The short version (plain English)
ClawVault is built so we can't read your sensitive data even if we wanted to. Your vault contents (passwords, IDs, payment info) are encrypted in Google Cloud Secret Manager with per-user IAM scoping. Our database stores references and labels — never the values. We don't sell, rent, or share your data with anyone for marketing. We keep the smallest amount of personal info needed to run the service. Here's the long version.
1. Who runs ClawVault
ClawVault is the consumer life-admin agent at go-claw.com. The operator is contactable at [email protected]. We're a small team, not a multinational ad business.
2. What we collect — the full list
We try hard to collect the minimum data needed. Here's everything:
| Category | Why we have it | Where it lives |
|---|---|---|
| Email address | So you can log in and we can email receipts + alerts | Postgres users table + Stytch |
| Display name (optional) | What we call you in the UI | Postgres users table |
| Vault entries (passwords, IDs, addresses) | So the agent can fill them into web forms on your behalf | GCP Secret Manager only, AES-256 encrypted, IAM-scoped to your user ID. Postgres only stores metadata: a label like "SIN" and a reference path. Never the value. |
| Payment method token | So you can pay for your subscription | Stripe. We never see or store your full card number — only a tokenised reference Stripe gives us. |
| Subscription tracking data (Netflix, Spotify, etc) | So we can alert you before trials end and renewals hit | Postgres subscriptions table. You enter this manually, or (opt-in) we read it from Plaid if you connect your bank. |
| Agent action history | So you have an audit trail of every action the agent took on your behalf — and so we can meter your monthly token budget | Postgres agent_actions table. Includes timestamps, target URLs, action types, status. Screenshot data is deleted after 24 hours. |
| Auth events | Security audit log — every login, secret access, plan change | Postgres audit_log table |
| IP address + User-Agent | To detect suspicious logins and rate-limit abuse | Postgres audit_log, kept for 90 days |
| Stripe customer ID | To link your ClawVault account to your subscription billing | Postgres users table. Actual billing details live at Stripe. |
What we do NOT collect:
- We don't run third-party analytics (no Google Analytics, no Mixpanel, no Hotjar, no Facebook Pixel)
- We don't fingerprint your browser or device
- We don't sell or share data with advertisers, brokers, or "data partners"
- We don't track you across other websites
- We don't read or store the contents of pages the agent visits beyond the screenshot needed for your audit trail
3. How your vault is protected
The vault is the most sensitive part of ClawVault, so we built the architecture so that even our own engineers can't read it:
- AES-256 encryption at rest via Google Cloud Secret Manager
- Per-user IAM scoping — each user's secrets live at a path like
projects/go-claw-prod/secrets/user-{uuid}-vault-{field}. The agent container that runs your tasks has IAM access to only secrets prefixed with your user ID — nothing else. - Per-billing-owner container isolation — solo users get their own Cloud Run container; family and pro plans share one container per payer across their seats. The container scales to zero when idle, so most of the time it doesn't even exist.
- The Postgres database stores only labels and references, never values. If our database leaked tomorrow, the leaked data would be: emails, display names, encrypted secret references (useless without the corresponding Secret Manager access), and subscription metadata. No passwords. No card numbers. No government IDs.
- Audit logging — every secret read is recorded in GCP's audit log and our own
audit_logtable.
4. Authentication and multi-factor
All authentication is handled by Stytch. That means email OTP, SMS OTP, Google OAuth, passkeys, and authenticator-app TOTP are all first-class options from day one. We verify Stytch session JWTs locally via their JWKS — no per-request API roundtrip, and Stytch never needs to ask us about your session. Enable multi-factor from the Settings page; we strongly recommend passkeys or TOTP over SMS for anything sensitive.
5. Who we share data with (very short list)
ClawVault uses a small number of third-party services to operate. None of them get access to your vault contents. Here's the complete list:
| Service | What they see |
|---|---|
| Google Cloud Platform | Hosts everything (Cloud Run, Cloud SQL, Secret Manager). Standard cloud infrastructure — they don't read your application data. |
| Stytch | Your email, phone (if you add it), and authentication factors. Stytch is SOC 2 Type II + ISO 27001 + GDPR compliant. Privacy policy: stytch.com/legal/privacy-policy |
| Stripe | Your name, email, payment method (card token), and billing history. PCI-DSS Level 1 certified. Privacy policy: stripe.com/privacy |
| OpenRouter | The task description and minimum context needed for each agent action — never your full vault. OpenRouter proxies multiple LLM providers behind a single API and does not train on your data. Privacy policy: openrouter.ai/privacy |
| Cloudflare | DNS only — Cloudflare resolves go-claw.com to our Cloud Run service. We don't run them as a CDN proxy, so they don't see your traffic content. |
| Plaid (opt-in only) | Only if you choose to connect your bank for the bills feature. Plaid reads your transaction history to detect recurring subscriptions. Privacy policy: plaid.com/legal. You can disconnect any time from the Bills page. |
We do not share your data with any other third party for marketing, analytics, advertising, or any other purpose. We do not sell data to data brokers. We do not participate in advertising networks.
6. AI and large language models
ClawVault's agent runs inside the OpenClaw open-source framework and routes LLM calls exclusively through OpenRouter (which proxies Qwen, Claude Haiku, Claude Sonnet, and others behind one OpenAI-compatible API). We do not call any model provider directly, so no first-party LLM vendor receives identifying metadata from us. We send only the minimum context needed for each action (task description, relevant vault field labels, current page snippet — never your full vault). OpenRouter does not train on your data.
6a. Bring-Your-Own-API keys (Pro plan)
Pro-tier users can paste their own OpenAI, Google, or Groq API keys into Settings to route their agent's LLM calls through their own account. When you do this, the key is stored in encrypted form in our Postgres database (column-level AES encryption, not the same Google Secret Manager vault we use for credential secrets). Only the backend process that makes the LLM call can read it. Removing a key from Settings deletes it; deleting your account wipes it alongside every other row within 30 days. The key itself never appears in audit logs or container environments — only the provider name does. For the highest security, don't use BYOAPI; our default OpenRouter-proxied path means zero third-party key handling on your side.
6b. Google API Services User Data Policy
ClawVault's use of information received from Google APIs — including Gmail and Google Calendar — adheres to the Google API Services User Data Policy, including the Limited Use requirements. The scopes we request, and what each one is used for:
| Scope | Why we request it | What we store |
|---|---|---|
gmail.readonly | Detect bills, receipts, and subscription-renewal emails so the agent can surface them on your Bills page, track due dates, and alert before charges hit. Read-only — we never send, delete, or modify mail. | Parsed facts only: biller name, amount, due date, last-four card digits. The raw email body is processed transiently in a Cloud Run container and not persisted. Subject lines used for matching are discarded after parsing. |
calendar.readonly | Read your upcoming events so the agent can schedule around them (e.g. “don't run the bill-pay automation during your meeting block”) and surface relevant context. | Event title + start/end times only, held in memory for the duration of a single agent task. Not written to Postgres or any long-term store. |
calendar.events | Create reminder events the agent generates — bill due dates, subscription renewal alerts, membership expirations — on your primary calendar with your approval. | We track the event IDs we created so we can update or delete them later (e.g. if you cancel a subscription). No other event data stored. |
Limited Use affirmations (Google API Services User Data Policy)
In line with Google's Limited Use policy for Gmail and Calendar data:
- We use Gmail and Calendar data only to provide the user-facing ClawVault features described above (bills detection, calendar awareness, agent-created reminders). We do not use it for any other purpose.
- We do not transfer Gmail or Calendar data to any third party except (a) to provide or improve these features for the user, (b) to comply with applicable law, or (c) as part of a merger, acquisition, or sale of assets with notice to you.
- We do not use Gmail or Calendar data to serve advertisements, build marketing audiences, or any ad-related purpose.
- We do not allow humans to read Gmail or Calendar data unless (a) we have your affirmative agreement for specific messages, (b) it's necessary for security purposes (e.g. investigating abuse), (c) it's needed to comply with applicable law, or (d) the data has been aggregated and anonymized for internal operations.
- We do not use Gmail or Calendar data to train, refine, or develop generalized/non-personalized AI or ML models. Agent responses are generated at request time from the user's own context and are not retained for training by us. Our LLM routing provider (OpenRouter) contractually does not train on customer data.
How to revoke Google access
You can disconnect Gmail/Calendar from ClawVault at any time from the Settings → Integrations page. You can additionally revoke ClawVault's access from your Google account at myaccount.google.com/permissions. When you revoke, we delete the stored OAuth tokens within 24 hours and the agent stops being able to read your mail or calendar.
7. How long we keep things
| Data type | Retention |
|---|---|
| Vault contents | Until you delete them or close your account |
| Account profile | Until you delete your account, then within 30 days everywhere |
| Audit log | 2 years (legal/compliance retention) |
| Agent action screenshots | Retained up to 24 hours; purged by the next scheduled janitor run |
| Gmail message facts (biller, amount, due date) | Until the bill is marked paid or you delete the entry; the source message body is never stored |
| Google OAuth tokens (refresh + access) | Until you disconnect Gmail/Calendar or revoke from Google; deleted within 24 hours of revocation |
| Calendar event data | In-memory only for the duration of a single agent task; event IDs we create are kept so we can update/delete the events we made |
| Billing records (Stripe) | 7 years (tax law) |
| Stytch sessions | 30 days from last use (configurable per factor) |
| Contact messages | Until handled, then archived for 1 year |
8. Your rights
Depending on where you live, you may have specific legal rights under laws like GDPR (EU/UK), PIPEDA (Canada), CCPA (California), or LGPD (Brazil). We honour the same rights for everyone regardless of jurisdiction:
- Access — Get a copy of all data we hold about you
- Export — Download your vault and audit log as encrypted JSON from the Settings page
- Correct — Update or fix anything that's wrong
- Delete — Wipe your account. We soft-delete immediately and hard-delete (Postgres rows + Secret Manager entries + screenshots + Stripe customer record) within 30 days
- Object — Tell us to stop processing your data for any specific reason
- Complain — If you think we're doing something wrong, email [email protected] first. If we don't resolve it to your satisfaction, you can complain to your local data protection authority.
9. Cookies and tracking
We use a single, essential cookie: a Stytch session token after you log in, so you stay logged in across page loads. That's it. No analytics cookies, no advertising cookies, no third-party trackers, no consent banner needed.
10. International data transfers
ClawVault's primary infrastructure runs in Google Cloud's us-central1 region (Iowa, USA). If you're accessing the service from outside the US, your data is being processed in the US. We rely on Google Cloud's and Stytch's standard contractual clauses for international data transfers where applicable.
10a. Security incidents and breach notification
If we ever confirm a security incident that exposes your personal data, we'll notify affected users by email within 72 hours of confirming the breach — this matches the GDPR Art. 33 timeline and is our commitment regardless of where you live. The notification will describe what data was involved, our best understanding of how, what we're doing about it, and any steps you should take. In parallel we notify the relevant data-protection authorities where required by law.
11. Children
ClawVault is not for anyone under 18. We don't knowingly collect data from children. If you believe a child has signed up, email [email protected] and we'll delete the account immediately.
12. Changes to this policy
We'll update this page if we change anything material. The "Last updated" date at the top reflects the most recent version. Significant changes get an email notification at least 30 days in advance to active users.
13. Contact
[email protected]. Every message reaches a human and we read them.