Privacy Policy

Last updated: April 28, 2026

1. Who we are

Clement is operated by Julian Schoen (Einzelunternehmer), Rudolf-Carsten-Str. 29, 23611 Bad Schwartau, Germany ("Clement", "we", "us"). For privacy questions, contact privacy@clement.so.

USt-IdNr.: DE341423078

2. What we collect

When you use Clement, we collect:

  • Account data — your email, name, profile photo (from Google sign-in), and the workspace you create.
  • Billing data — handled by Stripe; we store only customer IDs and subscription status.
  • Connected inbox credentials — OAuth tokens (Gmail, Outlook) or SMTP/IMAP passwords for the inboxes you connect, encrypted at rest with envelope encryption (XSalsa20-Poly1305) before being written to our database.
  • Lead and campaign data — recipient email addresses, attributes, and message content that you upload or compose.
  • Usage data — pages visited, actions taken, error logs, and aggregated performance metrics.
  • Tracking events — opens and clicks for emails sent via Clement (you control whether tracking is on per campaign).

3. Why we collect it

We process your data to:

  • Provide the Clement service (lawful basis: contract performance, GDPR Art. 6(1)(b));
  • Bill you (lawful basis: contract performance);
  • Improve the product, debug issues, and prevent abuse (legitimate interest, Art. 6(1)(f));
  • Comply with legal obligations (Art. 6(1)(c)).

4. Google API data — Limited Use

Clement's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

In particular, when you connect a Gmail inbox to Clement:

  • We only use Gmail data to provide and improve Clement's user-facing features (sending campaigns, detecting replies and bounces, deliverability monitoring).
  • We do not transfer Gmail data to any third party except as necessary to provide the service, comply with applicable law, or as part of a merger or acquisition with appropriate notice.
  • We do not use Gmail data to serve advertisements.
  • We do not allow humans to read Gmail data unless we have your explicit consent, it is necessary for security (e.g., investigating abuse), or it is required by law.

5. Sub-processors

We use the following service providers to operate Clement. They process data on our behalf under data processing agreements:

  • Hetzner Online GmbH (Germany) — server hosting and database storage.
  • Cloudflare, Inc. (USA / global) — DNS, edge network, DDoS protection.
  • Stripe Payments Europe Ltd. (Ireland) — payment processing and invoicing.
  • Google LLC (USA) — Gmail API for sending and receiving on inboxes you've connected; Google Sign-In for authentication.
  • Microsoft Corporation (USA / Ireland) — Microsoft Graph API for Outlook inboxes (when supported).
  • Sentry (USA) — error monitoring.

Where data is transferred outside the EEA, we rely on Standard Contractual Clauses and additional safeguards as required by GDPR.

6. Where data lives

Primary storage is Hetzner's Falkenstein, Germany data centre. Backups are stored encrypted on Hetzner Storage Box (Germany). Some sub-processors (Cloudflare, Stripe, Google, Microsoft, Sentry) may process data in the USA or globally as described above.

7. How long we keep it

  • Account data — for as long as your workspace exists, plus 30 days after deletion.
  • Billing records — 10 years (German tax law).
  • Inbox credentials — until you disconnect the inbox or delete the workspace.
  • Lead, campaign, and message data — until you delete it or your workspace.
  • System logs — 30 days.
  • Tracking events — 12 months, then aggregated.

8. Your rights (GDPR)

You have the right to:

  • Access the personal data we hold about you (Art. 15);
  • Correct inaccurate data (Art. 16);
  • Request deletion (Art. 17);
  • Restrict processing (Art. 18);
  • Receive your data in a portable format (Art. 20);
  • Object to processing (Art. 21);
  • Lodge a complaint with a supervisory authority.

To exercise any of these, email privacy@clement.so. We respond within 30 days.

9. Customer data and DPA

When you upload lead lists or send campaigns through Clement, you are the data controller and Clement is the data processor for that information. A Data Processing Agreement is available at privacy@clement.so.

10. Cookies

We use a strictly necessary session cookie for authentication and minimal product analytics (Amplitude, Microsoft Clarity). No advertising cookies. No third-party retargeting.

11. Changes to this policy

When we make material changes, we'll notify active customers by email and post an updated version here with a new "last updated" date.