Privacy Policy

Last updated: March 23, 2026

1. Overview

Clawvisor is a credential-vaulting gateway for AI agents, available both as a hosted cloud service at app.clawvisor.com ("the Service") and as self-hosted software you run on your own infrastructure ("the Software"). This Privacy Policy covers the clawvisor.com website, the cloud service, and describes what data a self-hosted Clawvisor instance processes.

2. Cloud Service — Data We Collect

When you use the Clawvisor cloud service, we collect and store the following data:

  • Account data: Email address and bcrypt-hashed password for authentication. If you sign in via SAML SSO, your email address is received from your organization's identity provider.
  • Credentials you store: API keys and OAuth tokens you add to the vault, encrypted with AES-256-GCM at rest.
  • Agent tokens: Stored as SHA-256 hashes. The raw token is shown once at creation and never stored. Agent tokens may also be issued to third-party applications (such as IDE plugins) through an OAuth 2.1 authorization flow that you explicitly approve.
  • OAuth client registrations: When a third-party application connects via OAuth, we store its client name and redirect URIs. Authorization codes are short-lived and deleted after use.
  • Chain context facts: When intent verification with chain context is enabled, structural references (such as email addresses, IDs, and phone numbers) may be extracted from API responses and stored temporarily to validate follow-up requests within the same task. These facts are automatically deleted when the task completes, expires, or is revoked.
  • Audit logs: Every gateway request is logged with the service, action, sanitized parameters, decision, and outcome. Raw credentials are never included in logs.
  • Notification configs: Telegram bot tokens and chat IDs for approval notifications, if configured.

3. Self-Hosted Instances

When you self-host Clawvisor, your credentials, audit logs, agent configurations, and all data processed by your instance remain under your control. The cloud relay is enabled by default for local daemon installations, and push notifications are enabled when you pair a mobile device; connection metadata for these services (described in Section 3a) is processed by Clawvisor's infrastructure. We do not collect telemetry or usage analytics from self-hosted instances unless you explicitly opt in. When enabled, anonymous telemetry includes aggregate event counts (tasks created, gateway requests processed, approvals issued) and is not linked to any user identity or credentials.

3a. Self-Hosted — Cloud Relay and Push Notifications

Local daemon installations connect to the Clawvisor cloud relay by default. The following data is transmitted to Clawvisor infrastructure:

  • Connection metadata: Daemon ID, Ed25519 public key, IP address, and connection/disconnection timestamps.
  • Tunnel traffic: All traffic between your daemon and connecting clients is encrypted in transit (TLS). A subset of security-sensitive routes — including agent gateway requests, task management, and connection requests — additionally enforce end-to-end encryption (X25519/HKDF + AES-256-GCM), making their contents unreadable by the relay server. Other routes, including the MCP protocol used by IDE plugins such as Claude Desktop, are protected by TLS in transit but are readable by the relay server. Credentials stored in your local vault are never transmitted through the relay.
  • Authentication: The relay stores your daemon's Ed25519 public key for challenge-response authentication.

When you pair a mobile device, push notifications are enabled. The following is transmitted:

  • Device tokens: Required to deliver notifications to your mobile device.
  • Notification payloads: Payloads include event type, task purpose, risk level, and action summary. They do not include credentials, API response bodies, or message contents.

Connection metadata and device tokens are retained while the relay connection or push subscription is active and are deleted upon de-registration or account removal.

4. How We Use Your Data

For the cloud service, we use your data to:

  • Operate and maintain the service
  • Execute agent requests against third-party APIs on your behalf
  • Enforce authorization policies (restrictions, task scopes, approvals)
  • Generate audit logs for your review

We do not sell your data or use it for advertising.

5. Website (clawvisor.com)

The clawvisor.com marketing site uses Plausible Analytics, a privacy-focused, cookie-free analytics tool. Plausible does not use cookies, does not collect personal data, and is fully compliant with GDPR, CCPA, and PECR. All data is aggregated and no individual visitors can be identified. Server logs may record IP addresses and request metadata as part of standard web hosting, which are retained for security purposes and automatically purged.

6. Third-Party Services

Clawvisor interacts with third-party services only when you configure it to, whether on the cloud service or a self-hosted instance:

  • External APIs (Google, GitHub, Slack, etc.) are called on your behalf when agents make requests. You register your own API credentials with each provider. Data exchanged with these services is subject to their respective privacy policies.
  • SAML identity providers: If you configure SAML SSO, authentication requests are sent to your organization's identity provider. We store the IdP's entity ID, SSO URL, and signing certificate to validate responses. Your email address is extracted from the SAML assertion.
  • Telegram is used for approval notifications if you configure a bot. Message content includes service names, actions, and truncated parameters.
  • Resend is used for email verification on the cloud service. Your email address is shared with Resend to deliver verification messages.
  • Cloud relay and push: Local daemon installations connect to the Clawvisor cloud relay by default, and push notifications are enabled when you pair a mobile device. Data handling for these services is described in Section 3a.
  • AI models: If you enable optional intent verification or task risk assessment, Clawvisor uses AI models to evaluate agent requests. For intent verification, only request metadata (service, action, parameters, and agent-provided reason) is sent to the model. For task risk assessment, only the task purpose and authorized actions are sent. When chain context is enabled, the output of API calls executed on your behalf — which may include email bodies, message content, file contents, and other data returned by third-party APIs — is sent partially or in full to the configured LLM provider to extract structural references such as IDs and addresses. Credentials are never sent. On the cloud service, this processing occurs within Clawvisor's Google Cloud infrastructure. Self-hosted users select and configure their own LLM provider; data handling is governed by that provider's terms.
    • Cloud service: The cloud service uses Anthropic Claude Haiku 4.5 (or newer) and Claude Sonnet 4.6 (or newer), hosted on Google Cloud Vertex AI. These models run within Clawvisor's own Google Cloud infrastructure — no user data is transmitted to any third-party model provider, and no user data is used for model training.
    • Self-hosted: You choose and configure your own LLM provider (Anthropic, OpenAI, Ollama, Groq, or Vertex AI). Data handling is governed by your chosen provider's terms.

7. Data Retention

Cloud service: Your data is retained while your account is active. You may request deletion of your account and all associated data at any time by contacting support@clawvisor.com.

Self-hosted: You control data retention entirely. Expired sessions, pending approvals, and chain context facts are cleaned up automatically by background processes within your instance.

8. Data Security

Credentials are encrypted at rest with AES-256-GCM. The vault key is stored separately from the database. Passwords are hashed with bcrypt. Agent tokens are stored as one-way hashes. No credentials appear in logs, error messages, or API responses. The cloud service infrastructure is hosted on Google Cloud Platform (GCP).

9. Your Rights

For the cloud service, you may request access to, correction of, or deletion of your personal data by emailing support@clawvisor.com. For self-hosted instances, you have direct access to all your data.

10. Children's Privacy

Clawvisor is not directed at individuals under the age of 13. We do not knowingly collect personal information from children.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated date.

12. Contact

For questions about this Privacy Policy, contact us at support@clawvisor.com.