Platform Privacy Policy

1. Introduction

ClicData is a self-service SaaS data management and analytics platform. We are committed to protecting your privacy and ensuring the security of all data you entrust to us. This Platform Privacy Policy explains what information we collect from our customers, how we use and protect it, and your rights regarding that information. It is intended for business and professional users of the ClicData platform (not our public website visitors) and must be agreed to as a condition of using the service.

Not for Children: The ClicData platform is intended for users 16 years of age or older. We do not knowingly collect personal data from anyone under 16. If you are under 16, please do not use this service or provide any personal information.

This Privacy Policy applies to all paid users and account holders of the ClicData platform. By using our services, you agree to the practices described below.

2. Scope of this Policy

This policy covers information collected and processed through your use of the ClicData platform services (including when you upload data, configure dashboards, and manage your account as a paying customer). It does not cover information collected on our marketing website or other interactions outside the platform (see our Website Privacy & Cookie Policy for those details). This policy addresses three primary categories of data within the platform:

1. Customer-Uploaded Data (User Data) – The content and data you or your users upload or input into ClicData for analysis.
2. Metadata and Derived Data – Information about your uploaded data or your use of the platform (such as dataset schemas, column names, table structures, row counts, tags, usage logs, and similar metadata).
3. Payment and Billing Information – Details you provide for subscription billing (handled via our payment processor), such as credit card or PayPal information and billing contact details.

Additionally, we explain how we handle Account Information (like your name, email, company, etc. provided when you register) and other personal data in the context of these categories. We also outline our compliance with global privacy laws and the measures we take to protect your data.

3. Data We Collect and How We Use It

3.1 Customer-Uploaded Data (User Data)

What it is: Customer-Uploaded Data (or “User Data”) refers to any data, content, or files that you or your authorized users import, upload, or otherwise enter into the ClicData platform for storage, analysis, or visualization. This could include databases you connect, spreadsheets you upload, information you manually input, and any outputs or reports you generate that contain your data.

How we use it: We process this data solely to provide our services to you – for example, to store it securely, run queries, generate dashboards, and perform data transformations at your instruction. ClicData does not use or access the content of your User Data for any other purposes. We do not scan, mine, or sell your uploaded datasets.

Our employees and partners are held to a strict internal policy that prohibits accessing your data without your express permission . In practical terms, this means ClicData staff will only view or handle your data if you explicitly request assistance (for example, during a support session or managed service engagement) or if access is required to resolve a technical issue and you have given consent. Any such access is logged and transparent to you as the account owner.

No unintended access: ClicData does not consider itself the owner or controller of the content you upload – you remain in control of your User Data. We cannot interpret or assume responsibility for the nature of the data you store on our platform . We will never move or transmit your data outside of the region/data-center you selected for storage, except as needed for backup within that region (see Data Security below) or unless you instruct us to do so . Even our cloud infrastructure provider’s administrators (e.g. Microsoft Azure support personnel) have no access to your content unless it is necessary to resolve a system issue, and even then such access is strictly supervised by ClicData staff .

Examples: If you upload a database of sales records, we store and process that data so you can run analyses and create dashboards. We won’t look at the actual sales records or share them with anyone unless you ask us to (for instance, if you need troubleshooting help and explicitly grant us access). We also won’t use your sales data to train any machine learning models or for any purpose outside providing the ClicData service.

3.2 Metadata and Derived Data (Platform Usage Data)

What it is: In the course of using the platform, ClicData generates and collects metadata about your account and how your data is structured. This includes information like the names and structures of the tables or datasets you create, column names and data types, the number of rows or records, relationships between datasets, user-defined tags or labels, dashboard layouts, and logs of actions taken within the platform (e.g. when data was last refreshed, who accessed a dashboard, error logs for failed data uploads, etc.). It may also include aggregated usage metrics and performance data (such as how often a dataset is queried or the volume of data processed).

How we use it: This metadata is used to operate, optimize, and improve the ClicData platform’s functionality. For example, the platform needs to store your table and column names and structures to let you query your data and link datasets together. We use row counts and data size information to optimize performance and ensure your account stays within its storage capacity. Usage logs help us provide auditing features to you, ensure system integrity, and troubleshoot issues. Metadata may also be used in aggregate (and in a non-identifying way) to help us improve our services (for instance, understanding which features are most used or for capacity planning), but it is not used to profile you or to market to you.

Importantly, while this Metadata is about your data and usage, it typically does not include the actual content of your User Data. For instance, we store a column name you’ve given (“CustomerName”) and know that it’s a text field, but we do not inherently know the actual names listed in that column unless we access the User Data itself (which we won’t do without permission as noted above). Metadata is accessible to ClicData’s systems and administrators as needed for support and operations, but it is treated with care and kept confidential. We handle metadata under the same security controls as your direct data. In short, we process metadata only as necessary to provide and enhance the service’s functionality and support your use of the platform.

3.3 Account and Contact Information

What it is: When you register for a ClicData account (whether a trial or paid subscription), we collect personal information from you such as your name, business email address, company/organization name, phone number, and job title. If you are the account owner or administrator, we also record information like your login credentials (which are stored in hashed form), and any preferences or profile information you provide in your account settings. This category covers information that personally identifies you or your users, which you provide to us for account creation, billing, or communication purposes – as distinct from the data you upload for analysis.

How we use it: We use your Account and Contact Information to create and manage your user account, to communicate with you, and to provide customer support. For example, we use your email to send important service announcements (like password resets, product updates, billing invoices, alerts you configure, or notifications of system maintenance). We might also send newsletters or product tips to your contact email, but you can opt out of marketing communications at any time. Your phone number or email may be used by our support team to reach out if you have an open support ticket or if we notice urgent issues with your account. We also use company information and billing address for invoicing and accounting purposes (e.g. to generate legally compliant invoices with your company name and tax ID as required). We do not sell your personal contact information to third parties for marketing. If we ever consider using your contact info for a new purpose not covered by this policy, we would obtain your consent as required by law.

3.4 Payment and Billing Information

What it is: To pay for a ClicData subscription, you must provide payment details. This may include payment card information (credit or debit card number, cardholder name, expiration date, CVC) or a PayPal account, as well as billing contact name and address, and possibly tax identification numbers (like a VAT number) if applicable. ClicData itself does not collect or store full payment card details. We use a third-party payment processor, Braintree (a PayPal company), to handle all credit card and PayPal transactions securely.

Braintree is a PCI-DSS certified payment service provider, meaning it meets strict security standards for processing payment data. When you enter your card information in our platform’s billing page, that data is transmitted directly to Braintree; we receive a confirmation or token but not the sensitive card number itself.

How we use it: We (and our processor Braintree) use your payment information to process your subscription payments and manage billing. For example, to charge your card monthly or annually for the plan you subscribed to, or to process an upgrade/downgrade. ClicData retains only non-sensitive billing details in our systems – such as the last four digits of your card, card type, expiration, or a transaction ID – and your billing address. This is used for record-keeping (e.g. to issue receipts, prevent fraud, or identify your payment in case of issues). All sensitive payment details are stored with Braintree, not on ClicData’s servers . ClicData undergoes annual PCI-DSS compliance audits to ensure we handle payment processes securely . We also keep billing contact information (like billing email and address) to send you invoices, confirm payment, and comply with financial record-keeping laws.

ClicData will never directly ask you for your full credit card details via email or chat. All payments are done through the secure online form or through PayPal’s interface as applicable. If you have questions about charges, our team might reference your account and invoice details, but we still will not ask for your card number in communication.

4. Data Sharing and Disclosure

Your data is your private asset, and our philosophy is to limit sharing of personal or customer data to the minimum necessary to run our service. We do not sell or rent your personal information or your uploaded content to third parties. We also do not share it for others’ marketing purposes. However, there are a few instances where we may disclose certain data, under strict conditions:

• Third-Party Service Providers (Subprocessors): We use reputable third-party providers to help us operate the ClicData platform. This includes our cloud hosting provider (Microsoft Azure), which securely hosts databases and servers in various regions, and our payment processor (Braintree) as mentioned. It may also include email delivery services (to send account emails), customer support tools, or analytics tools that help us monitor system performance. These providers may process Account Information or Metadata on our behalf, but only for the purposes of providing their services to us. We ensure any subprocessors are bound by confidentiality and security obligations (under data processing agreements) consistent with this policy and applicable law. For example, Azure as our hosting provider technically stores the data you upload on their servers, but they are not allowed to access or use it except for essential infrastructure management tasks, and they must meet our strict security requirements.
• Legal Requirements: We may disclose certain information if required to comply with a law, regulation, legal process, or governmental request. For instance, if we receive a lawful subpoena or court order to produce data, we may be obligated to comply. Our policy is to review such requests carefully and only provide what is legally required. If we must disclose any User Data, we will make reasonable efforts to inform the affected customer (unless legally prohibited from doing so).
• Enforcement of Terms and Protection of Rights: If necessary, we might share information to enforce our Terms of Service or other agreements, or to investigate and prevent security incidents or abuse of the platform. For example, we may need to share information with law enforcement or relevant authorities if we believe someone is using ClicData to commit unlawful acts or threaten the security of our systems or others. Similarly, if needed to protect the rights, property, or safety of ClicData, our customers, or the public, we may share limited information (e.g. to report fraud or address security vulnerabilities).
• Corporate Transactions: If ClicData is involved in a merger, acquisition, sale of assets, or reorganization, your information (including Customer Data and personal information) may be transferred to the successor entity or acquiring party as part of the transaction. If such a transfer happens, we will ensure the new entity is bound to the same level of protection for your data, and we will provide notice to you before your personal data becomes subject to a different privacy policy.

Other than the cases above, ClicData will not access or disclose your Customer-Uploaded Data without your permission. Even within our organization, access to customer accounts is highly restricted to authorized personnel on a need-to-know basis (for support or technical operations). We do not share your data with advertisers or unrelated third parties. Any metadata or usage statistics we analyze will be aggregated and anonymized such that it cannot be linked back to you or your account.

No Advertising Use: ClicData does not use the content of your uploaded data for advertising. We may, however, use your account contact information (like your work email) to inform you of new features or services from ClicData that we believe may be useful to you, but you have control over marketing communications (see Your Rights below). If you opt-in to certain marketing programs, we might use third-party platforms (like LinkedIn or Google) to show targeted ClicData ads to audiences, but this would only be done in compliance with your communication preferences and applicable law.

5. Data Security Measures

We take security very seriously and implement a range of administrative, technical, and physical safeguards to protect your data from unauthorized access, alteration, disclosure, or destruction. Below are key security measures in place:

• Secure Infrastructure: ClicData is hosted on Microsoft Azure, a leading cloud provider, in enterprise-grade data centers. Your data is stored in the region you choose (such as the USA, Canada, Europe, UK, Australia, etc.), and we do not move your data to other regions without your consent . For added resilience, data centers in the same region may mirror your data to ensure high availability (e.g., for backup and disaster recovery), but it stays within your selected jurisdiction. Azure’s facilities are highly secure, with 24/7 monitoring, biometric access controls, and compliance with standards like ISO 27001 and SOC.
• Encryption: All data you send to ClicData and that we send back to you is encrypted in transit using TLS (Transport Layer Security) encryption (we require TLS 1.2 or higher) . This means that when you upload data or access your dashboards, the connection is secure and eavesdrop-proof. Additionally, data stored in our databases is encrypted at rest using strong encryption (Transparent Data Encryption for databases, which encrypts data and log files on disk) . Backup files are also encrypted. Encryption ensures that even if someone were to obtain a storage device, they could not read your data without the decryption keys.
• Access Controls: We restrict access to production systems and databases to a limited number of authorized ClicData engineers who require it to maintain the service. Employee access to customer data is strictly controlled and logged. As noted, any support access to your account data happens only with your permission and is recorded. All employees undergo background checks (where permitted) and receive privacy and security training. We enforce strong password policies and multi-factor authentication for our internal systems to prevent unauthorized internal access.
• Monitoring and Testing: We employ continuous security monitoring and logging. Suspicious activities or anomalies in our infrastructure are flagged for investigation. We also conduct regular vulnerability scans and at least annual penetration tests (ethical hacking attempts on our system) to identify and fix potential security weaknesses . Our systems are kept up-to-date with security patches.
• Certifications and Compliance: ClicData maintains industry-standard security certifications. We are ISO 27001 certified and undergo SOC 2 Type II audits for security, availability, and confidentiality . We are also audited for PCI-DSS compliance (payment card security) via SecurityMetrics , ensuring that our handling of billing data meets strict standards. These certifications involve regular third-party assessments of our security controls.
• Data Redundancy and Backup: We design our systems with high availability and fault tolerance. Your data is stored in redundant servers/databases so that hardware failures do not lead to loss. We also perform daily backups of databases and retain backup copies for a limited period (to allow restoration if needed) . For example, backups may be kept for 35 days in regular storage and for a longer-term (e.g., 3 months) in archive for disaster recovery . All backups remain encrypted and stored in the same region. After the retention period, backups are securely deleted.
• Organizational Measures: Our team is trained on data privacy and security best practices. We have internal policies and incident response plans in place to handle any security incidents swiftly and transparently. If a data breach were to occur that affects your personal data, we will notify you and the appropriate authorities as required by law.

In summary, we employ state-of-the-art security measures to protect your information. However, no system can be guaranteed 100% secure. We continuously improve our safeguards to adapt to evolving threats and we encourage you as well to use a strong, unique password for your account and to keep your login credentials confidential.

6. Data Retention

We retain different types of data for varying lengths, based on necessity and legal obligations:

• Customer-Uploaded Data: We store your uploaded datasets and content on our servers for as long as you are a customer and actively using ClicData. You control this data – you can delete or replace datasets through the platform at any time. If you delete data or terminate your account, our policy is to remove the data from active databases promptly (typically within a few days). Residual copies may remain in our encrypted backups for a limited time (as noted in Data Security, backups are kept for a defined retention period) but will be purged according to our backup rotation schedule. We do not retain your uploaded data longer than necessary and do not use deleted data except for it remaining in backup until those backups expire.
• Account Information: We retain your account registration information (name, email, etc.) for as long as your account is active. If you cancel your subscription or your account becomes inactive, we may archive certain information (like account details and correspondence) for a period of time in case you reactivate or for record-keeping. We may also retain some information to fulfill legal obligations – for example, records of transactions (invoices, payments) are kept to comply with tax and accounting laws (which could be several years, depending on jurisdiction). When such information is no longer needed, we will securely delete or anonymize it.
• Metadata and Logs: Platform logs and metadata are maintained to support the service and for security/audit purposes. For instance, logs of user sign-ins or data refresh jobs may be retained for a certain number of days or months even if the underlying account or dataset is deleted, in order to investigate issues or meet security requirements. We strive to minimize retention of logs containing personal data. Usage metadata that has been aggregated and anonymized (so it no longer identifies you) may be retained indefinitely for statistical analysis and service improvement.
• Payment Information: We and Braintree retain payment transaction records as long as needed for payment processing, dispute resolution, and legal compliance. Card information is stored by Braintree and subject to their retention policies; typically, they keep such information at least as long as your subscription is active. ClicData’s own records of your subscription payments (like invoices and payment confirmations) are kept in accordance with financial regulations (often 7 years or more, as required by tax law). However, these records contain minimal personal data (usually just your name, company, and amounts) and are protected like all other data.

When we no longer have a legitimate need to keep personal data, we will securely destroy it. If complete deletion is not immediately possible (for example, data stored in off-site backups), we will ensure it remains protected until deletion is feasible.

7. International Data Transfers

ClicData is a global service, but we respect regional data protection requirements. Data Localization: As mentioned, we let you choose the region where your primary data is hosted (e.g., North America, Europe, Asia-Pacific). We will not move your User Data out of that chosen region without your approval . This means if you are an EU customer choosing an EU data center, your data remains within the EU to satisfy GDPR data residency preferences.

In some cases, certain Account Information (like contact info) or Metadata might be accessed by our personnel or subprocessors outside of your region (for example, our support team may operate in the US or Canada even if you are an EU customer). When we transfer personal data across borders, we take steps to ensure compliance with applicable data transfer laws. For transfers from the European Economic Area (EEA) or UK to countries not deemed to have adequate privacy laws (such as the United States), we rely on approved mechanisms such as the European Commission’s Standard Contractual Clauses (SCCs) or other safeguards to ensure your data receives equivalent protection. Similarly, for Canadian or Australian data, we ensure any international processors will uphold privacy protections as required by PIPEDA or the Australian Privacy Principles.

Our goal is to handle your information in accordance with the strictest applicable standard, no matter where it is processed. By using ClicData, you understand that your personal data may be transferred to our facilities and those of our service providers (who may be located in various countries), but always with adequate safeguards in place.

8. Compliance with Privacy Laws and Your Privacy Rights

We operate in compliance with major privacy regulations around the world, including the EU/UK General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA), and Australia’s Privacy Act 1988, among others . In practical terms, this means we provide transparency, security, and rights to individuals as required by these laws. Below, we outline your key rights and choices regarding personal data, and how you can exercise them.

Rights of Individuals: Depending on your jurisdiction and the applicable law, you may have some or all of the following rights regarding the personal data we hold about you:

• Right to Access: You have the right to request a copy of the personal information we hold about you and to obtain information about how we process it. For example, a European user can ask us for confirmation of whether we’re processing their personal data and receive a copy of that data (commonly known as a Subject Access Request).
• Right to Rectification: If any of your personal information is inaccurate or incomplete, you have the right to ask us to correct or update it. For instance, if your contact email or billing address has changed, you can update it in your account settings or ask us to correct our records.
• Right to Deletion (Right to Erasure): You can request that we delete your personal data. We will honor deletion requests to the extent required by applicable law. For example, if you discontinue the service, you can ask us to delete the personal data associated with your account. Note that we may need to retain certain information for legal reasons (as explained in Data Retention above), but we will inform you if that is the case. California residents have a similar right to request deletion of personal information, subject to certain exceptions.
• Right to Restrict or Object to Processing: Where provided by law, you may request that we restrict the processing of your personal data or object to certain processing activities. For example, under GDPR you can object to our processing of your data for direct marketing or on grounds relating to your particular situation if the processing is based on our legitimate interests. If you are in California, you have the right to opt-out of any “sale” or “sharing” of your personal information – however, ClicData does not sell personal data to third parties, and we only share data in limited ways as described in this Policy, so this is generally not applicable aside from standard cookie/advertising settings on our website.
• Right to Data Portability: For data you provided to us and which we process by automated means on the basis of consent or contract, you have the right to receive it in a structured, commonly used, machine-readable format, and/or to request we transmit it to another service provider if technically feasible. In practical terms, much of your data in ClicData (like data you uploaded) you can export yourself at any time. For personal account data, you can ask for a copy as well.
• Right to Withdraw Consent: If we rely on your consent to process any personal data (for example, if you explicitly consented to receive promotional emails or you entered sensitive personal data into our platform with consent), you have the right to withdraw that consent at any time. Withdrawing consent will not affect the lawfulness of processing that happened prior, and if you withdraw consent for a service that requires it, we might not be able to provide that service (for instance, if you withdraw consent to process personal data contained in User Data, we might need to inform you that we can no longer host that data without a proper lawful basis). We will make this clear and will find a solution with you in compliance with law.
• Right to Non-Discrimination: If you exercise any of your rights under privacy laws (such as CCPA/CPRA in California), we will not discriminate against you. This means we won’t deny you the service or provide a different quality of service just because you exercised your privacy rights.

These rights may have certain limitations or exceptions under applicable law. For instance, we might not delete information that we are required to keep by law, or we might decline a request if it jeopardizes the privacy of others or is extremely impractical. However, we are committed to honoring the spirit of these rights and will respond to your requests promptly and transparently.

Exercising Your Rights: To exercise any of these rights, please contact us (see Contact Us below). For security, we will likely need to verify your identity (for example, by confirming you have access to the email associated with your account or by asking for details about your account) before processing your request. We do not charge a fee for these requests except in rare cases where allowed by law (e.g., if a request is manifestly unfounded or excessive, we might charge a reasonable fee or refuse it, but we will explain why).

If you are an end user of ClicData through a business or organization (i.e., your employer uses ClicData and you have a user account under their subscription), please direct any privacy inquiries to your organization first. They may have control over the data (as the “data controller”) and we act as a processor on their behalf. We can assist them in fulfilling your request as needed.

9. Customer as Data Controller & Data Processing Agreement (DPA)

When you use ClicData to store or process personal identifiable information (PII) about individuals (for example, you upload a dataset that contains personal data of your customers or employees), privacy laws consider you to be the “Data Controller” for that personal data, and ClicData is your “Data Processor.” In other words, you determine the purpose and means of processing that personal data, and we simply process it on your instructions as part of providing the service.

To comply with regulations like GDPR (and similar laws in other jurisdictions), and to ensure proper handling of such data, you are required to have a Data Processing Agreement (DPA) in place with ClicData. The DPA is a contract that outlines each party’s obligations for protecting personal data. It confirms, for instance, that we will only process the personal data you upload to our platform according to your instructions and applicable law, will implement appropriate security measures, assist you in responding to data subject requests, and will notify you in the event of a data breach, among other things . It also formalizes that you, as the controller, are responsible for the lawfulness of the data collection and for honoring individuals’ rights, while ClicData, as the processor, is responsible for following your processing instructions and securing the data.

By using our platform to process PII, you acknowledge and agree that you need a DPA with us. We offer a standard DPA covering GDPR and other privacy regulations . If your organization has not already signed a DPA with ClicData, please contact us at compliance@clicdata.com to arrange it. In many cases, our Terms of Service and this Privacy Policy incorporate core aspects of a DPA, but signing a separate DPA is recommended (and may be required under certain laws or corporate policies) when sensitive personal data is involved.

If you are processing personal data of EU/EEA individuals, the DPA will include Standard Contractual Clauses (SCCs) as needed for international transfers. If you are in Canada, the DPA will reflect PIPEDA requirements. For California, it will reflect CCPA’s service provider provisions. Essentially, the DPA aligns our relationship with all relevant laws.

Importantly, if you plan to use ClicData for special categories of personal data (such as health information, which might make us a HIPAA Business Associate, or other sensitive data like financial account info, etc.), please inform us so we can ensure compliance (e.g., executing a Business Associate Agreement for HIPAA as noted in our Trust Center). We are willing and able to support high standards of data protection for such data, but it’s crucial that the proper agreements are in place.

In summary, you are the owner/controller of the data you bring to ClicData, and we act as a steward/processor. We are committed to helping you meet your privacy compliance needs. Our platform is built with compliance in mind (we are GDPR, CCPA, and HIPAA compliant, and ISO 27001 & SOC 2 certified ), but you must ensure you use it in a compliant manner and have the necessary agreements (like a DPA) if you handle personal data on it.

10. Changes to this Privacy Policy

We may update this Platform Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or for other operational reasons. When we make changes, we will update the “Effective Date” at the top of the policy. If we make material changes (for example, if we change how we use personal data in a way that you might not expect under the current policy), we will provide a prominent notice to you. This might be via an email to the address on your account, a notification within the ClicData application, or an announcement on our website. We encourage you to review this Policy periodically for any updates.

Your continued use of the ClicData platform after an update signifies your acceptance of the revised Policy. If you do not agree to any changes, you should stop using the service and you may contact us to have your account and data deleted. We will not make retroactive privacy changes that materially reduce your rights without obtaining your consent.

11. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us:

Email: compliance@clicdata.com
Mail: ClicData SAS, 5 rue du Palais Rihour, 59800 Lille, France

If your inquiry is related specifically to Data Processing Agreements (DPA) or data protection matters under GDPR, CCPA, or similar regulations, you may contact our Data Protection Officer directly:

Benjamin Duminy
Data Protection Officer (DPO)
benjamin.duminy@clicdata.com

We are here to help with DPA execution, data subject requests, or any questions about how your data is handled on the ClicData Platform.

12. Complaints and Dispute Resolution

We welcome the opportunity to address any privacy-related issues directly. If you have a complaint about how we have handled your personal data, please contact us at compliance@clicdata.com first, and we will do our best to resolve the issue. Our privacy team will investigate and respond to any complaints or disputes in a timely manner .

If you are not satisfied with our response, or you believe we are violating applicable data protection laws, you have the right to lodge a complaint with the supervisory authority or regulator in your jurisdiction. Below are examples of the relevant authorities you may contact:

• European Union (EU): You can contact your local Data Protection Authority. For example, in France (where ClicData SAS is registered) the authority is the CNIL; in Germany, your state’s DPA; in other EU countries, the appropriate supervisory authority. A list of DPAs is available online for the EEA.
• United Kingdom: The Information Commissioner’s Office (ICO) is the UK’s supervisory authority for data protection (website: ico.org.uk).
• Canada: The Office of the Privacy Commissioner of Canada (OPC) oversees PIPEDA compliance (website: priv.gc.ca). If your concern deals with provincial privacy laws, you might contact the relevant provincial commissioner (e.g., in Quebec, Alberta, BC, etc.).
• United States: If you are a U.S. user and have a privacy concern, you may reach out to your state’s Attorney General’s office or, for California residents, the California Privacy Protection Agency (which enforces the CCPA/CPRA). You can also contact the Federal Trade Commission (FTC) which accepts complaints about unfair or deceptive business practices (though the FTC does not resolve individual complaints, your report can trigger investigations).
• Australia: The Office of the Australian Information Commissioner (OAIC) handles complaints under the Privacy Act (website: oaic.gov.au).

Lodging a complaint with an authority will not affect any other rights or remedies you have. We do, however, encourage you to allow us to address your concerns first, as we are confident we can resolve most issues to your satisfaction.

Thank you for trusting ClicData with your data. We are dedicated to upholding that trust by safeguarding your information and being transparent about our practices. If you have any questions about this Policy, please feel free to reach out to us. Your privacy is of utmost importance to us, and we will continue working hard to protect it.