CleverControl 隐私政策
CleverControl LLC ("CleverControl", "we", "us") provides business-to-business employee monitoring and related cloud services as well as the website available at clevercontrol.com (the "Site").
Contact details:
CleverControl LLC
2234 North Federal Hwy #2017, Boca Raton, FL 33431, USA.
电话。 +1 (407) 250-10-40
Email: support [at] clevercontrol.com
Effective date: October 17, 2025
1. 范围及如何阅读本通知
我们提供两种类型的信息,以帮助您了解我们的隐私惯例。此结构旨在明确 CleverControl 何时充当控制者,何时充当处理者:
- 网站隐私声明(本文件第 2-10 节) — 涵盖在网站上收集的个人数据(例如,cookies/分析、联系表格、支持请求、营销和销售通讯)。
- 产品和服务隐私声明(第 11-15 条) — 涵盖我们的商业客户使用 CleverControl 软件/代理和云服务时处理的个人数据。
我们出于自身目的处理个人数据的情况(例如,网站分析、销售/营销) CleverControl 是一个控制器。
关键定义
- 顾客 — 在我们这里拥有账户以使用我们的服务或对 CleverControl 或我们的服务(直接或通过合作伙伴)表示兴趣的组织或个人。
- Website Visitor — 访问或使用我们的网站或链接至本通知的其他网站的人士。
- 最终用户 — individuals authorized by a Customer to access or use the Services and/or whose device hosts a CleverControl agent (e.g., employees, consultants, contractors). End Users should consult the Customer's privacy policy for how the Customer, as controller, processes their information.
When a business customer uses our services to monitor its workforce, the customer is the controller, and CleverControl acts as a processor under the customer's instructions and our data processing standards.
2. 我们在网站上收集的个人数据
您提供的信息 — 联系方式(姓名、工作邮箱、电话)、公司和职位、消息内容、支持请求、账户/门户凭证、订单号、通过我们的结账流程提交的账单信息(由符合 PCI 标准的支付服务提供商处理)以及偏好设置。我们不会在我们的系统中存储完整的支付卡数据。
来自您的设备的信息 — 在线标识符,例如 IP 地址、cookie ID、设备/浏览器信息、查看的页面、引用/退出页面、会话持续时间以及与表单或下载的交互。
来自第三方的信息 — 来自合作伙伴和提供商(例如渠道合作伙伴、分析和广告平台、CRM 丰富、支付和履行合作伙伴)的有限业务联系/丰富数据,以帮助我们满足请求和运营网站。
3. 我们如何使用网站数据(目的)
我们使用网站数据来:
- 运营网站并提供所需信息;
- 创建和管理帐户、试用和订单;
- 提供销售/营销沟通(包括活动、演示和调查);
- 提供客户支持;
- 分析和改进网站和服务;
- 检测、预防和调查安全事件、滥用和欺诈;
- 遵守法律并行使合法权利;
- 管理招聘流程。
Marketing and Service Communications
With your consent or where permitted by law, CleverControl LLC may send you service notifications, product updates, special offers, event information, and other business communications by email, SMS, WhatsApp, or other messaging channels.
You may opt out of marketing communications at any time by following the unsubscribe instructions in the message or by contacting us at support [at] clevercontrol.com with the subject line "Unsubscribe from notifications".
Please note that we may still send necessary service, transactional, security, or account-related messages where permitted by law.
4. 法律依据(欧洲经济区/英国)
当适用法律(例如 GDPR/UK GDPR)需要法律依据时,我们依赖:
| 网站运营、账户、报价、试用、订单、支持 | 履行合同或签订合同前的步骤;经营我们业务的合法利益 |
| 安全/欺诈、服务完整性和日志记录 | 合法权益;适用时的法律义务 |
| 向潜在客户和客户发送营销电子邮件 | 同意(或合法利益/允许的软选择加入)并选择退出 |
| 欧洲经济区/英国的分析/广告 Cookie | 通过我们的 Cookie 横幅/CMP 表示同意 |
| 招聘 | 同意;合法权益;法律义务(记录保存) |
5. Cookie、类似技术和信号
We use cookies and similar technologies to run the Site and measure performance. Non-essential cookies (e.g., analytics/advertising) in the EEA/UK only run with your consent via our cookie banner/consent management platform (CMP). You can change your preferences at any time using the "Cookie settings" link on the Site.
全球隐私控制 (GPC)。根据美国各州适用法律的要求,我们会尊重浏览器级别的 GPC 信号,以选择退出个人数据的出售/共享或定向广告。
您的选择。您可以将浏览器设置为阻止 Cookie 或在设置 Cookie 时提醒您;如果没有必要的 Cookie,某些网站功能可能无法运行。
6. 网站数据披露
我们不会出售您的个人数据。我们会将网站数据披露给:
- 代表我们行事的服务提供商(托管、分析/测量、安全、客户关系管理、通信、订单和付款处理、客户支持、专业顾问)。这些提供商受合同约束,必须保护您的数据,并仅将其用于我们的指示。
- 广告/重定向合作伙伴(针对同意此类 cookie 的网站访问者)来投放和衡量我们的广告并防止广告欺诈。
- 渠道合作伙伴/经销商响应您对本地采购和支持的请求。
- 公司交易(例如合并、收购)须受到适当的保障。
- 法律合规性和安全性,我们认为披露是法律要求或允许的(例如,当局的合法要求、执行条款、保护权利、安全或保障)。
7. 国际数据传输
对于 EEA/UK 个人数据,如果向第三国的转移缺乏充分性决定,我们会使用适当的保护措施(例如,欧盟标准合同条款和英国 IDTA/附录)并进行转移风险评估。
8. 保留
We retain Site personal data for as long as necessary for the purposes above and as required by law. Typical periods include: marketing leads and analytics records up to 24 months from last interaction; support requests up to 24 months after closure; server security logs ~90 days; cookie data per tool's documented lifetimes. Where we rely on consent, we retain records of consent and preferences as required by law.
9. 您的权利
Subject to applicable law, you may have the right to request access, correction, deletion, restriction, portability, or to object to certain processing. Where consent is the basis, you may withdraw it at any time (this does not affect processing prior to withdrawal). You may exercise rights by emailing privacy [at] clevercontrol.com. We may need to verify your identity and will respond within the timeframes required by law.
10. 美国州隐私声明(网站访问者)
Depending on your state of residence and our thresholds, you may have rights under laws such as those of California, Colorado, Connecticut, Virginia, Utah, Texas, Oregon, Delaware, and others. These may include the right to know/access, delete, correct, portability, and to opt-out of sale, sharing, or targeted advertising. We do not use sensitive personal data for inferring characteristics.
- How to exercise rights: submit a request to privacy [at] clevercontrol.com. If we deny your request, you may appeal by replying to our decision email. If you remain unsatisfied, you may contact your state Attorney General.
- Authorized agents (CA/others): If you submit a request via an authorized agent, we may require proof of authorization (e.g., power of attorney or signed permission) and may ask you to verify your identity directly with us.
- Opt-out of sale/share/targeted ads: use our cookie preferences and, where supported, GPC signals.
- Verification & response time: We verify requests using reasonable methods and respond within 45 days (we may extend by an additional 45 days where permitted and will tell you why).
- We will not discriminate against you for exercising your rights.
11. Product & Services Privacy Notice (Customer Monitoring Data)
Role of the parties. For personal data monitored about employees, contractors, or other users of devices/accounts monitored by our customers, the customer is the controller (or business) and CleverControl is the processor (or service provider).
Categories of data processed (as configured by the customer): user identifiers, device identifiers, timestamps, application and website activity, URLs and titles, productivity categorizations, keystroke metadata or content (if explicitly enabled), screenshots/screen recordings (if enabled), webcam and/or audio recordings (if explicitly enabled and lawful), voice/call recordings (if explicitly enabled and lawful), email/log data, IP and approximate location, and administrative logs. Exact categories depend on product tier and customer configuration. We may also process de-identified and/or aggregated data derived from Customer data for analytics, benchmarking, and service improvement. We will not attempt to re-identify de-identified data except as permitted by law and to assess de-identification effectiveness.
End User data and marketing. We do not sell End User data or use it for targeted advertising.
Prohibited uses. Our services must not be used for covert or unlawful surveillance, monitoring of personal devices without authorization, intimate-partner or domestic surveillance, or any use without the notices, consents, or legal authorizations required by applicable law. We may suspend or terminate accounts, restrict access, and refuse support for suspected covert, unauthorized, or unlawful monitoring.
Customer responsibilities. Customers are solely responsible for:
- providing legally required worker notices and obtaining consents where applicable (e.g., prior electronic-monitoring notices in certain U.S. states);
- configuring monitoring to be necessary and proportionate for legitimate business purposes;
- performing data protection impact assessments where required;
- honoring workers' rights requests directed to them;
- setting and enforcing internal retention, access, and use policies.
Retention & deletion. Customer monitoring data is retained according to our agreement. Upon contract end or at the customer's instruction, we delete personal data within agreed timelines. Deleted data cannot be restored.
Security. We implement appropriate technical and organizational measures, including encryption in transit and at rest; access controls and least-privilege; SSO/MFA options; audit logging; vulnerability management and penetration testing; secure development practices; and vendor security reviews. We notify customers without undue delay after becoming aware of a data breach affecting customer data.
Service providers (sub-processors). We use vetted service providers to deliver our services (infrastructure, storage, analytics, communications, support). We provide notice to customers of material changes to service providers.
International transfers. When we transfer customer personal data internationally, we do so under the safeguards described in Section 7.
Law enforcement and governmental requests. For customer data, we require a valid legal process and will redirect requests to the customer where feasible. We will notify the customer unless legally prohibited and will seek to narrow the scope of any request. We may publish high-level transparency statistics.
Employee/End-user inquiries. Individuals monitored by a customer should contact that customer (the controller/business) to exercise their privacy rights. Where we receive an inquiry directly, we will notify the relevant customer and assist.
12. Children
Our Site and services are intended for business use by adults. We do not knowingly collect personal data from children under 13 (or under 16 in the EEA/UK) on the Site. Customers must not use our services to monitor minors' personal devices without a lawful basis and required notices/consents.
13. Links and Third Parties
The Site may link to third-party websites, apps, or services. Their privacy practices are governed by their own notices. We encourage you to review them before providing personal data.
14. Changes to This Notice
We may update this Notice from time to time. We will post the updated version with a new effective date and, if changes materially affect how we use or disclose personal data, we will provide additional notice as required.
15. How to Contact Us
For privacy questions, requests, or complaints, contact privacy [at] clevercontrol.com or write to: CleverControl LLC, 2234 North Federal Hwy #2017, Boca Raton, FL 33431, USA. If you are in the EEA/UK and we are required to appoint a representative or Data Protection Officer, their contact details will be published here.
