Privacy Policy

Last updated: March 2026

This Privacy Policy explains how Clarico AI(trading as “Comet”), based in Victoria, Australia, collects, uses, and protects your personal information. We comply with the Australian Privacy Act 1988 and the Australian Privacy Principles (APPs).

What we collect

When you create an account and use Comet, we may collect:

  • Account info — your name and email address (collected via Clerk, our authentication provider)
  • Payment info — collected and stored by Stripe, our payment processor, in accordance with PCI-DSS standards. We never see or store your full card number.
  • Usage data — which tools you access and basic session information to keep the platform running smoothly

How your data is processed

Client-side processing

The majority of our tools process your data entirely in your web browser. When you upload a CSV file, spreadsheet, or other document, it is processed locally on your device. Your files are not uploaded to our servers.

This is especially important for sensitive data like NDIS claim files, patient appointment histories, and financial records. That data never leaves your browser.

AI-powered features

Some tools use AI to generate summaries, recommendations, or analysis. These features send relevant data to AWS Bedrock (powered by Claude, made by Anthropic) for processing. AWS Bedrock does not store your data or use it to train AI models. Data is processed and immediately discarded. No human at Clarico AI, Amazon, or Anthropic reviews your inputs.

NDIS and healthcare data

Several of our tools are designed to work with NDIS claim data, appointment records, and allied health practice information. We take this seriously:

  • NDIS claim files (CSV uploads) are processed entirely in your browser
  • Patient identifiers, NDIS numbers, and claim amounts never touch our servers
  • We do not build profiles from healthcare data
  • You remain the data controller at all times — we are a tool, not a data processor for this information

Third-party services

We use the following third-party services:

Clerk (authentication) — stores your email, name, and authentication tokens. See Clerk's Privacy Policy.
Stripe (payments) — processes and stores payment information under PCI-DSS compliance. See Stripe's Privacy Policy.
AWS Bedrock (AI processing) — processes data for AI features only. No data is stored or used for model training. See AWS Privacy Policy.

Cookies

We use essential cookies only — specifically, authentication session cookies managed by Clerk to keep you logged in. We do not use advertising cookies, analytics trackers, or third-party tracking pixels.

We do not sell your data

We do not sell, rent, or trade your personal information to third parties. Full stop.

Data retention

We retain your account information for as long as your account is active. If you cancel your subscription, we keep your account data for 90 days in case you return, then delete it. You can request immediate deletion at any time.

Your rights

Under the Australian Privacy Principles, you have the right to:

  • Access the personal information we hold about you
  • Request correction of inaccurate information
  • Request deletion of your data
  • Lodge a complaint with the Office of the Australian Information Commissioner (OAIC)

To exercise any of these rights, email us at support@clarico.com.au.

Data breach notification

In the event of a data breach that is likely to result in serious harm, we will notify the Office of the Australian Information Commissioner (OAIC) and affected individuals within 72 hours, as required under the Notifiable Data Breaches (NDB) scheme.

Contact us

If you have questions about this Privacy Policy or how we handle your data, contact us at: support@clarico.com.au

← Back to home