Privacy Policy

CLBA is a Manufacturing Decision Intelligence platform for discrete manufacturers. This policy describes how we collect, use, and protect information you provide through this website (the “Site”), including the Cohort 1 application form.

This policy applies to information collected via the Site. It does not apply to information processed inside CLBA on behalf of customers under a separate Master Services Agreement — that processing is governed by the applicable customer contract and Data Processing Addendum.

The Site collects only the information you choose to provide:

• Cohort 1 application form (manufacturers) — name, company, business email, ERP system, revenue band, role, and an optional VAR-partner hint.
• Deal-registration form (VAR partners) — your name, business email, firm, practice, the customer’s legal name, the customer’s ERP, the deal stage, the customer’s revenue band, and an optional context note.
• Investor-brief form (investors) — name, business email, firm, investor type, typical check size, thesis fit, and optional notes.
• Server logs — standard request metadata (IP address, user agent, request path, timestamp) collected automatically by our hosting provider, Vercel.

We do not currently use third-party analytics, advertising cookies, or tracking pixels on the Site. If we add them in the future, this policy will be updated and the change announced on this page.

Information from the intake forms is used to:

• Evaluate Cohort 1 applications for fit and respond within three business days.
• Confirm partner deal registrations within 24 hours and route the co-delivery workflow.
• Send investor-brief recipients the deck and a calendar option within 24 hours.
• Communicate about CLBA, the cohort, and ongoing product updates if you become a charter customer or partner.

Server logs are used for security monitoring, debugging, and operational visibility. They are retained for the minimum period required for those purposes. We deliberately exclude personally identifying details (names, email addresses, customer legal names, free-text notes) from application logs — the Slack notification channel is the record of submissions.

We share application data only with the people and systems required to evaluate and respond to it:

• CLBA personnel — founder, sales, and operations team members involved in cohort evaluation.
• Sub-processors — service providers acting on our behalf under written agreements:
  • Vercel (United States) — hosting and edge delivery for the Site and the application API endpoint.
  • Slack (United States) — internal notification channel that receives a copy of each application as soon as it is submitted.

We do not sell or rent personal information. We do not share your application with other applicants or third parties for marketing purposes.

Application data is retained as long as needed to evaluate the application and, if you become a charter customer, for the duration of our business relationship plus a reasonable period afterward for legal and audit purposes. Applications that are declined are retained for up to twenty-four months in case you reapply.

You can request deletion at any time — see Section 7.

The Site does not currently set cookies. If we add authentication, personalization, or analytics that require cookies in the future, we will update this policy and provide cookie controls where required by applicable law.

Depending on where you reside, you may have rights under laws including the EU General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and similar regimes:

• The right to access the information we hold about you.
• The right to correct inaccurate information.
• The right to request deletion of your information.
• The right to object to or restrict our processing.
• The right to withdraw consent at any time (without affecting the lawfulness of processing before withdrawal).
• The right to lodge a complaint with a supervisory authority.

To exercise any of these rights, contact us at the address in Section 11. We will respond within thirty days.

We use commercially reasonable safeguards to protect information collected through the Site, including TLS in transit, restricted access to backend systems, and least-privilege credentials for sub-processors. No system is perfectly secure, and we cannot guarantee absolute security. If we become aware of a security incident affecting your information, we will notify you in accordance with applicable law.

CLBA operates primarily in the United States. By submitting an application, you understand that your information will be processed in the United States and may be processed in other jurisdictions where our sub-processors operate. Where required by law, we rely on appropriate transfer mechanisms (such as Standard Contractual Clauses) to protect your information.

We may update this policy from time to time. The “Last updated” date at the top of this page indicates when the latest revision took effect. Material changes will be reflected here; we encourage you to review the policy periodically.

For privacy questions or requests — including access, correction, deletion, or any of the other rights described in Section 7 — contact CLBA at privacy@clba.ai. We respond within thirty days.