Last updated · January 2026. We process the minimum data needed and we never train shared models on your data without explicit consent.
Account data (name, email, role), usage telemetry (events, latency, costs), and Customer Data you submit through the Services (invoices, vendor records, transactional metadata).
To operate the Services, to provide support, to bill, and — only with your explicit opt-in — to improve shared models. Per-customer fine-tunes always remain isolated to your tenant.
A complete, versioned list is published in the trust center. Material changes get 30 days’ advance notice.
US, EU, UK, and AU residency available. Enterprise customers may deploy to their own VPC.
Operational data is retained for the duration of your subscription plus 90 days. Audit logs retained 7 years on Enterprise.
Access, rectification, deletion, portability, and objection are supported through your dashboard and via privacy@closora.com.
EU Standard Contractual Clauses and the UK IDTA are incorporated into the DPA.
Privacy questions: privacy@closora.com. EU representative on file.