Privacy Policy

Last updated: January 13, 2026

Introduction

Clema.ai ("Clema," "we," "us," or "our") is committed to protecting the privacy and security of your information. This Privacy Policy describes how we collect, use, disclose, and safeguard your information when you use our AI-powered institutional research platform.

We understand the sensitive nature of educational data and are committed to maintaining the highest standards of privacy protection, including compliance with the Family Educational Rights and Privacy Act (FERPA).

Information We Collect

Account Information

When you create an account, we collect:

  • Name and professional title
  • Email address
  • Institution name and department
  • Phone number (optional)

Institutional Data

To provide our services, we may process institutional data that you connect to our platform, including:

  • Student enrollment and demographic data
  • Academic performance metrics
  • Institutional research reports
  • Data from connected systems (SIS, LMS, data warehouses)

Important: Your institutional data remains under your control. We do not use your data to train our AI models, and we do not share your data with third parties.

Usage Information

We automatically collect certain information when you use our platform:

  • Query history and interactions with the AI assistant
  • Log data (IP address, browser type, device information)
  • Usage patterns and feature engagement

How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve our services
  • Process and respond to your data queries
  • Authenticate users and manage account access
  • Send service-related communications
  • Provide customer support
  • Monitor and analyze usage patterns to improve our platform
  • Ensure security and prevent fraud
  • Comply with legal obligations

FERPA Compliance

Clema.ai is designed to support institutions in maintaining FERPA compliance. We:

  • Act as a "school official" with a legitimate educational interest under FERPA
  • Use education records only for authorized purposes
  • Maintain appropriate administrative, technical, and physical safeguards
  • Do not disclose personally identifiable information from education records without consent
  • Support institutions in responding to FERPA-related requests

We will enter into appropriate data processing agreements with institutions to formalize our obligations regarding the handling of education records.

Data Security

We implement comprehensive security measures to protect your information:

  • SOC 2 Type II certified infrastructure
  • Encryption at rest (AES-256) and in transit (TLS 1.3)
  • Role-based access controls
  • Regular security audits and penetration testing
  • Secure data centers with physical access controls
  • Employee security training and background checks

Data Retention

We retain your information for as long as necessary to provide our services and fulfill the purposes described in this policy. Specifically:

  • Account information: Retained while your account is active and for a reasonable period thereafter
  • Institutional data: Retained according to your institution's data retention policies and our service agreement
  • Usage logs: Retained for up to 24 months for security and analytics purposes

Upon termination of service, we will securely delete or return your institutional data according to your instructions.

Your Rights

Depending on your location, you may have the following rights:

  • Access your personal information
  • Correct inaccurate information
  • Delete your personal information
  • Export your data in a portable format
  • Opt out of certain data processing activities
  • Withdraw consent where processing is based on consent

To exercise these rights, please contact us at privacy@clema.ai.

Third-Party Services

We may use third-party services to support our operations, including:

  • Cloud infrastructure providers (with appropriate data processing agreements)
  • Analytics services (using anonymized data only)
  • Customer support tools

We carefully vet all third-party providers and ensure they maintain appropriate security and privacy practices.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date. We encourage you to review this policy periodically.

Contact Us

If you have questions about this Privacy Policy or our privacy practices, please contact us:

Email: privacy@clema.ai

Address: Clema.ai, Inc.

For security concerns, please see our Security page.