Privacy Policy

1. Information We Collect

Information You Provide

• Account Information: When you create an account, we collect your email address and authentication credentials (via Supabase Auth, including Google OAuth).
• Payment Information: Billing details are handled by Stripe. We do not store full payment card numbers on our servers.
• Instance Configuration: Telegram bot tokens, AI provider API keys, model preferences, and pairing codes you submit during onboarding.
• Communications: Any messages or inquiries you send to our support channels.

Information Collected Automatically

• Log Data: IP addresses, browser type, operating system, referring URLs, and timestamps.
• Device Information: Hardware model, operating system version, and unique device identifiers.
• Usage Data: Pages visited, features accessed, and interactions with the Service.

2. How We Use Your Information

• To provide, operate, and maintain the Service, including provisioning and managing your OpenClaw instance.
• To enhance, develop, and improve the Service based on usage patterns and feedback.
• To communicate with you regarding account updates, billing, and support inquiries.
• To detect, prevent, and address security incidents and fraudulent activity.

3. Legal Basis for Processing (EEA/UK Users)

If you are located in the European Economic Area or United Kingdom, we process your personal data on the following legal grounds: performance of our contract with you, our legitimate business interests, compliance with legal obligations, and your consent where applicable under GDPR.

4. Information Sharing and Disclosure

We may share your information with trusted service providers who assist in operating the Service, including:

• Stripe — payment processing
• Supabase — authentication and database services
• Hetzner — cloud infrastructure hosting

We may also disclose information when required by law, to protect our rights, or in connection with a business transfer. We do not sell your personal data to third parties for marketing purposes.

5. Cookies and Tracking Technologies

We use cookies and similar technologies to manage authentication sessions, maintain security, analyze usage, and remember your preferences. You can control cookie settings through your browser. Some third-party services integrated into the Service may also set their own cookies.

6. Data Security

We implement appropriate technical and organizational safeguards to protect your information, including encryption in transit and at rest, access controls, and isolated instance environments. Each user's OpenClaw instance runs in a completely separate, sandboxed environment.

7. Data Retention

We retain your personal data for as long as necessary to provide the Service and fulfill the purposes described in this policy. When your instance is terminated (e.g., after subscription cancellation), associated instance data is permanently deleted from our servers.

8. Your Privacy Rights

Depending on your jurisdiction, you may have the right to access, correct, delete, or port your personal data, as well as the right to restrict or object to certain processing activities.

• EEA/UK Residents (GDPR): You have the right to access, rectify, erase, restrict processing, data portability, and to object to processing.
• California Residents (CCPA/CPRA): You have the right to know what personal information is collected, request deletion, and opt out of data sales.

To exercise these rights, please contact us at support@moltyclaw.ai.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your own, including the United States and Germany. Where required, we rely on Standard Contractual Clauses or other lawful transfer mechanisms to ensure adequate protection.

10. Children's Privacy

The Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from minors. If we learn that we have collected data from a child, we will take steps to promptly delete it.

11. Third-Party Links and Services

The Service may contain links to third-party websites or services. We are not responsible for the privacy practices of those external sites. We encourage you to review their privacy policies independently.

12. Do Not Track Signals

Our Service does not currently respond to “Do Not Track” browser signals. We will update this policy if that changes in the future.

13. Changes to This Privacy Policy

We may revise this Privacy Policy periodically. When we do, we will update the “Last updated” date at the top. We encourage you to review this page regularly to stay informed about how we protect your information.

14. Contact Us

If you have questions or concerns about this Privacy Policy, please reach out to us:

• Email: support@moltyclaw.ai