Privacy Policy

Last updated: February 11, 2026

1. Introduction

This Privacy Policy describes how ownclawd ("we", "us", "Service") collects, uses, and protects your personal information when you use our platform.

By using ownclawd, you consent to the practices described in this policy.

2. Information We Collect

Account information: When you sign up, we collect your name, email address, and authentication credentials (password hash or Google OAuth token).

Billing information: Payments are processed by Polar. We do not store credit card numbers. We receive subscription status, plan details, and transaction identifiers from Polar via webhooks.

Agent configuration: System prompts, model preferences, channel settings, and skill configurations you provide when setting up your agents.

API keys and secrets: Channel tokens (Telegram, Slack, Discord) and API keys you provide are encrypted at rest in AWS Systems Manager Parameter Store. We never log or display full secret values after storage.

Usage data: AI model usage amounts (token counts and costs) tracked via OpenRouter for billing and quota enforcement.

Messages: Conversation messages between users and your agents are stored in our database to maintain conversation history and enable the agent loop.

3. How We Use Your Information

  • To operate, maintain, and improve the Service.
  • To provision and manage your agent instances on AWS infrastructure.
  • To process billing and enforce usage quotas.
  • To send transactional emails related to your account (e.g., password resets, billing receipts).
  • To respond to support requests.

We do not use your data for advertising. We do not sell your personal information to third parties.

4. Data Storage & Security

Your data is stored using Convex (serverless database) and AWS infrastructure (ECS Fargate, EFS, SSM Parameter Store) in the United States.

  • API keys and secrets are encrypted at rest using AWS SSM SecureString parameters.
  • Each agent runs in an isolated container with its own filesystem (EFS access point).
  • Authentication tokens are signed and verified using industry-standard practices (Better Auth).
  • All connections use HTTPS/TLS.

5. Third-Party Services

We use the following third-party services to operate ownclawd:

  • Convex — serverless database and backend functions.
  • AWS (Amazon Web Services) — container hosting (ECS Fargate), file storage (EFS), secrets management (SSM).
  • OpenRouter — AI model API routing and key management.
  • Polar — subscription billing and payment processing.
  • Cloudflare — tunnel routing and DNS.
  • Google — OAuth authentication (if you sign in with Google).

Each third-party service has its own privacy policy governing how they handle data.

6. Data Shared with AI Providers

When your agent processes messages, conversation content is sent to AI model providers through OpenRouter. This is necessary to generate responses. We do not control how upstream model providers handle data — refer to OpenRouter's and the respective model provider's privacy policies.

You are responsible for ensuring that any personal data processed by your agents complies with applicable data protection laws.

7. Data Retention

  • Account data is retained while your account is active.
  • Upon account deletion or subscription cancellation, your agent instances are stopped and your data is deleted within 30 days.
  • Billing records may be retained longer as required by law.
  • Anonymized, aggregated usage statistics may be retained indefinitely.

8. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal data we hold about you.
  • Request correction of inaccurate data.
  • Request deletion of your data.
  • Export your data in a portable format.
  • Withdraw consent for data processing.

To exercise any of these rights, contact us through the email address listed in your account dashboard.

9. Cookies

We use essential cookies for authentication and session management. We do not use advertising or tracking cookies.

10. Children's Privacy

ownclawd is not intended for use by anyone under the age of 18. We do not knowingly collect personal information from minors.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated to active users via email. Continued use of the Service after changes take effect constitutes acceptance of the revised policy.

12. Contact

Questions about this Privacy Policy? Reach us at the email address listed in your account dashboard or through our support channels.