Privacy Policy

Last updated: March 2026

1. Information We Collect

Account Information: Email address, name (if provided via SSO), and hashed password.

Agent Configuration: LLM provider choice, encrypted API keys, and bot tokens you provide. These are encrypted at rest using AES-256.

Usage Data: Agent status, heartbeat timestamps, and resource usage metrics. We do not access the content of your AI conversations.

Payment Information: Processed by Stripe and Cryptomus. We never store your credit card numbers.

2. How We Use Your Information

We use your information solely to provide and improve the ClawBase service:

Provisioning and managing your AI agent VMs
Authenticating your account
Processing payments and managing subscriptions
Sending service-related notifications
Improving platform reliability and performance

3. Data Isolation

Each agent runs in a fully isolated virtual machine. Your agent's data, conversations, and files are completely separated from other users. We do not have access to the content of your AI agent's conversations or files stored within your agent.

4. Data Retention

We retain your account data for as long as your account is active. When you delete your account or an agent, all associated data — including agent disks, encrypted secrets, and configuration — is permanently destroyed within 48 hours.

5. Third-Party Services

We integrate with the following third-party services:

Stripe — Payment processing
Cryptomus — Cryptocurrency payments
OAuth Providers (Google, GitHub, Discord) — Authentication only

We do not sell your data to any third party.

6. Security

All API keys and secrets are encrypted using AES-256 (Fernet). All traffic is encrypted via TLS. VMs are isolated at the hypervisor level. Provisioning secrets are wiped after initial setup.

7. Your Rights

You have the right to:

Access your personal data
Export your data
Delete your account and all associated data
Withdraw consent at any time

8. Contact

For privacy-related inquiries, contact us at privacy@clawbase.to