Who we are

Klarr Stack is a personal assistant and operating system for high-output women with complex lives. Operated as an enkeltmandsvirksomhed (sole trader) in Denmark (CVR 45490343). Data controller: Tala Maria Aabø Contact: contact@klarrstack.com

What we collect

Account data: your email address, collected by Supabase Auth on sign-in. Context data: your name, city, household information, and preferences, collected during onboarding to personalise the assistant. Conversation data: messages you send to the assistant and responses generated. Priority and goal data: text you enter or speak. Health and wellness data (Article 9 special category): energy level, sleep quality, mood, cycle day, and menstrual phase. Collected only after explicit consent. Calendar data: event titles and times from your connected Google or Microsoft calendar, read-only unless you explicitly create an event. Consent records: timestamped record of what you agreed to and when. WhatsApp number: where you link your WhatsApp number to your Klarr account, we store your phone number in E.164 format as an account identifier. This number is used solely to route messages between WhatsApp and your Klarr account and is never shared with third parties. Email data: where you connect Google or Microsoft, Klarr reads unread inbox messages to populate the unified inbox. Subject lines, sender names, email addresses, and a short summary are stored in Klarr's database. Full email bodies are processed in memory for AI extraction and are not stored permanently. You can revoke email access at any time from Settings → Integrations. Conversation memory: Klarr periodically compresses older conversation history into short summaries to provide continuity across sessions. These summaries are stored in your account and used to personalise future responses. You can delete them via Settings → Data (Delete account).

Why we collect it

Contract performance (Article 6(1)(b)): account, context, conversation, and calendar data are necessary to provide the service. Explicit consent (Article 9(2)(a)): health and wellness data is only stored after a specific, informed consent step separate from the general terms. This consent covers the storage, processing, and return of that data to you on request, including via the Article 20 data export function.

AI processing

The assistant uses Anthropic's Claude API (Anthropic PBC, San Francisco, USA). Relevant context is sent to Anthropic for each response. This may include anonymised lifestyle context, calendar event titles, and priorities. Anthropic processes data under Standard Contractual Clauses (SCCs) as the EU-to-US transfer mechanism. When you delete your account, all your data is removed from Klarr's systems immediately. Conversation data previously sent to Anthropic's API may be retained by Anthropic for up to 30 days for trust and safety monitoring, after which Anthropic deletes it automatically. Anthropic does not train models on API data. See anthropic.com/privacy for Anthropic's full retention policy.

Where data is stored

All data is stored in Supabase on EU servers (eu-central-1 or eu-west-1). Each user's data is isolated via row-level security. No user can access another's data. Data is encrypted at rest and in transit. Not shared. Not sold.

Data processors

Klarr uses the following sub-processors. Each has signed a Data Processing Agreement (DPA) under GDPR Article 28. Links are to each processor's current DPA.

Your rights

Access: request a copy at any time from Settings → Data. Delete (Article 17 GDPR): Settings → Delete account removes all your data immediately and permanently, including health data. Conversation data previously sent to Anthropic's API may be retained by Anthropic for up to 30 days for trust and safety monitoring, after which it is deleted automatically. Export (Article 20): download your full data as JSON from Settings → Data. Withdraw health consent: Settings → Privacy. Object or restrict: contact@klarrstack.com For access, object, and restrict requests we respond within 2 to 5 business days.

Complaints

Contact contact@klarrstack.com first. You may also contact Datatilsynet (datatilsynet.dk), Carl Jacobsens Vej 35, 2500 Valby, Denmark.