Future-Proof SSO Solutions for Every Project. Get Early Access—Join the Waitlist!
Future-Proof SSO Solutions for Every Project. Get Early Access—Join the Waitlist!

ClientCaptain Privacy Policy

Last updated: April 3, 2025

1. Introduction

ClientCaptain Inc. ("we," "us," or "our") provides Single Sign-On (SSO) and identity management services to businesses and developers. This Privacy Policy explains how we collect, use, disclose, and protect your information when you use our services, including our dashboard, APIs, and npm SDK.

By using ClientCaptain, you consent to the practices described in this policy.

2. Information We Collect

2.1 Information You Provide

When you register for or use ClientCaptain, we collect:

  • Account Information: Name, email, phone number, password, profile picture.
  • Authentication Data: Social login details (Google, GitHub, etc.), multi-factor authentication (MFA) methods.
  • User Metadata: Job title, company, preferences, and settings.
  • Billing Information: Payment details, invoices, transaction history (if applicable).
  • Support & Communication: Emails, chat logs, feedback, and survey responses.

2.2 Information Collected Automatically

  • Device & Browser Data: IP address, OS, browser type, device identifiers.
  • Usage Data: Logs of API calls, timestamps, feature usage, error reports.
  • Cookies & Tracking: We use cookies, localStorage, and sessionStorage for authentication, analytics, and security.

2.3 Information from Third Parties

We may receive data from:

  • Social Login Providers (Google, Facebook, Microsoft, etc.)
  • Security & Fraud Prevention Services (e.g., reCAPTCHA, Cloudflare)
  • Analytics & Monitoring Tools (e.g., Sentry, Datadog, Google Analytics)

3. How We Use Your Information

We use collected data to:

  • Provide & Improve Services: Authentication, user management, SSO, API functionality.
  • Security & Fraud Prevention: Detect abuse, enforce policies, prevent unauthorized access.
  • Analytics & Performance: Monitor usage, debug issues, optimize infrastructure.
  • Communication: Send service updates, security alerts, and support responses.
  • Legal Compliance: Meet regulatory requirements (GDPR, CCPA, etc.).

4. Data Sharing & Third Parties

We may share data with:

  • Service Providers: AWS, Google Cloud, Microsoft Azure (hosting), analytics tools, payment processors.
  • Business Partners: If you integrate ClientCaptain with third-party apps (e.g., Salesforce, Slack).
  • Legal Authorities: When required by law (e.g., subpoenas, court orders).
  • Corporate Transactions: Mergers, acquisitions, or asset sales.

We do not sell your personal data to advertisers.

5. Data Storage & International Transfers

  • Primary Locations: Canada & U.S. (AWS, Google Cloud, Render).
  • Cross-Border Transfers: Data may be processed globally but protected under GDPR Standard Contractual Clauses (SCCs) where applicable.

6. Security Measures

We implement:

  • Encryption: AES-256 for data at rest, TLS 1.2+ for data in transit.
  • Access Controls: Role-based permissions, audit logs.
  • Regular Audits: Penetration testing, vulnerability scanning.
  • Incident Response: 24/7 monitoring, breach notification procedures.

7. User Rights & Choices

Depending on your location, you may:

  • Access, Correct, or Delete your data via the dashboard.
  • Export your data (GDPR right to portability).
  • Opt out of marketing emails (unsubscribe link in emails).
  • Disable cookies via browser settings (may affect functionality).

To exercise these rights, contact us at legal@clientcaptain.com.

8. Age Restrictions

ClientCaptain is not intended for users under 18. We do not knowingly collect data from minors.

9. Policy Updates

We may update this policy and will notify users via email at least 30 days before changes take effect. Continued use constitutes acceptance.

10. Contact Us

For privacy-related requests, please contact us at legal@clientcaptain.io.