Last updated: June 25, 2026

Privacy Policy

1. Overview

Clawvisor, Inc., a Delaware corporation ("Clawvisor," "we," "us," or "our"), is the data controller for information collected through the cloud service and the clawvisor.com website. Clawvisor is a credential-vaulting gateway for AI agents, available both as a hosted cloud service at app.clawvisor.com ("the Service") and as self-hosted software you run on your own infrastructure ("the Software"). This Privacy Policy covers the clawvisor.com website, the cloud service, and describes what data a self-hosted Clawvisor instance processes.

2. Cloud Service — Data We Collect

When you use the Clawvisor cloud service, we collect, store, or use the following data:

  • Account data: Email address and bcrypt-hashed password for authentication. If you sign in via SAML SSO, your email address is received from your organization's identity provider.
  • Authentication session data: We use strictly necessary authentication cookies, including an HttpOnly refresh-token cookie, to keep you signed in and protect account access. These cookies are not used for analytics, advertising, or cross-site tracking.
  • Credentials you store: API keys and OAuth tokens you add to the vault, encrypted with AES-256-GCM at rest.
  • Agent tokens: Stored as SHA-256 hashes. The raw token is shown once at creation and never stored. Agent tokens may also be issued to third-party applications (such as IDE plugins) through an OAuth 2.1 authorization flow that you explicitly approve.
  • OAuth client registrations: When a third-party application connects via OAuth, we store its client name and redirect URIs. Authorization codes are short-lived and deleted after use.
  • Chain context facts: When intent verification with chain context is enabled, structural references (such as email addresses, IDs, and phone numbers) may be extracted from API responses and stored temporarily to validate follow-up requests within the same task. These facts are automatically deleted when the task completes, expires, or is revoked.
  • Audit logs: Every gateway request is logged with the service, action, sanitized parameters, decision, and outcome. Raw credentials are never included in logs.
  • LLM proxy records: Metadata, redacted audit records, short-lived approval state, nonces, resolver state, and operational trace/debug logs related to LLM proxy traffic, as described in Section 2a. Raw LLM request bodies, raw LLM response bodies, and full model streams are not persisted.
  • Notification configs: Telegram bot tokens and chat IDs for approval notifications, if configured.

2a. LLM Proxy Data Handling

When you use Clawvisor's LLM proxy, Clawvisor processes prompts, conversation history, tool definitions, tool calls, tool results, model outputs, streaming chunks, and related request/response content only transiently to provide proxy features such as credential substitution, tool-call inspection, task-scope enforcement, human approval, redaction, rewriting, blocking, and audit logging. Clawvisor does not persist raw LLM request bodies, raw LLM response bodies, or full model streams.

We may store metadata and redacted audit records, such as provider, model, endpoint, timestamp, status code, streaming flag, tool name, decision, outcome, task ID, agent ID, and sanitized parameters. Redacted audit records are retained as audit logs. Short-lived pending approval state, nonces, and resolver state may be stored temporarily and deleted when the approval, stream, or request no longer needs them. Operational trace/debug logs, when generated, are redacted or sanitized and retained only as needed for service operation, security, support, or compliance, then deleted according to the applicable account deletion or operational log retention process.

3. Self-Hosted Instances

When you self-host Clawvisor, your credentials, audit logs, agent configurations, and all data processed by your instance remain under your control. The cloud relay is enabled by default for local daemon installations, and push notifications are enabled when you pair a mobile device; connection metadata for these services (described in Section 3a) is processed by Clawvisor's infrastructure. We do not collect telemetry or usage analytics from self-hosted instances unless you explicitly opt in. When enabled, anonymous telemetry includes aggregate event counts (tasks created, gateway requests processed, approvals issued) and is not linked to any user identity or credentials.

3a. Self-Hosted — Cloud Relay and Push Notifications

Local daemon installations connect to the Clawvisor cloud relay by default. The following data is transmitted to Clawvisor infrastructure:

  • Connection metadata: Daemon ID, Ed25519 public key, IP address, and connection/disconnection timestamps.
  • Tunnel traffic: All traffic between your daemon and connecting clients is encrypted in transit (TLS). A subset of security-sensitive routes — including agent gateway requests, task management, and connection requests — additionally enforce end-to-end encryption (X25519/HKDF + AES-256-GCM), making their contents unreadable by the relay server. Other routes, including the MCP protocol used by IDE plugins such as Claude Desktop, are protected by TLS in transit but are readable by the relay server. Credentials stored in your local vault are never transmitted through the relay.
  • Authentication: The relay stores your daemon's Ed25519 public key for challenge-response authentication.

When you pair a mobile device, push notifications are enabled. The following is transmitted:

  • Device tokens: Required to deliver notifications to your mobile device.
  • Notification payloads: Payloads include event type, task purpose, risk level, and action summary. They do not include credentials, API response bodies, or message contents.

Connection metadata and device tokens are retained while the relay connection or push subscription is active and are deleted upon de-registration or account removal.

4. How We Use Your Data

For the cloud service, we use your data to:

  • Operate and maintain the service
  • Execute agent requests against third-party APIs on your behalf
  • Route and mediate user-directed LLM proxy traffic on your behalf
  • Enforce authorization policies (restrictions, task scopes, approvals, and LLM proxy controls)
  • Generate audit logs for your review

We do not sell your data or use it for advertising.

5. Website and Cookies

Our marketing site is hosted on Ploy and uses two privacy-focused, cookie-free analytics tools: Ploy's built-in first-party analytics and Plausible Analytics. Neither tool uses cookies or collects personal data, and both are compliant with GDPR, CCPA, and PECR. All data is aggregated and no individual visitors can be identified. Server logs may record IP addresses and request metadata as part of standard web hosting, which are retained for security purposes and automatically purged.

The hosted application at app.clawvisor.com uses strictly necessary cookies for authentication and security, such as an HttpOnly refresh-token cookie. These cookies are required to provide the Service and are not used for advertising or analytics.

6. Third-Party Services

Clawvisor interacts with third-party services only when you configure it to, whether on the cloud service or a self-hosted instance:

  • External APIs (Google, GitHub, Slack, etc.) are called on your behalf when agents make requests. You register your own API credentials with each provider. Data exchanged with these services is subject to their respective privacy policies.
  • SAML identity providers: If you configure SAML SSO, authentication requests are sent to your organization's identity provider. We store the IdP's entity ID, SSO URL, and signing certificate to validate responses. Your email address is extracted from the SAML assertion.
  • Telegram is used for approval notifications if you configure a bot. Message content includes service names, actions, and truncated parameters.
  • Resend is used for email verification on the cloud service. Your email address is shared with Resend to deliver verification messages.
  • Cloud relay and push: Local daemon installations connect to the Clawvisor cloud relay by default, and push notifications are enabled when you pair a mobile device. Data handling for these services is described in Section 3a.
  • Clawvisor internal AI features: If you enable optional intent verification or task risk assessment, Clawvisor uses AI models to evaluate agent requests. For intent verification, only request metadata (service, action, parameters, and agent-provided reason) is sent to the model. For task risk assessment, only the task purpose and authorized actions are sent. When chain context is enabled, the output of API calls executed on your behalf — which may include email bodies, message content, file contents, and other data returned by third-party APIs — is sent partially or in full to the configured LLM provider to extract structural references such as IDs and addresses. Credentials are never sent. On the cloud service, this processing occurs within Clawvisor's Google Cloud infrastructure. Self-hosted users select and configure their own LLM provider for these features; data handling is governed by that provider's terms. Cloud service: The cloud service uses Anthropic Claude Haiku 4.5 (or newer), Claude Sonnet 4.6 (or newer), and Google Gemini 2.5 Flash-Lite (or newer), hosted on Google Cloud Vertex AI within Clawvisor's own GCP project. Google processes this data as a sub-processor under its Cloud Data Processing Addendum. For Clawvisor internal AI features, no user data is sent to Anthropic or any other model provider directly, and no user data is used for model training. Self-hosted: You choose and configure your own LLM provider (Anthropic, OpenAI, Ollama, Groq, or Vertex AI). Data handling is governed by your chosen provider's terms.
  • User-directed LLM proxy traffic: When you configure or use Clawvisor's LLM proxy to call OpenAI-compatible, Anthropic-compatible, or other LLM provider endpoints, request and response content is sent to the provider endpoint you configure, select, or instruct Clawvisor to use. This includes prompts, conversation history, tool definitions, tool calls, tool results, model outputs, and streaming chunks as needed to provide the proxy. Clawvisor's non-persistence promise for raw LLM request bodies, raw LLM response bodies, and full model streams is described in Section 2a. The provider's handling of data after it receives proxy traffic is governed by that provider's privacy terms, data processing terms, and account settings.

7. Data Retention

Cloud service: Your data is retained while your account is active. Upon account deletion, all associated data — including credentials, audit logs, agent configurations, and account information — is permanently purged within thirty (30) days, except where retention is required by applicable law. You may request deletion at any time by contacting support@clawvisor.com.

Audit logs: Audit logs on the cloud service are retained for the lifetime of your account. You may export or request deletion of your audit history at any time.

Authentication sessions: Authentication session cookies expire according to the configured session lifetime, and are cleared or invalidated when you log out or when the session is revoked or expires.

LLM proxy artifacts: Raw LLM request bodies, raw LLM response bodies, and full model streams are not persisted. Redacted audit logs and sanitized operational trace/debug logs may be retained as described in Section 2a. Pending approvals, nonces, resolver state, and similar short-lived proxy state are deleted when no longer needed for the approval, stream, request, or related operational process.

Self-hosted: You control data retention entirely. Expired sessions, pending approvals, and chain context facts are cleaned up automatically by background processes within your instance.

8. Data Security

Credentials are encrypted at rest with AES-256-GCM. The vault key is stored separately from the database. Passwords are hashed with bcrypt. Agent tokens are stored as one-way hashes. No credentials appear in logs, error messages, or API responses. The cloud service infrastructure is hosted on Google Cloud Platform (GCP).

9. Your Rights

For the cloud service, you may request access to, correction of, or deletion of your personal data by emailing support@clawvisor.com. For self-hosted instances, you have direct access to all your data.

If you are located in the European Economic Area (EEA) or the United Kingdom, you have additional rights under the General Data Protection Regulation (GDPR), including the right to access, rectify, erase, restrict processing, data portability, and object to processing of your personal data. Our legal bases for processing are: performance of our contract with you (providing the Service), and legitimate interests (security, fraud prevention, and service improvement). The cloud service infrastructure is hosted in the United States on Google Cloud Platform. Transfers of personal data from the EEA/UK to the United States are governed by Google's Data Processing Addendum, which incorporates Standard Contractual Clauses (SCCs) approved by the European Commission. To exercise your rights, contact support@clawvisor.com.

10. Children's Privacy

Clawvisor is not directed at individuals under the age of 13. We do not knowingly collect personal information from children.

11. Sub-Processors

The cloud service uses the following sub-processors to deliver the Service:

  • Google Cloud Platform — Cloud infrastructure and data processing.
  • Resend — Email delivery.
  • Telegram — Notification delivery.
  • Ploy — Marketing website hosting and analytics.
  • Plausible Analytics — Website analytics.

12. Changes to This Policy

We may update this Privacy Policy from time to time. For material changes, we will notify you at least thirty (30) days in advance by email or through a prominent notice within the Service. Changes will be posted on this page with an updated date.

13. Contact

For questions about this Privacy Policy, contact us at support@clawvisor.com.