Privacy Policy

Last updated: June 2026

ClaroArc ("ClaroArc," "we," "us," or "our") provides an AI-powered building intelligence platform that helps commercial buildings optimize energy use, operations, and occupant comfort. This Privacy Policy explains what data we collect, how we use it, and the choices available to you.

This policy is intended to align with India's Digital Personal Data Protection Act, 2023 (DPDP Act) and applicable Rules.

Who This Policy Applies To

This policy applies to:

  • Visitors to claroarc.com
  • Prospective and current clients evaluating or using the ClaroArc platform
  • Authorized users of the ClaroArc dashboard (facility managers, building owners, and their teams)

It does not apply to building occupants whose personal data is not collected by ClaroArc (see Section 2).

What Data We Collect

Operational building data

ClaroArc's core platform reads and processes operational data from connected building systems, including:

  • HVAC system signals and setpoints
  • Energy meter and consumption readings
  • Occupancy sensor counts (aggregate, not individual identity)
  • Indoor air quality and environmental sensor data
  • Building Management System (BMS) data points

This data does not identify individual people and is not personal data under the DPDP Act.

Business contact data

When you or your organization engages with ClaroArc, for example by booking a demo, signing up for a pilot, or being added as a platform user, we may collect:

  • Name and business email address
  • Phone number (if provided)
  • Job title and organization name
  • Building or portfolio details relevant to the engagement

Website usage data

When you visit claroarc.com, we may collect standard usage data such as pages viewed, referring pages, and approximate location derived from IP address, for the purpose of improving our website and communications.

What We Don't Collect

ClaroArc does not collect, store, or process personal data of building occupants (employees, tenants, or visitors of a client's building) as part of the core platform. We do not track individual identities, and our occupancy data is aggregate by design.

How We Use Data

We use the data described above to:

  • Provide and operate the ClaroArc platform for your building(s)
  • Generate energy, operations, and comfort insights and recommendations
  • Communicate with you about your account, pilot, or service
  • Improve our product and respond to support requests
  • Meet legal, regulatory, and contractual obligations

Operational building data collected from your building is used exclusively to optimize that building. It is not used to train models for, or shared with, other ClaroArc customers.

Our Role Under the DPDP Act

In relation to operational building data, ClaroArc acts as a Data Processor, processing data on behalf of the building owner or operator (the Data Fiduciary) under the terms of our service agreement.

In relation to business contact data collected directly from you (such as demo requests), ClaroArc acts as the Data Fiduciary and is responsible for that data in accordance with this policy and applicable law.

A Data Processing Agreement (DPA) is available on request and is provided as standard alongside pilot and service agreements.

Data Sharing

We do not sell, rent, or trade personal data or business contact data to third parties.

We may share data with:

  • Cloud infrastructure providers who host our platform, under appropriate confidentiality and security obligations
  • Service providers who support our operations (for example, email or scheduling tools), limited to what is necessary for that service
  • Authorities, where required by law

Data Security

We apply technical and organizational measures to protect data, including encryption in transit and at rest, role-based access control, and non-invasive integration that does not require root-level access to your building systems.

Full detail is available on our Security & Trust page →

Data Retention

We retain operational building data for the duration of your service agreement and for a reasonable period afterward to support reporting, transition, or legal obligations, after which it is deleted or anonymized.

We retain business contact data only as long as necessary for the purpose it was collected, or as required by law.

Your Rights

If applicable law gives you rights over your personal data (such as the right to access, correct, or request erasure of your business contact data), you can exercise these by contacting us at the email below. We aim to respond to all requests within the timeframes required by applicable law.

Contact Us

For any questions about this Privacy Policy or how we handle data, contact us at:

Changes to This Policy

We may update this Privacy Policy from time to time as our platform, practices, or applicable law evolve. We will update the "Last updated" date above when changes are made.

Questions about this policy? Email hello@claroarc.com or visit our Security & Trust page.