top of page

Privacy Policy

Last updated: February 2026
​
Introduction

 

Klarytee Ltd. ("we", "us", "our") is committed to protecting your personal data and respecting your privacy.

 

This privacy policy explains how we collect, use, and protect your personal data when you:

  • Visit our website at www.klarytee.com and submit our contact form

  • Download and use the Klarytee app to access encrypted documents

 

This policy complies with the UK General Data Protection Regulation (UK GDPR) and the Privacy and Electronic Communications Regulations 2003 (as amended in 2018) (UK PECR).

 

Please read this policy carefully together with our Terms of Use, Acceptable Use Policy, and Add-in EULA, which set out the terms on which we provide our services.

 

Important information and who we are

 

Klarytee Ltd. is the controller and is responsible for your personal data (collectively referred to as "Company", "we", "us" or "our" in this policy). We have appointed a data protection officer (DPO). If you have any questions about this privacy policy, please contact them using the details set out below.

 

Contact details

 

Our full details are:

  • Full name of legal entity: Klarytee Ltd.

  • Company number: 13699508

  • Registered Office Address: 86-90 Paul Street, London, EC2A 4NE

  • Name or title of DPO: Dr Nithin Thomas

  • E-mail address: legal@klarytee.com

 

You have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK regulator for data protection issues.

 

Information we collect from website visitors

 

When you visit our website at www.klarytee.com and submit our contact form, we collect the following personal data:

  • First name and surname

  • E-mail address

 

How we use this information:

We use this information to respond to your enquiries about our services and products.

 

Legal basis for processing:

Legitimate interests – it is in our legitimate business interest to respond to potential customer enquiries and provide information about our services.

 

How long we keep it:

We retain contact form submissions for 2 years from your last contact with us, unless you request earlier deletion.

 

Cookies and website analytics:

We use cookies and analytics tools (such as Google Analytics) on our website. Essential cookies are necessary for the website to function. Non-essential cookies (analytics and marketing) require your consent, which we obtain through our cookie banner. For more information, see our Cookie Policy.

 

Information we collect from app users

 

When you download and use the Klarytee app to access encrypted documents, we collect the following personal data:

  • Identity Data: first name, last name, username

  • Contact Data: email address

  • Device Data: type of device you use, device identifier, operating system, browser type, time zone setting

  • Profile Data: username and password, user preferences, feedback and survey responses

  • Usage Data: details of your use of the app, including which features you access, traffic data and communication data

 

How we use this information:

We use this information to:

  • Provide the app functionality and enable document decryption

  • Ensure app security and troubleshoot technical issues

  • Improve our services

 

Legal basis for processing:

Legitimate interests – providing document access services to third parties who receive encrypted documents is necessary for our business operations and expected by users.

 

How long we keep it:

We retain app user data while you actively use the app and for 6 years after your last use.

 

How is your personal data collected?
​

We collect and process personal data about you through the following methods:

 

For website visitors:

  • When you fill in our contact form on www.klarytee.com

  • When you correspond with us by email or other means

  • Through cookies and analytics tools (such as Google Analytics) that collect information about your visit to our website

 

For app users:

  • When you download or register to use the Klarytee app

  • Automatically when you use the app (Device Data and Usage Data)

  • When you provide feedback or report problems with the app

  • From Microsoft AppSource when you install or update the app (technical information about your device and installation is sent to us to provide the service and enable automatic updates)

  • Through analytics providers (such as Google Analytics) based outside the UK

 

For both website visitors and app users:

  • If you contact us to report a problem or ask questions, we will keep a record of that correspondence.

​

How we use personal data

 

For website visitors

 

When you submit our contact form, we use your personal data for the following purposes:

 

Purpose of processing: to respond to your enquiries about our services.

  • Personal data processed: name, surname, email address.

  • Legal basis for processing: legitimate interests (it is in our business interest to respond to potential customer enquiries).

​

Purpose of processing: to send you marketing communications about our products and services.

  • Personal data processed: email address, marketing preferences.

  • Legal basis for processing: consent (we will only send marketing with your explicit opt-in consent).

 

Marketing communications:

  • We will only send you direct marketing communications by email if you have given us your explicit consent. Submitting our contact form does NOT automatically sign you up for marketing emails.

 

You can withdraw your marketing consent at any time by:

 

Withdrawing consent will not affect our ability to respond to your enquiries.

 

For app users

 

When you download and use the Klarytee app, we use your personal data for the following purposes:

 

​Purpose of processing: to provide the app functionality and enable document decryption.

  • Personal data processed: Identity Data, Contact Data, Device Data, Profile Data.

  • Legal basis for processing: legitimate interests (providing document access services is necessary for our business operations and expected by users).

​

Purpose of processing: to ensure app security and prevent fraud.

  • Personal data processed: Device Data, Usage Data.

  • Legal basis for processing: legitimate interests (protecting our systems and users from security threats).

​

Purpose of processing: to troubleshoot technical issues and provide support.

  • Personal data processed: Device Data, Usage Data, Profile Data.

  • Legal basis for processing: legitimate interests (ensuring the app functions properly).

​

Purpose of processing: to improve and develop our services.

  • Personal data processed: Usage Data, Device Data.

  • Legal basis for processing: legitimate interests (understanding how users interact with the app helps us improve it).

​

Purpose of processing: to comply with legal obligations.

  • Personal data processed: any relevant personal data.

  • Legal basis for processing: legal obligation (we may be required by law to process certain data).

 

We do not use your app data for marketing purposes.

 

Who we share your data with

 

We may share your personal data with the following third parties:

 

Service providers:

  • IT and hosting providers who support our website and app infrastructure

  • Analytics providers (such as Google Analytics)

  • Email service providers (for responding to contact form enquiries)

  • Microsoft AppSource (for app distribution and updates)

 

These service providers process data on our behalf and are contractually obligated to keep your data secure and use it only for the purposes we specify.

 

Legal requirements: We may disclose your personal data to law enforcement, regulatory authorities, or other third parties when legally required to do so.

 

We do not sell your personal data to third parties.

 

International data transfers

 

Some of our service providers are based outside the United Kingdom, which means your personal data may be transferred to and processed in other countries.

​

Where we transfer data:

  • European Economic Area (EEA): Some service providers are based in EEA countries. The UK recognizes the EEA as providing adequate data protection.

  • United States and other countries: We use analytics providers (such as Google Analytics) based in the United States.

​​

How we protect your data:

 

When we transfer personal data outside the UK, we ensure it is protected by using:

  • Adequacy decisions: Transferring data to countries recognized by the UK government as providing adequate data protection (such as EEA countries)

  • Standard Contractual Clauses: Using contracts approved by the UK Information Commissioner's Office that give personal data the same protection it has in the UK

 

You can contact us at legal@klarytee.com for more information about the specific safeguards we use.

 

Data security

 

We have implemented appropriate security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorized manner.

 

All information you provide to us is stored on secure servers. Where we have given you (or where you have chosen) a password to access the app, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.

 

We limit access to your personal data to employees and service providers who have a business need to access it. They will only process your personal data on our instructions and are subject to a duty of confidentiality.

 

We have put in place procedures to deal with any suspected personal data breach and will notify you and the Information Commissioner's Office (ICO) when we are legally required to do so.

 

In some circumstances, we may anonymize your personal data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.

 

Data retention

​

We will only retain your personal data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

​

Specific retention periods:

  • Website contact form submissions: We retain your name, surname, and email address for 2 years from your last contact with us, unless you request earlier deletion.

  • App user data: We retain your personal data for the duration you use the app and for 6 years after you stop using it or delete your account.

  • Marketing consent: We retain your marketing preferences until you withdraw your consent.

 

To determine the appropriate retention period, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure, the purposes for which we process your personal data, and whether we can achieve those purposes through other means.

​

In some circumstances, we may anonymize your personal data so that it can no longer be associated with you, in which case we may use this information indefinitely without further notice to you.

​

Your legal rights

 

Under UK data protection law, you have the following rights in relation to your personal data:

 

  • Request access to your personal data (commonly known as a "data subject access request"). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.

  • Request correction of the personal data we hold about you. This enables you to have any incomplete or inaccurate data corrected, though we may need to verify the accuracy of the new data you provide.

  • Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. Note that we may not always be able to comply with your request for specific legal reasons, which we will notify you of at the time of your request.

  • Object to processing of your personal data where we are relying on legitimate interests (such as for app functionality or responding to enquiries) and there is something about your particular situation which makes you want to object. You also have the right to object where we are processing your personal data for direct marketing purposes.

  • Request restriction of processing of your personal data. This enables you to ask us to suspend processing in certain scenarios, such as if you want us to establish the data's accuracy or where you have objected to our use of your data.

  • Request transfer of your personal data to you or to a third party in a structured, commonly used, machine-readable format. Note that this right primarily applies to data processed based on your consent (such as marketing preferences).

  • Withdraw consent at any time where we are relying on consent to process your personal data (such as for marketing). This will not affect the lawfulness of any processing carried out before you withdraw your consent. Withdrawing consent for marketing will not affect our ability to respond to your enquiries or provide app functionality.

 

How to exercise your rights:

​

You can exercise any of these rights at any time by contacting us at legal@klarytee.com.

You will not have to pay a fee to access your personal data or to exercise any other rights. However, we may charge a reasonable fee or refuse to comply if your request is clearly unfounded, repetitive, or excessive.

 

Right to complain:

​

You also have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK regulator for data protection issues (www.ico.org.uk).

 

Cookies and electronic marketing

 

This section explains how we comply with the UK Privacy and Electronic Communications Regulations (PECR).

 

Cookies (website only)

​

Cookies are small text files that are placed on your device when you visit our website. We use the following types of cookies:

  • Essential cookies: These are necessary for our website to function properly (such as security and session management). These cookies do not require your consent.

  • Analytics cookies: These help us understand how visitors use our website (such as Google Analytics). These cookies require your consent, which we request through our cookie banner when you first visit our website.

 

Managing cookies:

You can accept or reject non-essential cookies through our cookie banner when you visit our website. You can also change your cookie preferences at any time through your browser settings.

Note: The Klarytee app does not use browser cookies. Device and usage data collected by the app is explained in Section 4.

 

Direct marketing (website and app users)

 

We will only send you marketing communications by email if you have given us your explicit consent (opt-in).

 

Important: Submitting our contact form does NOT automatically sign you up for marketing emails. We will only add you to our marketing list if you separately tick a consent box or subscribe.

 

Each marketing email will include an "unsubscribe" link. You can also withdraw your marketing consent at any time by contacting us at legal@klarytee.com.

 

Withdrawing marketing consent will not affect:

  • Our ability to respond to your enquiries

  • Service-related communications (such as app updates or support responses)

 

Changes to this privacy policy

 

We keep our privacy policy under regular review and may update it from time to time.

This version was last updated on 21st January 2026.

 

If we make changes to this policy, we will post the updated policy on this page. Where appropriate, we may also notify you by email or through a notification when you next use our app or visit our website.

 

We encourage you to review this privacy policy periodically to stay informed about how we protect your personal data.

 

It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during our relationship with you.

​

Glossary

 

Lawful basis

 

'Consent' means processing your personal data where you have signified your agreement by a statement or clear opt-in to processing for a specific purpose. Consent will only be valid if it is a freely given, specific, informed, and unambiguous indication of what you want. You can withdraw your consent at any time by contacting us.

 

'Legitimate Interest' means the interest of our business in conducting and managing our business to enable us to give you the best service and the most secure experience. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal data for our legitimate interests. We do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).

 

'Performance of Contract' means processing your data where it is necessary for the performance of a contract to which you are a party or to take steps at your request before entering into such a contract.

 

'Comply with a legal obligation' means processing your personal data where it is necessary for compliance with a legal obligation that we are subject to.

 

Third parties

 

'Service providers' - means companies acting as processors who provide IT, hosting, analytics, and email services to support our website and app.

​

'Microsoft' - means provides app distribution through Microsoft AppSource.

​

'Professional advisers' - means lawyers who provide legal services when necessary.

​

'Regulators and authorities'  - means the Information Commissioner's Office (ICO), law enforcement, and other regulatory bodies when legally required.

​

Description of categories of personal data

  • Identity Data: first name, last name, username

  • Contact Data: email address

  • Device Data: the type of device you use, device identifier, operating system, browser type, time zone setting

  • Profile Data: username and password, user preferences, feedback and survey responses

  • Usage Data: details of your use of our app or visits to our website, including traffic data and communication data

  • Marketing and Communications Data: your preferences in receiving marketing from us and your communication preferences

bottom of page