Privacy Policy

Effective Date: March 2, 2026

At ClawCradle, we take your privacy seriously. This Privacy Policy explains what information we collect, how we use it, and your rights regarding your data.

            TL;DR: We collect only what's necessary to provide our service. We don't sell your data. Your AI agent data stays on your dedicated instance and we don't access it without your permission.
        

1. Information We Collect

1.1 Account Information

When you create an account, we collect:

Email address
Password (hashed and salted)
Billing information (handled by Stripe)
Account preferences and plan selection

1.2 Usage Data

We collect information about how you use our service:

Instance provisioning and status data
Inference usage metrics (token counts, models used) for billing purposes
Credit balance and transaction history
API request logs (anonymized, retained for 30 days)
Dashboard access logs

1.3 Technical Data

We automatically collect certain technical information:

IP address (for security and abuse prevention)
Browser type and version
Device information
Cookies and similar technologies

1.4 What We Don't Collect

Importantly, we do not collect:

The content of your AI agent conversations or data processed by your agents
Your custom OpenClaw configurations (stored only on your instance)
Your external API keys (stored encrypted on your instance only)
Your custom code or data files

2. How We Use Your Information

Purpose	Data Used	Legal Basis
Provide and maintain the service	Account info, usage data	Contract performance
Process payments	Billing info (via Stripe)	Contract performance
Calculate inference billing	Token usage metrics	Contract performance
Security and fraud prevention	IP address, access logs	Legitimate interest
Customer support	Account info, usage data	Contract performance
Service improvements	Aggregated, anonymized usage data	Legitimate interest

3. Data Storage and Security

3.1 Where Your Data Lives

Management Account (951907774604): We store account information, billing records, and usage metrics in our management AWS account (us-east-1).

Your Dedicated Instance: All data processed by your AI agents, your OpenClaw configuration, and any custom code or files reside exclusively on your dedicated EC2 instance in your own isolated AWS account. We cannot access this data without your explicit permission.

3.2 Security Measures

We implement industry-standard security practices:

Encryption in transit (TLS 1.3)
Encryption at rest for stored data
Access controls and authentication
Regular security assessments
Network isolation via AWS security groups

3.3 Data Retention

We retain your data for the following periods:

Account information: Until account deletion, then 90 days in backups
Billing records: 7 years (legal requirement)
Usage logs: 30 days
Inference usage data: 90 days after billing period closes
Security logs: 1 year

4. Your Rights (GDPR and Global)

Depending on your location, you may have the following rights regarding your personal data:

Access: Request a copy of your personal data
Correction: Request we correct inaccurate data
Deletion: Request deletion of your personal data (subject to legal retention requirements)
Portability: Request your data in a machine-readable format
Objection: Object to certain processing activities
Restriction: Request limitation of processing in certain circumstances

To exercise these rights, contact us at privacy@clawcradle.com. We will respond within 30 days.

5. Cookies and Tracking

We use cookies and similar technologies for:

Essential cookies: Required for the service to function (authentication, security)
Preference cookies: Remember your settings and preferences
Analytics cookies: Help us understand how our website is used (Google Analytics, Mixpanel)

You can manage cookie preferences through your browser settings. Note that disabling essential cookies may prevent the service from functioning properly.

6. Third-Party Services

We use the following third-party services:

Stripe: Payment processing. Subject to Stripe's Privacy Policy.
Amazon Web Services (AWS): Cloud infrastructure. Subject to AWS Privacy Notice.
Amazon Cognito: Authentication services.
GitLab: Code repository (if you use our integration).

7. Children's Privacy

ClawCradle is not intended for children under 16. We do not knowingly collect personal information from children under 16. If you believe we have inadvertently collected such information, please contact us immediately.

8. International Data Transfers

Your data is stored and processed in the United States (AWS us-east-1). If you are accessing our service from outside the US, your data will be transferred to and processed in the US. By using our service, you consent to this transfer.

For customers in the European Economic Area (EEA), we ensure appropriate safeguards are in place for international data transfers in accordance with GDPR requirements.

9. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of material changes via email or through your dashboard at least 30 days before they take effect. Your continued use of the service after changes constitutes acceptance of the updated policy.

10. Contact Us

For privacy-related questions or to exercise your rights:

Email: privacy@clawcradle.com
Address: ClawCradle, Inc., Attn: Privacy, [Business Address]

For EU residents, you also have the right to lodge a complaint with your local data protection authority.