

  • Protect and defend the rights or property of Claribi OÜ.

  • Prevent or investigate possible wrongdoing in connection with the Service.

  • Protect the personal safety of users of the Service or the public.

  • Protect against legal liability.



Business Transfers

We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business by another company. We will provide notice before your personal information is transferred and becomes subject to a different privacy policy.



International Data Transfers

Your information, including personal data, may be transferred to—and maintained on—computers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ from those in your jurisdiction.


If you are located in the European Economic Area (EEA) or the United Kingdom (UK), this means your data may be transferred outside of the EEA or UK. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy. For such transfers, we rely on legally-provided mechanisms, such as the European Commission's Standard Contractual Clauses (SCCs) or other appropriate adequacy decisions.



Data Retention

We will retain your personal data only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use your data to the extent necessary to:

  • Provide and maintain our Service (e.g., for the duration of your account).

  • Comply with our legal, tax, or accounting obligations (e.g., retaining invoices for 7 years as required by Estonian law).

  • Resolve disputes and enforce our legal agreements and policies.


Aggregated or anonymized data, which can no longer be associated with you, may be retained indefinitely for statistical purposes.



Your Data Protection Rights

Depending on your jurisdiction (e.g., if you are located in the EEA or UK), you may have the following rights under the General Data Protection Regulation (GDPR):

  • The Right to Access: You have the right to request copies of your personal data that we hold.

  • The Right to Rectification: You have the right to request that we correct any information you believe is inaccurate or complete any information you believe is incomplete.

  • The Right to Erasure: You have the right to request that we erase your personal data, under certain conditions.

  • The Right to Restrict Processing: You have the right to request that we restrict the processing of your personal data.

  • The Right to Object to Processing: You have the right to object to our processing of your personal data for direct marketing purposes.

  • The Right to Data Portability: You have the right to request that we transfer the data that we have collected to another organization, or directly to you.

  • The Right to Withdraw Consent: You have the right to withdraw your consent at any time where we relied on your consent to process your information.

  • The Right to Lodge a Complaint: You have the right to lodge a complaint with a supervisory authority, in particular in the EU member state of your habitual residence, place of work, or place of the alleged infringement. In Estonia, the relevant authority is the Andmekaitse Inspektsioon (Estonian Data Protection Inspectorate).


To exercise any of these rights, please submit a formal request to the contact email provided below. Please note that these rights are not absolute. We may need to verify your identity before responding to a request, and we reserve the right to refuse a request if it is manifestly unfounded, excessive, or infringes on our other legal obligations.



Cookies Policy

We use cookies and similar tracking technologies to track activity on our Site and store certain information. Cookies are files with a small amount of data which may include an anonymous unique identifier.

  • Strictly Necessary Cookies: These are essential for the Site to function.

  • Performance Cookies: These allow us to count visits and traffic sources so we can measure and improve the performance of our Site.

  • Functional Cookies: These enable the Site to provide enhanced functionality and personalization.


You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Site.



Links to Other Websites

Our Site may contain links to other websites that are not operated by us. If you click on a third-party link, you will be directed to that third party's site. We strongly advise you to review the privacy policy of every site you visit.


We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services.



Amendments to This Privacy Policy

We reserve the right to amend this Privacy Policy at any time, at our sole discretion. We will notify you of any material changes by posting the updated policy on this page and revising the "Effective Date" at the top.


We encourage you to review this Privacy Policy periodically for any changes. Your continued use of the Site or Service after any modifications to the Privacy Policy will constitute your acknowledgment of the modifications and your consent to abide and be bound by the modified policy.



Contact Information

Should you have any questions or concerns regarding this Privacy Policy or our data processing practices, please contact us at:

  • Company: Claribi OÜ

  • Address: Harju maakond, Tallinn, Kesklinna linnaosa, Ahtri tn 12, 15551, Republic of Estonia

  • Email: info@claribi.ai