Privacy Policy

ClariVex Solution is an outsourced accounting and finance firm delivering services to clients in the United States, United Kingdom, Australia, and Canada. This Privacy Policy explains how we collect, use, share, and protect personal data. We are committed to handling all information responsibly and in compliance with applicable privacy laws.

We collect contact enquiry data (name, email, phone, company, service interest, and message). Session cookies are used for admin authentication only. IP addresses are used transiently for rate limiting and are not stored permanently. We use no tracking cookies, no advertising pixels, and no third-party behavioural analytics.

We use data to respond to service enquiries, to deliver contracted accounting and finance services, to send compliance updates where explicit consent is provided, and to fulfil legal and regulatory obligations.

For UK and EU data subjects: Article 6(1)(b) contractual necessity for service delivery; Article 6(1)(c) legal obligation for regulatory compliance; Article 6(1)(a) consent for marketing. For AU clients: Privacy Act 1988. For CA clients: PIPEDA. For US clients: applicable state laws including CCPA — we do not sell personal data.

Enquiry data is retained for 2 years. Client financial records are retained for 7 years to satisfy HMRC, ATO, CRA, and IRS statutory requirements. Admin session data is deleted immediately on logout. No third-party analytics data is retained as we do not use such services.

We apply TLS 1.2+ encryption in transit and encryption at rest via Neon PostgreSQL. All staff and contractors are bound by NDAs. Admin access uses bcrypt password hashing. Quarterly access reviews and annual security assessments are conducted.

We share data only with the following processors under data processing agreements: Resend (email delivery — EU-US Standard Contractual Clauses in place); Cloudinary (image hosting — SOC 2 Type II); Neon (database hosting — GDPR compliant, EU data residency available); Vercel (hosting — SOC 2 Type II, DPA available). We do not use advertising networks or data brokers.

Data may be processed in the EU and the United States. All international transfers are protected by Standard Contractual Clauses or equivalent adequacy mechanisms as required by applicable law.

UK/EU data subjects have rights to access, rectification, erasure, restriction, portability, and objection, and may lodge a complaint with the ICO at ico.org.uk. AU clients have access and correction rights under the Privacy Act 1988, with complaints to the OAIC. CA clients have rights to access, correction, and withdrawal of consent under PIPEDA. California residents have rights under CCPA to know, delete, and opt out of sale — we do not sell data.

We use session cookies only for admin authentication (httpOnly, sameSite=strict). No tracking cookies are used. No cookie consent banner is required as no user tracking occurs. You may disable cookies in your browser without affecting public-facing site functionality.

Our services are designed exclusively for businesses and adults. We do not knowingly collect personal information from individuals under 18 years of age.

We may update this Privacy Policy periodically. Material changes will be communicated by email at least 30 days in advance. Continued use of our services after the notice period constitutes acceptance. The current version is always available at clarivex.net/privacy. Current version: March 1, 2026.

Email: privacy@clarivex.net. Address: ClariVex Solution, 421 Shivalik Shilp, Iscon Cross Road, S.G. Highway, Ahmedabad 380058, India. For UK data subjects, ICO registration is in progress.