Privacy Policy

Last updated: March 2026 | Klaimer, Inc.

      The short version: Klaimer uses read-only access to your calendar to generate a tax deduction report for you. We analyze your event data in-session and do not store your raw calendar events on our servers. We do not sell your data. Ever.
    

1. Who We Are

Klaimer ("Klaimer," "we," "our," or "us") is a tax deduction discovery tool that analyzes your Google Calendar or Microsoft Outlook calendar to surface potential tax deductions for review with your accountant. Our website is klaimer.com.

If you have questions about this policy, contact us at hello@klaimer.com.

2. Information We Collect

We collect the following types of information:

Account information: When you sign up, we collect your name and email address.
Calendar data (read-only, transient): With your permission, we access your Google Calendar or Microsoft Outlook calendar events. This data is used exclusively to generate your deduction report and is not persistently stored on our servers.
Deduction report data: We store the summary report we generate for you (categories of potential deductions found) so you can revisit it. This is derived data, not your raw calendar events.
Usage data: We collect standard web analytics such as pages visited, time on site, browser type, and IP address to improve the service.

3. How We Use Your Information

To provide the Klaimer service — analyzing your calendar and generating your deduction report.
To send you account-related emails (access confirmation, report summaries, product updates).
To improve the accuracy and coverage of our deduction detection algorithms.
To comply with legal obligations.

We do not use your calendar data to train machine learning models without your explicit consent.

4. Calendar Access and Permissions

Klaimer requests read-only OAuth access to your calendar. This means:

We can read your calendar events to analyze them.
We cannot create, edit, or delete any events.
We cannot access your email, contacts, or other Google/Microsoft data.
You can revoke our access at any time from your Google Account permissions or Microsoft Account settings.

5. Data Sharing

We do not sell, rent, or trade your personal information or calendar data to any third party. We may share information only in the following limited circumstances:

Service providers: We use trusted, industry-leading cloud infrastructure providers that process data on our behalf under strict confidentiality obligations. These providers support encrypted data transport, encrypted storage, backups, secret management, and hosting-layer protections such as DDoS mitigation.
Legal compliance: If required by law, court order, or government authority.
Business transfers: In the event of a merger or acquisition, your data may transfer to the successor entity, subject to the same privacy protections.

6. Data Retention

We retain your account information and deduction reports for as long as your account is active. Raw calendar event data accessed during analysis sessions is not retained after the session ends. You may delete your account and all associated data by emailing hello@klaimer.com.

7. Cookies and Tracking

We use cookies and similar technologies to maintain your session, remember your preferences, and measure site performance. We may use Google Analytics to understand how visitors use our site. You can opt out of Google Analytics using the Google Analytics Opt-out Browser Add-on.

8. Security

We use industry-standard security practices including HTTPS encryption for all data in transit, access controls limiting who at Klaimer can access user data, and periodic security reviews. Built on Supabase and Vercel, Klaimer benefits from infrastructure features such as encrypted transport, encrypted storage, audited operational controls, secret management, backups, and hosting-layer protections. For stored data, access can also be restricted at the database layer using Supabase access controls.

Some security controls offered by our infrastructure providers depend on the configuration and service tier we choose. Unless we explicitly say otherwise, references to vendor capabilities describe platform features rather than guarantees that every optional control is enabled in our specific environment.

Supabase and Vercel each maintain audited security programs, including SOC 2 Type 2, but that does not by itself mean Klaimer is independently SOC 2 compliant. No system is 100% secure; if you believe your account has been compromised, contact us immediately.

9. Children's Privacy

Klaimer is not directed to children under 13. We do not knowingly collect personal information from children. If you believe a child has provided us with information, please contact us to have it removed.

10. Your Rights

Depending on your location, you may have the right to:

Access the personal data we hold about you.
Request correction of inaccurate data.
Request deletion of your data.
Withdraw consent for data processing.
Lodge a complaint with a supervisory authority (for EU/UK users).

To exercise any of these rights, contact hello@klaimer.com.

11. Changes to This Policy

We may update this policy periodically. We will notify you of material changes via email or a notice on our website. Continued use of Klaimer after changes constitutes acceptance of the updated policy.

12. Contact

Questions or concerns about this policy? Email us at hello@klaimer.com.

← Back to klaimer.com