Terms of Service

Last updated: 21 March 2026

1. Agreement Overview

These Terms of Service ("Terms") constitute a legally binding agreement between you ("User", "you", or "your") and Clarium Limited ("Clarium", "we", "us", or "our"), a company registered in Jersey, Channel Islands.

By accessing or using the Clarium platform (the "Service"), you agree to be bound by these Terms, our Privacy Notice, and any additional terms incorporated by reference.

⚠️ PLEASE READ THESE TERMS CAREFULLY. If you do not agree to all terms, you may not access or use the Service.

2. Description of Service

2.1 What Clarium Does

Clarium is a GDPR compliance documentation platform that enables organisations to:

Document Records of Processing Activities (RoPA) in compliance with GDPR Article 30
Map data flows visually to understand how personal data moves through your systems
Manage IT systems and third-party processors with verification workflows
Extract GDPR fields using AI-assisted analysis of business process descriptions
Export compliance reports in UROPA-compliant JSON format (UK Regulator Open API)
Assign Data Protection Champions (DPC) to verify and approve submissions

2.2 What Clarium Is NOT

❌ NOT legal advice – Our templates and suggestions are not a substitute for qualified legal counsel
❌ NOT a DPO replacement – You must still designate a Data Protection Officer if required under GDPR Article 37
❌ NOT an automatic compliance solution – Human review and verification of all data is required
❌ NOT a substitute for due diligence – You must verify all AI-extracted data for accuracy

Important: Use of Clarium does not guarantee GDPR compliance. You are responsible for the accuracy and completeness of your documentation.

3. User Eligibility & Registration

3.1 Eligibility Requirements

To use the Service, you must:

Be at least 18 years of age
Have the legal authority to bind your organization to these Terms
Be acting on behalf of a legitimate business or organization
Not be prohibited from using the Service under any applicable laws

3.2 Geographic Focus

Clarium is designed for organisations operating in:

United Kingdom
European Union / European Economic Area (EEA)
Jersey, Channel Islands

3.3 Authentication Methods

We use federated identity authentication via Supabase Auth. You may sign up and log in using:

Google Workspace (Google Identity Services)
Microsoft Entra ID / Azure AD (Microsoft identity platform)

No email/password authentication is available.

4. Account Security & Access

4.1 Multi-User Organizations

Each organization account may have multiple users with different roles:

Role	Description	Permissions
Platform Admin	Clarium staff	Full access across all orgs (logged)
Superuser	Organization owner/admin	Full access within their organization
DPC	Data Protection Champion	Verify/approve processes and systems
Contributor	Business process owners	Create and edit processes
Viewer	Read-only stakeholders	View processes (no editing)

4.2 Organization Isolation

Your data is strictly isolated from other organizations using Row-Level Security (RLS) at the database level. You cannot access data belonging to other organizations, and they cannot access yours.

5. Subscription Plans & Pricing

5.1 Subscription Tiers

Plan	Monthly	Annual	Savings
Free (Trial)	£0	£0	30-day full-feature trial
Growth	£79	£758.40	20% annual discount
Growth-vDPO	£63	£604.80	20% annual discount
Pro	£199	£1,850	~23% annual discount
Pro-vDPO	£159	£1,480	~23% annual discount
Enterprise	Custom	Custom	Contact sales

All prices in GBP (£), excluding VAT where applicable.

5.2 vDPO Partner Discount

The vDPO (virtual DPO) pricing tier is available exclusively to DPO consultancies, Managed Service Providers, and law firms providing data protection services.

To apply: Contact [email protected]

5.3 Free Trial

Your organization may access a 30-day free trial with full Pro features.

No credit card required during trial
Trial is per-organization (not per-user)
At trial end, you will be prompted to subscribe or export your data
Data is retained for 30 days after trial expiry before deletion

6. Fair Use Policy

6.1 Usage Limits

Each subscription tier has usage limits to ensure fair resource allocation:

Limit Type	Growth	Pro	Enterprise
Users (seats)	10	25	Unlimited
Business Processes	50	Unlimited	Unlimited
IT Systems	100	Unlimited	Unlimited
AI Extractions/month	100	500	Unlimited
Export Rate Limit	30/hour	100/hour	500/hour

6.2 Exceeding Limits

If you exceed your plan limits:

Soft Limit (Warning): At 80% of limit, you'll receive an email notification
Hard Limit (Block): At 100%, new creation is blocked until limits reset or you upgrade
Grace Period: You have 14 days to upgrade or reduce usage before read-only mode activates

6.3 Rate Limiting

To protect service stability, we apply rate limits:

Endpoint Type	Limit	Window
General API	60 requests	Per minute
Authentication	10 requests	Per minute
AI Operations	20 requests	Per minute
Export (UROPA)	30 requests	Per hour
File Uploads	20 requests	Per minute

7. Acceptable Use Policy

7.1 Permitted Use

You may use the Service only for:

✅ Documenting your organization's legitimate GDPR compliance activities
✅ Managing Records of Processing Activities (RoPA) under Article 30
✅ Creating data flow maps for internal compliance purposes
✅ Exporting data for regulatory submission or DPO review
✅ Inviting colleagues within your organization

7.2 Prohibited Conduct

You may NOT use the Service to:

Illegal Activity

❌ Violate any applicable law, regulation, or third-party rights
❌ Process data in violation of GDPR or Data Protection (Jersey) Law 2018
❌ Facilitate or document unlawful processing activities

Harmful Content

❌ Upload malware, viruses, or other harmful code
❌ Upload content that infringes intellectual property rights
❌ Upload sensitive personal data of data subjects without lawful basis

Security Violations

❌ Attempt to gain unauthorized access to other accounts or systems
❌ Circumvent technical measures, authentication, or rate limiting
❌ Share login credentials with unauthorized users
❌ Use automation to bypass fair use limits

Service Abuse

❌ Resell or redistribute access without a vDPO Partner Agreement
❌ Create multiple trial accounts to circumvent subscription requirements
❌ Interfere with other users' access to the Service

7.3 Consequences of Violation

Violations may result in:

Warning: First-time minor violations may receive a warning email
Suspension: Serious or repeated violations may result in temporary account suspension
Termination: Severe violations may result in immediate account termination without refund
Legal Action: Illegal activity may be reported to appropriate authorities

8. Billing & Payment

8.1 Payment Processing

All payments are processed by SumUp (SumUp Limited, London/Dublin). We accept Visa, Mastercard, and American Express. All payments are in GBP (£).

8.2 Automatic Renewal

Subscriptions renew automatically unless cancelled before the renewal date.

We will send a renewal reminder email 7 days before renewal
You can cancel anytime via Settings → Subscription → Cancel Plan
Cancellation takes effect at the end of the current billing period

8.3 Taxes

All prices are exclusive of VAT/GST where applicable.

UK customers: VAT at 20% will be added
EU customers: VAT at your country's rate (unless valid VAT number provided)
Jersey customers: No VAT (Jersey has no VAT)

9. Refund Policy

9.1 Monthly Subscriptions

No refunds for partial months after the billing date
You may cancel anytime; access continues until end of current billing period

9.2 Annual Subscriptions

Pro-rata refund available within 30 days of annual subscription start
No refund after 30 days from subscription start
To request: Contact [email protected] within 30 days

10. Intellectual Property

10.1 Clarium's Intellectual Property

We (or our licensors) own all rights to:

The Clarium platform, including all software, code, and infrastructure
Clarium branding, trademarks, logos, and visual design
Documentation, templates, and help content
AI models, algorithms, and extraction logic

10.2 Your Content

You retain all ownership rights to your Customer Content (business process descriptions, system configurations, uploaded files, etc.).

By uploading content, you grant Clarium a limited license to:

Store and display your content to authorized users in your organization
Process your content to provide Service features (e.g., AI extraction, export)

We do NOT:

❌ Sell your content to third parties
❌ Use your content for advertising
❌ Share your content with other customers
❌ Train AI models on your confidential business information

11. Data Protection & Privacy

11.1 Privacy Notice

Our collection and use of personal data is governed by our Privacy Notice, which is incorporated into these Terms by reference.

11.2 Data Processing Agreement

For organizations requiring a formal Data Processing Agreement (DPA) under GDPR Article 28, please contact [email protected].

11.3 Data Location

All customer data is stored in EU-West-1 (Dublin, Ireland).

12. Service Availability & Support

12.1 Service Availability

We aim to provide a reliable service, but do not guarantee 100% uptime.

Growth: Best efforts (no SLA)
Pro: 99.5% uptime (monthly)
Enterprise: 99.9% uptime (monthly, with SLA credits)

12.2 Support

Plan	Channels	Response Time
Free (Trial)	Email only	5 business days
Growth	Email	3 business days
Pro	Email + Priority Queue	1 business day
Enterprise	Email + Phone + CSM	4 hours (business hours)

Support Email: [email protected] | Hours: Monday–Friday, 09:00–17:00 GMT/BST

13. Limitation of Liability

13.1 Disclaimer of Warranties

THE SERVICE IS PROVIDED "AS IS" AND "AS AVAILABLE" WITHOUT WARRANTIES OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT.

13.2 Limitation of Damages

TO THE MAXIMUM EXTENT PERMITTED BY LAW:

Clarium shall NOT be liable for:

Indirect, incidental, special, consequential, or punitive damages
Loss of profits, revenue, data, or business opportunities
Regulatory fines or penalties imposed on you
Your reliance on AI-extracted data without human verification
Inaccuracies in your GDPR documentation

Maximum Liability:

Our total liability shall not exceed the greater of the total fees paid by you in the 12 months preceding the claim, or £500.

13.3 Your Responsibility

You acknowledge that:

GDPR compliance is your responsibility – Clarium is a tool, not a compliance guarantee
AI suggestions require human review – All AI-extracted data must be verified by qualified personnel
Legal advice is external – You should consult qualified legal counsel for compliance decisions
Data accuracy is your responsibility – You are responsible for the accuracy of your inputs

14. Term & Termination

14.1 Termination by You

You may terminate your account at any time:

Free accounts: Settings → Account → Delete Account
Paid accounts: Settings → Subscription → Cancel Plan → Delete Account

14.2 Termination by Us

We may terminate or suspend your account immediately if:

You breach these Terms
You fail to pay outstanding fees (after 14-day grace period)
We are required to do so by law
We discontinue the Service (with 90 days' notice)

14.3 Effect of Termination

Upon termination:

Your access to the Service will be disabled
Your data will enter a 30-day soft delete period (you may request export)
After 30 days, your data will be permanently deleted

14.4 Data Export

Before termination, you should export your data via Settings → Export → Download your data (UROPA JSON format).

15. Dispute Resolution

15.1 Governing Law

These Terms are governed by the laws of Jersey, Channel Islands, without regard to conflict of law principles.

15.2 Informal Resolution

Before initiating formal proceedings, you agree to attempt informal resolution:

Contact [email protected] with a written description of your dispute
We will respond within 30 days with a proposed resolution
Both parties will negotiate in good faith for at least 60 days

15.3 Jurisdiction

If informal resolution fails, disputes shall be resolved exclusively in the courts of Jersey, Channel Islands.

15.4 Class Action Waiver

YOU AGREE TO RESOLVE DISPUTES INDIVIDUALLY.

You waive any right to participate in a class action lawsuit or class-wide arbitration.

16. General Provisions

Entire Agreement: These Terms (together with our Privacy Notice and any applicable DPA) constitute the entire agreement between you and Clarium.
Severability: If any provision is held invalid, the remaining provisions remain in effect.
Waiver: Our failure to enforce any right shall not constitute a waiver.
Assignment: You may not assign your rights without our consent. We may assign our rights without restriction.
Force Majeure: Neither party is liable for delays caused by events beyond reasonable control.
No Agency: These Terms do not create any agency, partnership, or employment relationship.

17. Changes to These Terms

We may modify these Terms from time to time.

Material changes: Email notification at least 30 days before changes take effect
Minor changes: Updated "Last Updated" date; continued use constitutes acceptance

Your options if you disagree: Discontinue use before changes take effect, export your data and terminate your account, or contact us to discuss specific concerns.