Privacy Policy
Last updated: 7/14/2026
1. Data controller
The data controller for personal data collected via Cliento (cliento.dev) is Jonathan Dhermand, sole proprietor (auto-entrepreneur).
Privacy contact: hello@cliento.dev
2. Data collected
Cliento collects the following data categories:
Identification and account data
- Name, first name, email address
- Password (stored in hashed form)
- Profile photo (optional)
Service usage data
- Projects, tasks, notes created on the platform
- Client information (names, emails, project details)
- Imported files and documents
- Data entered in AI features
Technical and navigation data
- IP address, browser type, operating system
- Pages visited, actions performed on the platform
- Login and activity logs
- Audience measurement data (pages viewed, referring source, approximate location derived from IP) collected via Google Analytics, subject to your cookie consent choice
Billing data
- Transaction history (amount, date, subscribed plan)
- Credit card data is managed exclusively by our payment providers (LemonSqueezy, Paddle) and is never stored on our servers
3. Purposes and legal bases of processing
| Purpose | Legal basis |
|---|---|
| Service provision and account management | Contract execution |
| Processing your subscription (Cliento payment) | Contract execution |
| Sending transactional emails (confirmation, notifications) | Contract execution |
| Service improvement and usage analysis | Legitimate interest |
| Artificial intelligence features | Consent / Contract execution |
| Compliance with legal obligations | Legal obligation |
| Audience measurement and analytics (Google Analytics via Google Tag Manager) | Consent (cookie banner) |
| Sending commercial communications (newsletter, new features) | Consent |
4. Sub-processors and data recipients
Cliento uses the following sub-processors to provide the service. Each of them is subject to contractual confidentiality and security obligations:
| Provider | Role | Location |
|---|---|---|
| LemonSqueezy / Paddle | Processing your Cliento subscription (direct billing) | USA / EU |
| Stripe, Inc. (Connect) | Processing payments between freelance users of Cliento and their own clients. Cliento acts solely as a technical intermediary and does not receive or hold these funds. | USA |
| Vercel, Inc. | Application hosting | USA |
| OpenAI, LLC | AI features | USA |
| Neon, Inc. | PostgreSQL database | USA |
| ImageKit Ltd. | File storage and management | India / Global CDN |
| Resend, Inc. | Sending transactional emails | USA |
| Google LLC (Google Analytics & Google Tag Manager) | Audience measurement and analytics, only after you accept the cookie banner | USA |
Transfers to the United States are governed by appropriate mechanisms provided for under GDPR (European Commission standard contractual clauses or equivalent).
5. Data retention period
- Account and project data: retained for the entire duration of account activity, then deleted immediately upon account closure at the User's request.
- Billing data: retained for 7 years from the transaction date, in accordance with applicable accounting and tax obligations.
- Technical logs: retained on a rolling 12-month basis for security and debugging purposes.
- Marketing emails: until consent is withdrawn or after 3 years of inactivity.
6. Your rights
In accordance with the GDPR (for users in the European Union) and applicable laws in your country, you have the following rights:
- Right of access: obtain a copy of your personal data
- Right to rectification: correct inaccurate or incomplete data
- Right to erasure: request deletion of your data
- Right to portability: receive your data in a structured format
- Right to object: object to certain processing
- Right to restriction: temporarily suspend processing
- Right to withdraw your consent at any time
To exercise these rights, contact us at hello@cliento.dev. We will respond within 30 days.
If you believe your rights are not being respected, you may lodge a complaint with your national supervisory authority (e.g., the CNIL in France, cnil.fr).
7. Data security
Cliento implements appropriate technical and organizational measures to protect your data against unauthorized access, loss, or destruction, including:
- Encryption of communications (HTTPS/TLS)
- Passwords stored in hashed form
- Data access restricted to authorized personnel
- Regular database backups
In the event of a personal data breach likely to result in a high risk to your rights and freedoms, you will be notified without undue delay in accordance with applicable legal requirements.
8. Cookies and trackers
Cliento uses two categories of cookies:
- Strictly necessary cookies: required for the service to function (session management, authentication, saved preferences). These do not require consent and cannot be disabled without breaking the platform.
- Analytics cookies: Google Analytics, deployed through Google Tag Manager, to measure audience and understand how the platform is used. These are only set after you accept them in the cookie banner shown on your first visit.
You can accept or decline analytics cookies at any time from the cookie banner, or by clearing your browser's local storage for this site to make the banner reappear. No advertising cookies are used at this stage.
You can also configure your browser to refuse cookies altogether, which may affect certain features of the platform.
9. Minors
Cliento is intended for professional use and is not designed for individuals under 16 years of age. If you become aware that a minor has provided us with personal data without parental consent, please contact us so that we can delete it.
10. Changes to this policy
We may update this privacy policy to reflect changes in our practices or for legal reasons. Any substantial change will be notified by email at least 30 days before it takes effect. The last update date is shown at the top of this page.
11. Contact
For any question regarding this policy or the exercise of your rights: hello@cliento.dev
This privacy policy complies with Regulation (EU) 2016/679 (GDPR) and applicable laws on the protection of personal data.