Privacy Policy

Last updated: February 2026

Overview

At Claw Ops, privacy is fundamental to our design. Your OpenClaw instance runs in an isolated VM, and we employ a zero-knowledge architecture for your AI provider API keys—we never see them.

Information We Collect

Account Information

  • Email address (for account access and communications)
  • Company name (optional)
  • Password (stored hashed with Argon2id)
  • Billing information (processed by Stripe)

Service Data

  • Instance configuration (plan, region, subdomain)
  • Usage metrics (for billing and service operation)
  • Error logs (for debugging and support)

What We Do NOT Collect

  • Your AI provider API keys (zero-knowledge design)
  • Your OpenClaw chat history or conversations
  • Files stored in your instance
  • Your OpenClaw configuration contents

How We Use Information

  • To provide and maintain the Service
  • To process payments and manage subscriptions
  • To send service-related communications
  • To respond to support requests
  • To detect and prevent fraud or abuse
  • To improve the Service

Data Storage and Security

Your OpenClaw instance runs in an isolated Firecracker microVM on Fly.io infrastructure. Each instance has its own encrypted volume. We use industry-standard security practices:

  • All data encrypted in transit (TLS 1.3)
  • Passwords hashed with Argon2id
  • Gateway tokens encrypted at rest (AES-256-GCM)
  • Hardware-level VM isolation per customer
  • Regular security updates applied automatically

Third-Party Services

We use the following third-party services:

  • Fly.io — Infrastructure hosting (US-based)
  • Stripe — Payment processing
  • SendGrid — Transactional emails
  • Cloudflare — DNS and DDoS protection
  • Sentry — Error tracking (no user data)

Data Retention

We retain account data while your account is active. Upon cancellation, your instance and associated data are deleted after a 30-day grace period. Audit logs are retained for 90 days. Billing records are retained as required by law.

Your Rights

You have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Request deletion of your data
  • Export your data
  • Object to processing

To exercise these rights, contact us at privacy@claw-ops.ai

Cookies

We use essential cookies only for authentication (session tokens). We do not use tracking cookies or third-party analytics that track individual users.

Children's Privacy

Claw Ops is not intended for children under 13. We do not knowingly collect personal information from children under 13.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or through the Service.

Contact Us

Questions about this Privacy Policy? Contact us at privacy@claw-ops.ai

← Back to home