How we handle your data.

Section 01

Overview

Clover ERA Inc. is a Delaware corporation that builds workforce measurement and intervention software. This Privacy Policy applies to the website (cloverera.com), the Manager Gap Index assessment (mgi.cloverera.com), the Clover ERA platform (app.cloverera.com), and the personal ERA app on iOS and Android.

By using any of these surfaces, you agree to the practices described here. If you do not agree, do not use the services.

Section 02

What we collect

Account information

When you create an account or take the Manager Gap Index, we collect your name, work email, company name, role, and (optionally) phone number. For paying customers we also collect billing contact details and a payment token. We do not store credit card numbers; payments are handled by our payment processor (Stripe).

Assessment responses

The Manager Gap Index records your answers to the six dimension questions and your computed score. Team-deployed assessments are aggregated at the team level; individual responses are not retained beyond the duration needed to compute team aggregates.

Personal app data

The ERA personal app stores your daily check-in answers, CLOVER scores, and reflection history on your device. This data is not sent to our servers in identifiable form. See Section 04 for details on the architectural anonymity model.

Usage and device data

When you visit our websites or use the platform, we collect standard log data: IP address, browser type and version, operating system, referring page, pages visited, and timestamps. We use this to operate the service and detect abuse.

Communication

When you email us, complete a form, or schedule a Cohort Conversation, we keep a record of that exchange so we can respond and so the next conversation has context.

Cookies

We use cookies and similar technologies. The full list is documented in the Cookie Policy.

Section 03

How we use it

We use the data we collect to:

• Operate the platform and the personal app, including computing team-level reporting
• Authenticate users and prevent abuse
• Communicate with you about the service, including transactional emails
• Improve the platform — primarily through aggregated, anonymised cohort analysis
• Comply with legal obligations

For users in the EU, UK, and other GDPR-style jurisdictions, our legal bases are: contract performance (operating the service), legitimate interests (security, abuse detection, product improvement), consent (where you have given it — for example, marketing emails), and legal obligations.

We do not use your data for automated decision-making with legal or significant effects on you.

Section 04

Architectural anonymity

Clover ERA's most significant privacy commitment is structural rather than policy-based. The platform is designed so that we cannot identify individual employees from team or company-level reporting, because we never receive the identifiers that would allow us to.

Specifically:

• Personal app data stays on the device. Your daily check-in responses, CLOVER scores, and reflection history are stored locally and never transmitted to our servers in identifiable form.
• No device IDs. The personal app does not generate or transmit device-specific identifiers that could be used to re-identify users across sessions.
• Code-based team association. When an employee joins a team's Clover ERA deployment, they enter a setup code provided by their company. The code links the app to the team for the purpose of contributing to anonymous team aggregates. The user can change or remove the code at any time, and the personal data on their device is unaffected.
• Aggregation thresholds. Team-level reporting is only generated when a minimum response threshold is met across the team, so individual responses cannot be inferred from small samples.

This means: when your company sees a team-level report, neither your company nor Clover ERA can identify which specific employee gave which response. This is the cornerstone of how the platform works, and it is documented in the architecture, not just in this policy.

Section 05

Sharing and disclosure

We do not sell, rent, or trade your personal information. We share data only in these limited situations:

• Service providers. We use third parties to operate parts of the service: cloud hosting (AWS), email delivery (Postmark), payment processing (Stripe), analytics (privacy-respecting analytics on the public site only), customer support tooling. Each is bound by a data processing agreement.
• Legal compliance. When required by law, court order, or to protect the safety of users or third parties.
• Business transfers. If Clover ERA is acquired or merges with another company, your data may transfer as part of that transaction. You will be notified.
• Anonymised research. We publish cohort findings (the Silent Degradation Index, methodology papers). This data is aggregated and anonymised; no individual employee or company is identifiable.

Section 06

Your rights

Depending on where you live, you have rights to:

• Access — request a copy of the personal data we hold about you
• Correct — ask us to fix data that is inaccurate
• Delete — ask us to erase your data, subject to legal retention requirements
• Restrict — limit how we process your data
• Port — receive your data in a machine-readable format
• Object — object to processing based on legitimate interests
• Withdraw consent — where processing is based on consent
• Lodge a complaint — with your local data protection authority

For California residents, additional rights apply under the CCPA, including the right to know what personal information we collect and the right to opt out of sale (we do not sell personal information; this is documented above).

To exercise any of these rights, email contact@cloverera.com. We respond within 30 days.

Section 07

Security and retention

We protect data with industry-standard controls: encryption in transit (TLS 1.2+) and at rest, role-based access controls, regular security audits, and the architectural anonymity described in Section 04.

Retention periods vary by data type:

• Account information: retained while your account is active and for 12 months after closure
• MGI assessment results: retained for 24 months
• Personal app data: retained on your device until you delete the app or clear it manually; never on our servers
• Communication records: retained for 36 months
• Billing records: retained for 7 years (tax and accounting requirements)
• Aggregated cohort data: retained indefinitely in anonymised form

Section 08

International transfers

Clover ERA is headquartered in Delaware, USA. If you are using the service from outside the United States, your data may be transferred to and processed in the US. We rely on Standard Contractual Clauses (SCCs) and equivalent transfer mechanisms for international transfers from the EU, UK, and other jurisdictions with cross-border restrictions.

Section 09

Children's privacy

The Clover ERA platform is designed for workplace use and is not directed to children under 16. We do not knowingly collect personal information from children. If you believe we have, please contact us and we will delete it.

Section 10

Changes to this policy

We update this policy as the platform changes and as the regulatory environment evolves. Material changes will be communicated by email to active customers. The "Last updated" date at the top of this page reflects the most recent revision. Older versions are archived and available on request.

Section 11

Contact

For privacy questions, data subject requests, or complaints: