← Back to Closr

Privacy Policy

Last updated: July 9, 2026

Closr is operated by Bottleneck Labs ("we," "us," "our"), a company based in Canada. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use Closr at getclosr.app and any related services. By using Closr, you agree to the practices described here.

1. Data We Collect

Account information. When you sign up we collect your name, email address, and password (hashed). If you subscribe to a paid plan we collect billing details through Stripe (see Section 7).

Contacts & leads. You may import or manually create contacts and leads inside Closr. This data can include names, email addresses, phone numbers, property preferences, notes, tags, and any custom fields you add.

Email via your connected inbox. When you connect an email account (Gmail, Google Workspace, Outlook, or IMAP via our sync provider Nylas), Closr reads and syncs your email — including message content — and stores it in your Closr account. This is what powers the Inbox, automatic contact threading, deal-detail extraction, and AI drafting that knows your conversation history. Connecting an inbox is optional: without one, you can still receive email in Closr through your dedicated Closr inbox address (for example by forwarding mail to it), and no access to your email provider is requested at all.

SMS & voice data via Twilio. When you use Closr to send SMS messages or make voice calls, those messages and call metadata (timestamps, duration, recipient phone numbers) are processed through Twilio and stored in your Closr account.

Email tracking data. Closr uses tracking pixels (small transparent images) embedded in outgoing emails to detect when a recipient opens an email. We also use link-wrapping to detect when a recipient clicks a link. This data includes the time of the open or click and approximate IP-based geolocation.

Website visitor tracking (agent websites). Agents can install a Closr tracking snippet on their own real estate website. When installed, it records page visits and form submissions on that site, and links this activity to a contact in the agent's CRM when the visitor submits a form or clicks a tracked link from a Closr email. The agent who installs the snippet is responsible for disclosing this tracking to their website visitors as required by applicable law.

Usage & browsing data. We collect standard usage data such as pages viewed, features used, browser type, device information, IP address, and session duration to improve the product and diagnose issues.

AI interaction data. Your interactions with Closr's AI features (campaign generation, message drafting, lead scoring, signal detection, and the Cloe & Cody chat assistants) are logged to deliver and improve the service.

2. How AI Processes Your Data

Closr uses Claude by Anthropic as its content engine. When you use smart features — including campaign generation, message drafting, lead scoring, signal detection, and conversations with Cloe or Cody — relevant data (such as contact details, conversation context, and your instructions) is sent to Anthropic's API for processing.

Anthropic processes this data to generate a response and does not store your inputs or outputs for model training, in accordance with their API data usage policy. Data is transmitted over encrypted connections (TLS).

We retain AI-generated outputs (e.g., drafted messages, scores, campaign plans) within your account so you can review, edit, and use them.

3. Google OAuth Access

When you connect a Gmail or Google Workspace account, the Google consent screen requests the following permissions:

  • gmail.readonly — Read email in your mailbox. This is what lets Closr sync your inbox into contact timelines and power AI drafting that knows your conversation history. Read-only: Closr cannot delete your mail or change your labels, folders, or read states.
  • gmail.send — Send email from your own address, so replies and emails you compose in Closr go out as you.
  • calendar — View, create, and update calendar events for property showings, client meetings, and follow-up reminders
  • openid / userinfo.email / userinfo.profile — Identify your account

Message content from your mailbox is synced into your Closr account to power the Inbox and AI features described in Section 1. Section 4 (Limited Use) governs everything Closr does with this data.

You can revoke Google access at any time from your Google Account permissions page or from Closr's Settings → Integrations. Revoking access stops email sending and inbox sync for that account.

4. Google API Services — Limited Use

Closr's use and transfer of information received from Google APIs to any other app will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

Specifically, Closr will not:

  • Use data obtained through Google APIs to develop, improve, or train generalized AI and/or machine learning models.
  • Transfer Google user data to third parties except (a) as necessary to provide or improve user-facing features that are prominent in the Closr user interface, (b) to comply with applicable law, or (c) as part of a merger, acquisition, or sale of assets, with the user's explicit consent.
  • Allow humans to read Google user data unless (a) we have obtained the user's affirmative agreement to view specific messages, (b) it is necessary for security purposes such as investigating abuse, (c) it is necessary to comply with applicable law, or (d) data is aggregated and used for internal operations in accordance with applicable privacy and other jurisdictional legal requirements.
  • Use Google user data for serving advertisements.

You can revoke Closr's access to your Google account at any time via your Google Account permissions page or by following the steps in our Data Deletion procedure.

5. Email Tracking

Closr embeds a small, invisible tracking pixel in outgoing campaign and follow-up emails. When a recipient loads the email, the pixel is requested from our servers, recording an "open" event.

Links in your emails may be wrapped through our tracking domain so we can record click events before redirecting the recipient to the destination URL.

This tracking data is visible only to you (the Closr user) and is used for engagement analytics and AI signal detection. Recipients are not individually notified of tracking; however, you are responsible for complying with applicable email and privacy regulations in your jurisdiction.

6. SMS & Voice via Twilio

SMS messages and voice calls made through Closr are processed by Twilio. Twilio may temporarily store message content and call recordings as necessary to deliver and route communications. Refer to Twilio's Privacy Policy for details.

Message content, recipient phone numbers, and call metadata are stored in your Closr account as part of your contact activity history.

Text messaging (SMS) consent and your choices

If you give your mobile number to a real estate agent who uses Closr, that agent may text you appointment and showing reminders, transaction and listing updates, home valuation results, and related follow-ups. You consent to these messages through your existing relationship with the agent or by providing your number to them directly; consent is not a condition of any purchase. Message frequency varies. Message and data rates may apply. Reply STOP to any message to opt out at any time, or HELP for help.

We do not sell or share your mobile phone number, SMS opt-in, or consent information with third parties or affiliates for their own marketing or promotional purposes. Text-messaging originator opt-in data and consent are not shared with any third parties for marketing. Phone numbers are used only to deliver the messages described above and are processed by our messaging provider, Twilio, solely to route and deliver them.

7. Cookies & Authentication

Closr uses cookies strictly for authentication and session management. We use Supabase Auth cookies to keep you signed in and to refresh your session securely.

We do not use advertising cookies, social media tracking cookies, or third-party analytics cookies. We may use basic, privacy-respecting analytics (e.g., page views) to improve the product.

8. Payment Data (Stripe)

Payments are processed by Stripe. We never see or store your full credit card number. Stripe provides us with a tokenized reference, the last four digits of your card, and your billing email. Refer to Stripe's Privacy Policy for details on how they handle payment data.

9. Data Storage & Security

Your data is stored in a Supabase-hosted PostgreSQL database. Our database infrastructure is hosted in Canada. All data is encrypted at rest and in transit (TLS 1.2+).

The Closr web application is hosted on Vercel. Static assets and server-side functions are served from Vercel's edge network.

We implement industry-standard security practices, including encrypted connections, secure credential storage, role-based access controls, and regular security reviews.

10. Data Retention & Deletion

We retain your data for as long as your account is active. If you delete your account, we will delete your personal data, contacts, campaigns, and activity history within 30 days. Some data may be retained longer if required by law or for legitimate business purposes (e.g., billing records).

You can delete your account and all associated data at any time from within Closr (Settings → Account → Delete account) or by following the steps in our Data Deletion procedure. You may also contact us at privacy@getclosr.app.

11. Third-Party Services

Closr integrates with the following third-party services that may process your data:

  • Anthropic (Claude AI) — AI processing for campaign generation, message drafting, lead scoring, signal detection, and chat assistants
  • Google (Gmail API) — Email sending and inbox sync via OAuth
  • Nylas — Email and calendar sync API. Closr uses Nylas as an aggregator for IMAP, Gmail, and Outlook accounts. Nylas holds the OAuth grant and processes your messages to provide sync; message content from connected inboxes is stored in your Closr account as described in Sections 1 and 3.
  • Twilio — SMS messaging, voice calling, and phone number provisioning
  • ElevenLabs — Voice cloning and AI-powered voice calls on your behalf
  • SignWell — Electronic document signing for offer documents and agreements
  • Resend — System notification emails (confirmations, alerts)
  • Stripe — Payment processing and subscription management
  • Vercel — Application hosting and edge delivery
  • Supabase — Database hosting, authentication, and file storage (hosted in Canada)

12. Your Rights

You have the right to:

  • Access your personal data and request a copy of it
  • Correct inaccurate personal data
  • Delete your account and associated data
  • Export your contacts, leads, and activity data in a machine-readable format
  • Withdraw consent for specific data processing (e.g., disconnect Gmail)

To exercise any of these rights, contact us at privacy@getclosr.app. We will respond within 30 days.

13. PIPEDA Compliance

As a Canadian company, we comply with the Personal Information Protection and Electronic Documents Act (PIPEDA). This means:

  • We collect personal information only for identified, reasonable purposes
  • We obtain meaningful consent before collecting, using, or disclosing personal information
  • We limit collection to what is necessary for the purposes identified
  • We protect personal information with appropriate security safeguards
  • We are transparent about our policies and practices
  • We provide individuals with access to their personal information upon request

14. Children's Privacy

Closr is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children. If we learn that we have inadvertently collected data from a minor, we will delete it promptly.

15. Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you by email or by posting a prominent notice within the application. Your continued use of Closr after changes are posted constitutes your acceptance of the revised policy.

16. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, contact us at:

Bottleneck Labs
Email: privacy@getclosr.app
Web: getclosr.app