Legal

Privacy Policy

Last updated: April 14, 2026

The short version (plain English)

ClawVault is built so your sensitive data is encrypted with per-user access controls and access is tightly restricted. Your vault contents (passwords, IDs, payment info) are encrypted in Google Cloud Secret Manager with per-user IAM scoping. Our database stores references and labels — never the values. We don't sell, rent, or share your data with anyone for marketing. We keep the smallest amount of personal info needed to run the service. Here's the long version.

1. Who runs ClawVault

ClawVault is the consumer life-admin agent at go-claw.com. The operator is contactable at [email protected]. We're a small team, not a multinational ad business.

2. What we collect — the full list

We try hard to collect the minimum data needed. Here's everything:

CategoryWhy we have itWhere it lives
Email addressSo you can log in and we can email receipts + alertsPostgres users table + Stytch
Display name (optional)What we call you in the UIPostgres users table
Country of residence + postal codeConfirm you live in Canada (the only region we currently serve) and resolve your province for tax-prep + provincial government-form fill featuresPostgres users table (country, postal_code, region_set_at). The IP address at the moment of region declaration is captured in the audit log only.
Vault entries (passwords, IDs, addresses)So the agent can fill them into web forms on your behalfGCP Secret Manager only, AES-256 encrypted, IAM-scoped to your user ID. Postgres only stores metadata: a label like "SIN" and a reference path. Never the value.
Payment method tokenSo you can pay for your subscriptionStripe. We never see or store your full card number — only a tokenised reference Stripe gives us.
Subscription tracking data (Netflix, Spotify, etc)So we can alert you before trials end and renewals hitPostgres subscriptions table. You enter this manually, or (opt-in) we read it from Plaid if you connect your bank.
Agent action historySo you have an audit trail of every action the agent took on your behalf — and so we can meter your monthly token budgetPostgres agent_actions table. Includes timestamps, target URLs, action types, status. Screenshot data is deleted after 30 days.
Auth eventsSecurity audit log — every login, secret access, plan changePostgres audit_log table
IP address + User-AgentTo detect suspicious logins and rate-limit abusePostgres audit_log, kept for 90 days
Stripe customer IDTo link your ClawVault account to your subscription billingPostgres users table. Actual billing details live at Stripe.

What we do NOT collect:

  • We don't run third-party analytics (no Google Analytics, no Mixpanel, no Hotjar, no Facebook Pixel)
  • We don't fingerprint your browser or device
  • We don't sell or share data with advertisers, brokers, or "data partners"
  • We don't track you across other websites
  • We don't read or store the contents of pages the agent visits beyond the screenshot needed for your audit trail

3. How your vault is protected

The vault is the most sensitive part of ClawVault, so we built the architecture so that it is encrypted with per-user access controls and access is tightly restricted:

  • AES-256 encryption at rest via Google Cloud Secret Manager
  • Per-user IAM scoping — each user's secrets live at a path like projects/go-claw-prod/secrets/user-{uuid}-vault-{field}. The agent container that runs your tasks has IAM access to only secrets prefixed with your user ID — nothing else.
  • Per-billing-owner container isolation — solo users get their own Cloud Run container; family and pro plans share one container per payer across their seats. The container scales to zero when idle, so most of the time it doesn't even exist.
  • The Postgres database stores only labels and references, never values. If our database leaked tomorrow, the leaked data would be: emails, display names, encrypted secret references (useless without the corresponding Secret Manager access), and subscription metadata. No passwords. No card numbers. No government IDs.
  • Audit logging — every secret read is recorded in GCP's audit log and our own audit_log table.

3a. iOS AutoFill and the keychain snapshot

The ClawVault iOS app ships with an AutoFill Credential Provider extension so you can fill saved logins into Safari and other apps without copy-pasting. Because iOS runs the extension in a sandbox that can't make network calls, we use a tightly scoped data path:

  • When you unlock ClawVault on your device, the main app decrypts the vault entries needed for AutoFill and writes a JSON snapshot to your device's shared keychain (Apple App Group group.com.goclaw.clawvault.shared). Only the ClawVault app and its AutoFill extension can read this group.
  • The extension reads the snapshot at fill time, finds the matching entry for the requested service, and returns just the username and password to iOS's AutoFill UI. No crypto happens inside the extension; it is a passive consumer of the snapshot that the main app produces.
  • The snapshot lives only on your device. It is never uploaded, backed up off-device, or shared with us. Locking ClawVault or uninstalling the app removes the snapshot.
  • Biometric (Face ID / Touch ID) authentication gates access to the snapshot — you must unlock with your device biometric before AutoFill can hand a credential to iOS.

4. Authentication and multi-factor

All authentication is handled by Stytch. Sign in with a passwordless email or SMS one-time code, Google or Apple sign-in, or a passkey (WebAuthn), which provides strong, phishing-resistant protection. We verify Stytch session JWTs locally via their JWKS — no per-request API roundtrip, and Stytch never needs to ask us about your session. For anything sensitive we strongly recommend setting up a passkey.

5. Who we share data with (very short list)

ClawVault uses a small number of third-party services to operate. None of them get access to your vault contents. Here's the complete list:

ServiceWhat they see
Google Cloud PlatformHosts everything (Cloud Run, Cloud SQL, Secret Manager). Standard cloud infrastructure — they don't read your application data.
StytchYour email, phone (if you add it), and authentication factors. Stytch is SOC 2 Type II + ISO 27001 + GDPR compliant. Privacy policy: stytch.com/legal/privacy-policy
StripeYour name, email, payment method (card token), and billing history. PCI-DSS Level 1 certified. Privacy policy: stripe.com/privacy
OpenRouterThe task description and minimum context needed for each agent action — never your full vault. OpenRouter proxies multiple LLM providers behind a single API and does not train on your data. Privacy policy: openrouter.ai/privacy
CloudflareDNS only — Cloudflare resolves go-claw.com to our Cloud Run service. We don't run them as a CDN proxy, so they don't see your traffic content.
Plaid (opt-in only)Only if you choose to connect your bank for the bills feature. Plaid reads your transaction history to detect recurring subscriptions. Privacy policy: plaid.com/legal. You can disconnect any time from the Bills page.

We do not share your data with any other third party for marketing, analytics, advertising, or any other purpose. We do not sell data to data brokers. We do not participate in advertising networks.

6. AI and large language models

ClawVault's agent runs inside the OpenClaw open-source framework and routes LLM calls exclusively through OpenRouter (which proxies Qwen, Claude Haiku, Claude Sonnet, and others behind one OpenAI-compatible API). We do not call any model provider directly, so no first-party LLM vendor receives identifying metadata from us. We send only the minimum context needed for each action (task description, relevant vault field labels, current page snippet — never your full vault). OpenRouter does not train on your data.

6a. Bring-Your-Own-API keys (Pro plan)

Pro-tier users can paste their own OpenAI, Google, or Groq API keys into Settings to route their agent's LLM calls through their own account. When you do this, the key is stored in encrypted form in our Postgres database (column-level AES encryption, not the same Google Secret Manager vault we use for credential secrets). Only the backend process that makes the LLM call can read it. Removing a key from Settings deletes it; deleting your account wipes it alongside every other row within 7 days. The key itself never appears in audit logs or container environments — only the provider name does. For the highest security, don't use BYOAPI; our default OpenRouter-proxied path means zero third-party key handling on your side.

6b. Google API Services User Data Policy

ClawVault's use of information received from Google APIs — including Gmail and Google Calendar — adheres to the Google API Services User Data Policy, including the Limited Use requirements. The scopes we request, and what each one is used for:

ScopeWhy we request itWhat we store
gmail.readonlyDetect bills, receipts, and subscription-renewal emails so the agent can surface them on your Bills page, track due dates, and alert before charges hit. Read-only — we never send, delete, or modify mail.Parsed facts only: biller name, amount, due date, last-four card digits. The raw email body is processed transiently in a Cloud Run container and not persisted. Subject lines used for matching are discarded after parsing.
calendar.readonlyRead your upcoming events so the agent can schedule around them (e.g. “don't run the bill-pay automation during your meeting block”) and surface relevant context.Event title + start/end times only, held in memory for the duration of a single agent task. Not written to Postgres or any long-term store.
calendar.eventsCreate reminder events the agent generates — bill due dates, subscription renewal alerts, membership expirations — on your primary calendar with your approval.We track the event IDs we created so we can update or delete them later (e.g. if you cancel a subscription). No other event data stored.

Limited Use affirmations (Google API Services User Data Policy)

In line with Google's Limited Use policy for Gmail and Calendar data:

  • We use Gmail and Calendar data only to provide the user-facing ClawVault features described above (bills detection, calendar awareness, agent-created reminders). We do not use it for any other purpose.
  • We do not transfer Gmail or Calendar data to any third party except (a) to provide or improve these features for the user, (b) to comply with applicable law, or (c) as part of a merger, acquisition, or sale of assets with notice to you.
  • We do not use Gmail or Calendar data to serve advertisements, build marketing audiences, or any ad-related purpose.
  • We do not allow humans to read Gmail or Calendar data unless (a) we have your affirmative agreement for specific messages, (b) it's necessary for security purposes (e.g. investigating abuse), (c) it's needed to comply with applicable law, or (d) the data has been aggregated and anonymized for internal operations.
  • We do not use Gmail or Calendar data to train, refine, or develop generalized/non-personalized AI or ML models. Agent responses are generated at request time from the user's own context and are not retained for training by us. Our LLM routing provider (OpenRouter) contractually does not train on customer data.

How to revoke Google access

You can disconnect Gmail/Calendar from ClawVault at any time from the Settings → Integrations page. You can additionally revoke ClawVault's access from your Google account at myaccount.google.com/permissions. When you revoke, we delete the stored OAuth tokens within 24 hours and the agent stops being able to read your mail or calendar.

7. How long we keep things

Data typeRetention
Vault contentsUntil you delete them or close your account
Account profileUntil you delete your account, then within 7 days everywhere
Audit log2 years (legal/compliance retention)
Agent action screenshotsRetained up to 30 days; purged by the next scheduled janitor run
Gmail message facts (biller, amount, due date)Until the bill is marked paid or you delete the entry; the source message body is never stored
Google OAuth tokens (refresh + access)Until you disconnect Gmail/Calendar or revoke from Google; deleted within 24 hours of revocation
Calendar event dataIn-memory only for the duration of a single agent task; event IDs we create are kept so we can update/delete the events we made
Billing records (Stripe)7 years (tax law)
Stytch sessions30 days from last use (configurable per factor)
Contact messagesUntil handled, then archived for 1 year

8. Your rights

Depending on where you live, you may have specific legal rights under laws like GDPR (EU/UK), PIPEDA (Canada), CCPA (California), or LGPD (Brazil). We honour the same rights for everyone regardless of jurisdiction:

  • Access — Get a copy of all data we hold about you
  • Export — Download your vault and audit log as encrypted JSON from the Settings page
  • Correct — Update or fix anything that's wrong
  • Delete — Wipe your account. We soft-delete immediately and hard-delete (Postgres rows + Secret Manager entries + screenshots) within 7 days. Limited billing and payment references are retained for approximately 7 years as required by tax and accounting law, and are not used after your account is closed.
  • Object — Tell us to stop processing your data for any specific reason
  • Complain — If you think we're doing something wrong, email [email protected] first. If we don't resolve it to your satisfaction, you can complain to your local data protection authority.

9. Cookies and tracking

We use a single, essential cookie: a Stytch session token after you log in, so you stay logged in across page loads. That's it. No analytics cookies, no advertising cookies, no third-party trackers, no consent banner needed.

10. International data transfers

ClawVault's primary infrastructure runs in Google Cloud's us-central1 region (Iowa, USA). If you're accessing the service from outside the US, your data is being processed in the US. We rely on Google Cloud's and Stytch's standard contractual clauses for international data transfers where applicable.

10a. Security incidents and breach notification

If we ever confirm a security incident that exposes your personal data, we'll notify affected users by email within 72 hours of confirming the breach — this matches the GDPR Art. 33 timeline and is our commitment regardless of where you live. The notification will describe what data was involved, our best understanding of how, what we're doing about it, and any steps you should take. In parallel we notify the relevant data-protection authorities where required by law.

11. Children

ClawVault is not for anyone under 18. We don't knowingly collect data from children. If you believe a child has signed up, email [email protected] and we'll delete the account immediately.

12. Changes to this policy

We'll update this page if we change anything material. The "Last updated" date at the top reflects the most recent version. Significant changes get an email notification at least 30 days in advance to active users.

13. Contact

[email protected]. Every message reaches a human and we read them.