Privacy Policy
Clyro builds agent reliability infrastructure: runtime governance for AI agents. This policy explains exactly what we collect on this website, why, and what we do with it.
We wrote this to be readable, not to bury things in legal language. If something isn't clear, email us.
What We Collect
Information You Provide
When you submit the contact form ("Get started"), we collect:
- Email address - so we can follow up about your request.
- Framework preference - which AI framework you use (LangGraph, CrewAI, Claude MCP, AutoGen, or Custom/Other). This helps us prioritise which integrations to build.
We do not collect your name, company, phone number, or payment information on this website.
Information Collected Automatically
When you submit the contact form, we also record context that helps us understand how people find Clyro:
- Marketing attribution - UTM parameters from the link you arrived through, ad click identifiers (Google
gclid, Metafbclid, Microsoftmsclkid) if present, the referring website, and which button you used to open the form. This tells us which campaigns and channels bring people to Clyro. - Approximate country - derived from your IP address at the moment you submit the form. Your IP address itself is never stored - only the two-letter country code is kept.
- Page URL - the page you submitted the form from.
So we can attribute a form you later submit, the site stores these values first-party in your browser's localStorage for up to 90 days - we keep the first campaign you arrived through (first-touch) and also record your most recent one (last-touch). This is not shared with other sites, is never sent anywhere until you submit a form, and you can remove it any time by clearing this site's data.
Session analytics - only with your consent. If you accept cookies via our consent banner, we load Microsoft Clarity, which records anonymised session replays and heatmaps (clicks, scrolls, where people drop off) so we can improve the site. Clarity masks text input fields by default, so what you type is not visible in recordings. If you decline, Clarity never loads. When you submit a form, we may also pass Clarity the campaign you arrived from and a one-way hashed version of your email - never the email itself - so we can connect a session replay to an enquiry; this only happens once Clarity is loaded, i.e. after you have consented. See "Cookies" below.
Information We Do Not Collect
- We do not use Google Analytics.
- We do not run a Facebook Pixel or similar advertising pixels.
- We do not sell, share, or trade your data with third parties for advertising.
- We do not build profiles for ad targeting or make automated decisions about you.
How We Use Your Information
| Data | Purpose | Legal Basis (GDPR) |
|---|---|---|
| Email address | Respond to your request and send Clyro product updates | Consent |
| Framework preference | Prioritise framework integrations; make our communications more relevant | Legitimate interest |
| Marketing attribution | Understand which campaigns and channels bring people to Clyro | Legitimate interest |
| Approximate country | Understand where interest in Clyro comes from | Legitimate interest |
| Session analytics (Microsoft Clarity) | See how people use the site so we can improve it | Consent |
We will never use your email for anything other than Clyro-related communications. No third-party promotions. No "partner offers." No spam.
Where Your Data Goes
When you submit the form, your data is stored in two places:
- Clyro's own database. The submission is recorded in our database, running on infrastructure we operate. This is the durable record of your enquiry.
- HubSpot. We forward the submission to HubSpot, our customer relationship management (CRM) system, so our team can follow up. HubSpot acts as a data processor on our behalf.
Third-Party Services
| Service | Purpose | Data They Receive | Their Privacy Policy |
|---|---|---|---|
| HubSpot | CRM - managing and following up on enquiries | Email, framework preference, attribution data | legal.hubspot.com/privacy-policy |
| Microsoft Clarity | Anonymised session replays and heatmaps - loads only after you accept cookies | Anonymised interaction data (no form contents) | privacy.microsoft.com |
The website itself is hosted on infrastructure operated by Clyro - it is not handed to a third-party site builder. We do not share your data with anyone other than the processors listed above.
International transfer: HubSpot and Microsoft Clarity process data on infrastructure that may be located in the United States. If you are in the European Economic Area or the UK, this means your data may be transferred outside your region. We rely on the safeguards those providers offer for such transfers.
Cookies
This website sets no non-essential cookies unless you choose to allow them.
- By default, the site sets no advertising or cross-site tracking cookies. It uses first-party
localStorage(not a cookie) to remember marketing attribution so it can be attached to a form you submit; it is retained up to 90 days and you can remove it by clearing this site's data. - Microsoft Clarity - only if you accept via the consent banner, Clarity loads and sets first-party cookies it uses to group your activity into a single anonymised session replay. If you decline, Clarity never loads and sets no cookies.
When you first visit, a consent banner asks whether to allow Clarity. Nothing non-essential loads until you choose. You can change your choice at any time using the Cookie Preferences link in the site footer.
Your Rights
You have full control over your data. Here's what you can do:
Unsubscribe from emails: Every email we send includes an unsubscribe link. One click. Immediate.
Request data deletion: Email [email protected]. We will erase your personal data from our database and from HubSpot, and confirm when it's done.
Access your data: Email [email protected] and we'll send you everything we hold about you.
Correct your data: If something is wrong, email us and we'll fix it.
Data portability: We can export your data in a standard format on request.
These rights apply regardless of where you're located. We don't check your jurisdiction before respecting your privacy.
GDPR Compliance
For visitors in the European Economic Area and the UK:
- Data minimisation: We collect only what we need. We store an approximate country, never your raw IP address.
- Right to erasure: See "Your Rights" above. On request, your personal data is removed from our database and from HubSpot.
- Storage limitation: See "Data Retention" below - personal data in our database is automatically anonymised after a fixed period.
- Processors: HubSpot processes data on our behalf under a data processing agreement.
- No profiling: We don't make automated decisions about you.
Data Retention
| Data | Retention Period |
|---|---|
| Email and other personal data (our database) | Automatically anonymised 365 days after submission, or sooner on request |
| Framework, attribution, and country (non-identifying) | Kept after anonymisation for aggregate analysis - this data no longer identifies you |
| Lead data in HubSpot | Per our HubSpot retention settings, or sooner on request |
"Anonymised" means the fields that could identify you (such as your email) are permanently erased from the row. What remains cannot be traced back to you.
Data Security
Your submission is stored in Clyro's own database, on infrastructure we operate, and is also held in HubSpot:
- All data is transmitted over encrypted connections (HTTPS).
- HubSpot is SOC 2 compliant and encrypts data at rest and in transit.
We use strong, unique passwords and two-factor authentication on all service accounts.
Children's Privacy
Clyro is a developer tool for building AI agent infrastructure. We do not knowingly collect data from anyone under 16. If you believe we have, email us and we'll delete it immediately.
Changes to This Policy
If we change this policy, we'll update the "Last updated" date at the top. For significant changes (new data collection, new third parties), we'll notify subscribers directly.
We won't retroactively change how we use data you've already provided without your consent.
Contact
Questions, requests, or concerns about your data:
Email: [email protected]
Company: Clyro
Website: clyro.dev
We aim to respond to all privacy requests within 7 days, and fulfil deletion requests within 14 days.