Worldwide losses to online scams & cybercrime:$ -Protect yourself & your family now
Clicxsafe
Sign inGet Protected

Privacy Policy

Last updated: May 15, 2026 · Version 2026-05-15

Clicxsafe ("we", "us") respects your privacy. This Privacy Policy explains, in plain language, what data we collect, why we collect it, how we protect it, and the rights you have over it. It is aligned with the EU General Data Protection Regulation (GDPR) and similar privacy laws.

1. Data controller

Clicxsafe S.L. (legal entity, update with registered name), registered at Calle Example 123, 28001 Madrid, Spain (update with registered office), is the data controller for personal data processed through the Service. You can reach our privacy team at privacy@clicxsafe.com.

2. What we collect

Account data

  • Email, full name, phone number, password (hashed), country and language preference.

Subscription & billing data

  • Plan, status, renewal date, billing country.
  • Payment metadata returned by our PCI-DSS compliant payment processor, e.g. card brand, last 4 digits, expiry. We never store your full card number.

Security & device-analysis data

  • Items you submit to our tools, for example a URL you scan, an email you check for breaches, an AI Advisor question, or a QR code image.
  • Risk results, scores, and recommendations generated by the tools.
  • Approximate IP-derived country, browser and device type used to access the Service (for security and fraud prevention).

Audit & operational data

  • Logs of administrative actions, consent acceptance, and security-relevant events.

3. Why we use it (legal bases)

  • Performance of contract, to deliver the Service you've subscribed to.
  • Legitimate interests, fraud prevention, security monitoring, and product improvement.
  • Legal obligation, accounting, tax, anti-fraud and consumer-law compliance.
  • Consent, optional cookies, marketing emails, and other clearly-opted-in features. You can withdraw consent at any time.

4. Admin access & masking

Customer support and operations are role-based. Most personal data is masked by default in admin tools: emails, phone numbers, names, support subjects and card numbers are partially hidden. Only a small set of super-admin users may unmask specific records, and every such action is recorded in an immutable audit log.

5. Cookies & analytics

We use a small number of essential cookies (login session, security) and, with your consent, lightweight analytics to understand how the Service is used. See the Cookie Policyfor details. You can change your choice any time from Account → Privacy & consent.

6. Third-party processors

We share the minimum data needed with vetted processors that are contractually bound to GDPR-grade safeguards. Categories include:

  • Cloud hosting & database (EU/EEA region).
  • Payment processors (Stripe / Corefy / Akurateco / VikingPay placeholders).
  • Email delivery for transactional notifications.
  • AI model providers, used only to power the AI Advisor responses.

We do not sell your personal data and we do not use it to train third-party AI models.

7. International transfers

Where data leaves the EEA we rely on Standard Contractual Clauses or equivalent safeguards approved by the European Commission.

8. Retention

  • Account data: while your account is active, plus up to 24 months after closure for fraud prevention and dispute handling.
  • Billing & tax records: up to 10 years where required by law.
  • Security tool logs (scans, breach checks, AI conversations): up to 12 months unless you delete them earlier.
  • Audit logs: up to 24 months.

9. Your rights

  • Access, rectify or erase your personal data.
  • Export your data in a portable format ("Download my data").
  • Restrict or object to certain processing.
  • Withdraw consent for cookies or marketing at any time.
  • Lodge a complaint with your local data protection authority.

You can exercise most of these rights directly from Dashboard → Billing & Account → Privacy controls, or by emailing privacy@clicxsafe.com.

10. Security

We use TLS 1.3 in transit, encryption at rest, role-based access control, audit logging, and least-privilege database policies (RLS). See the Security & Trust page for more.

11. Children

The Service is not intended for users under 18.

12. Changes to this Policy

We will notify you of material changes by email or in-product before they take effect. The "Last updated" date reflects the current version.

13. Contact

Privacy questions: privacy@clicxsafe.com. General support: support@clicxsafe.com.