Sign Up

Privacy Policy

Last Updated: April 9, 2025

This privacy policy will explain how Our Company (Hyperion Technologies GmbH, operating as Clickless) uses the personal data we collect from you when you use our platform and services.


What data do we collect?

Our Company collects the following data:

  • Personal Identification Information: Provided during registration via Okta Auth0, typically including your Name and Email address.

  • Service Connection Information: When you connect a third-party service to Clickless, we securely manage authentication details (like OAuth tokens or API keys) via our partner Composio, based on your explicit authorization.

  • Data Accessed via Connected Services: Clickless agents may access or gather data from the services you connect, based only on the permissions you grant to those services and the tasks you assign the agents. The specific types of data depend entirely on the services connected (we support over 250) and the permissions you approve. Clickless never transfers data you haven't authorized.

  • Interaction and Operational Data: We store conversation logs (your chat history with LLM Agents) and automation logs (records of decisions and actions taken by Agents you run).

  • Payment Information: If you subscribe to a paid service, our payment processor, Stripe, will collect necessary payment details (like name, credit card information, billing address) to process your payment. Clickless itself does not store your full credit card details.

  • Technical Information: We may collect information via cookies necessary for website function (see 'Cookies' section below).

How do we collect your data?

You directly provide Our Company with most of the data we collect. We collect data and process data when you:

  • Register online for our services (via Okta Auth0).

  • Connect a third-party service to the Clickless platform (initiating data sharing you authorize, managed via Composio).

  • Interact with Clickless agents (generating conversation logs).

  • Run automations using Clickless agents (generating automation logs).

  • Make a purchase for our services (via Stripe).

  • Use or view our website (essential cookies for login functionality).

  • Contact us via email (e.g., for support or to exercise your data rights).

Our Company does not typically receive your data indirectly from other sources, other than the data accessed from services you explicitly connect and authorize.

How will we use your data?

Our Company collects your data so that we can:

  • Provide and operate the Clickless service, allowing you to connect services and run automations.

  • Manage your account and authenticate your access (via Okta Auth0).

  • Process your orders and payments (via Stripe).

  • Enable agent functionality by processing your instructions and relevant data through connected services and Large Language Model (LLM) providers.

  • Store conversation and automation logs for service provision, debugging, and maintaining service integrity.

  • Respond to your support requests or inquiries.

  • Comply with legal obligations.

Clickless does not use your personal data for marketing emails or share your data with partners for marketing purposes unless you explicitly opt-in through a separate mechanism. Our communication will primarily be service-related (e.g., account management, security notices).

How do we store your data?

Our Company securely stores your data on cloud servers provided by DigitalOcean. While DigitalOcean employs robust security measures compliant with industry standards, the specific geographic location of the servers storing your data may vary and is not guaranteed to be within one specific region (e.g., the EU). We implement appropriate technical and organizational measures to protect your data. Authentication data is managed securely by Okta Auth0 and service connection tokens by Composio.

Our Company will keep your:

  • Conversation logs and automation logs (considered non-essential operational data) for 90 days.

  • Your account information and configuration data (necessary for service function) for as long as your account remains active.

  • Personal Identification Information (PII) associated directly with your account until you delete your account.

Once these time periods expire or you delete your account, we will delete your data through automated and manual processes where applicable. You can also request full erasure of your data (see 'What are your data protection rights?' below).

Data Sharing with Third Parties

We share minimal necessary data with third-party service providers solely to operate the Clickless platform:

  • DigitalOcean: Provides the cloud hosting infrastructure where data is stored.

  • Okta Auth0: Manages user authentication and account security. Receives basic login information (e.g., email).

  • Composio: Manages the authorization (OAuth/API keys) for connecting third-party services. Handles relevant tokens.

  • Large Language Model (LLM) Providers (Anthropic, Google, OpenAI): Process conversation data and instructions when you interact with LLM-powered agents. We share the necessary prompts and context. These providers are contractually obligated or state in their policies not to use your data for training their models.

  • Stripe: Processes payments for subscriptions. Receives necessary payment and billing information.

We only share the absolute minimum data required for these providers to perform their function. We do not sell your personal data.

International Data Transfers

Your data may be transferred to, and processed in, countries other than the country in which you are resident. These countries may have data protection laws that are different from the laws of your country.  

Specifically, our servers are hosted by DigitalOcean (locations vary), and our third-party service providers (Okta Auth0, Composio, Anthropic, Google, OpenAI, Stripe) operate globally, including in the United States.

Hyperion Technologies GmbH is based in Switzerland, which benefits from an EU Adequacy decision for data protection. When we transfer your data to countries outside Switzerland or the European Economic Area (EEA), we take appropriate safeguards to require that your personal data will remain protected in accordance with this privacy policy and applicable laws. These safeguards include relying on EU Adequacy Decisions (like for Switzerland) or implementing Standard Contractual Clauses (SCCs) with third parties, or relying on their certification under frameworks like the EU-U.S. Data Privacy Framework where applicable. We rely on our partners being GDPR compliant as part of these measures.  

Marketing

Our Company does not currently send marketing emails about our products or services, or share your data with partner companies for marketing purposes. If we offer marketing communications in the future, we will do so only with your explicit consent, and you will always have the right to opt-out easily at any time.

What are your data protection rights?

Our Company would like to make sure you are fully aware of all of your data protection rights under GDPR and Swiss data protection law. Every user is entitled to the following:

  • The right to access – You have the right to request copies of your personal data.

  • The right to rectification – You have the right to request that we correct any information you believe is inaccurate. You also have the right to request us to complete information you believe is incomplete.

  • The right to erasure – You have the right to request that we erase your personal data, under certain conditions (also known as the 'right to be forgotten'). You can specifically request this by emailing [email address removed].

  • The right to restrict processing – You have the right to request that we restrict the processing of your personal data, under certain conditions.

  • The right to object to processing – You have the right to object to our processing of your personal data, under certain conditions, particularly where we rely on legitimate interests as our legal basis.

  • The right to data portability – You have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions.

If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us at our email: hello@clickless.io

Or write to us: Hyperion Technologies GmbH, Zürich, Switzerland

(Please note: We may request proof of identity before fulfilling certain requests to ensure data security.)

Cookies

Cookies are text files placed on your computer to collect standard Internet log information and visitor behavior information. When you visit our websites, we may collect information from you automatically through cookies or similar technology.

For further information, visit allaboutcookies.org.

How do we use cookies?

Our Company uses cookies only in essential ways to ensure the proper functioning of our service:

  • Keeping you signed in: We use cookies (managed via Okta Auth0) to maintain your login session securely using JWT credentials.

We do not use cookies for tracking your usage patterns for analytics or for advertising purposes.

What types of cookies do we use?

Our website uses:

  • Strictly Necessary / Functionality Cookies: These are essential for you to browse the website and use its features, such as accessing secure areas of the site and maintaining your login state. We use first-party and third-party (Okta Auth0) cookies for this purpose. These cookies remember that you are logged in.  


We do not use Advertising cookies or Analytics cookies.

How to manage cookies

You can set your browser not to accept cookies, and the website allaboutcookies.org tells you how to remove cookies from your browser. However, because we only use essential cookies for login functionality, disabling them will prevent you from logging into and using the Clickless platform.


Privacy policies of other websites

The Clickless platform allows you to connect to numerous third-party services, and our website may contain links to other websites. Our privacy policy applies only to our platform and website. If you click on a link to another website or connect a third-party service, you should read their privacy policy to understand how they collect and use your data.


Changes to our privacy policy

Our Company keeps its privacy policy under regular review and places any updates on this web page. This privacy policy was last updated on April 9, 2025.  


How to contact us

If you have any questions about Our Company’s privacy policy, the data we hold on you, or you would like to exercise one of your data protection rights, please do not hesitate to contact us.

Email us at: hello@clickless.io

Or write to us at: Hyperion Technologies GmbH Zürich, Switzerland


How to contact the appropriate authority

Should you wish to report a complaint or if you feel that Our Company has not addressed your concern in a satisfactory manner, you may contact the appropriate supervisory authority.

As Hyperion Technologies GmbH is domiciled in Switzerland, the primary authority is:


Federal Data Protection and Information Commissioner (FDPIC)

Address: Feldeggweg 1 CH - 3003 Berne Switzerland Website: Website: https://www.edoeb.admin.ch/edoeb/en/home.html
Contact Form: Available on their website.

If you are a resident of the European Economic Area (EEA), you may also have the right to lodge a complaint with your local data protection authority.