Terms of Service
Last updated: April 13, 2026
1. Acceptance of Terms
These Terms of Service ("Terms") are a legal agreement between you and Clawvisor, Inc., a Delaware corporation ("Clawvisor," "we," "us," or "our"). By accessing or using the Clawvisor cloud service ("the Service") or the Clawvisor self-hosted software ("the Software"), you agree to be bound by these Terms. If you do not agree, do not use the Service or the Software.
2. Description
Clawvisor is a credential-vaulting gateway that sits between AI agents and external APIs. It provides credential vaulting, purpose-based authorization, human-in-the-loop approvals, and audit logging. Clawvisor is available as a hosted cloud service at app.clawvisor.com and as self-hosted software you deploy and operate on your own infrastructure. The self-hosted Software is licensed under the Elastic License 2.0 (ELv2); your use of the Software is subject to that license in addition to these Terms. In the event of a conflict between the ELv2 and these Terms, the ELv2 governs with respect to the Software. Local daemon installations connect to the Clawvisor cloud relay by default for remote access; push notifications are enabled when you pair a mobile device.
3. Accounts
To use the cloud service, you must create an account. You agree to provide accurate and complete information and to keep your account credentials secure. You are responsible for all activity that occurs under your account.
4. Your Responsibilities
- You are responsible for all actions taken through your account or instance, including actions initiated by AI agents you configure.
- You are responsible for registering your own API credentials with third-party providers (Google, GitHub, Slack, etc.) and complying with their terms of service.
- Self-hosted: You are responsible for securing your instance, including the vault key, database, and server environment.
- Relay traffic: The cloud relay is enabled by default for local daemon installations. Traffic between your daemon and connecting clients is encrypted in transit (TLS). Certain routes — including agent gateway requests, task management, and connection requests — additionally enforce end-to-end encryption, meaning the relay server cannot read their contents. Other routes, including MCP tool calls and dashboard API requests, are encrypted in transit but are readable by the relay server. Credentials stored in your local vault are never transmitted to the relay.
- Key management: You are responsible for safeguarding your daemon's cryptographic keys (
daemon-ed25519.keyanddaemon-x25519.key). Loss of these keys requires re-pairing your device. - You must not use the Service or the Software for any unlawful purpose or in violation of any applicable laws.
5. Credentials and Security
Cloud service: API credentials you store are encrypted with AES-256-GCM on our infrastructure. Credentials are decrypted only in memory during request execution and are never logged.
Self-hosted: Credentials are stored encrypted on your infrastructure. We have no access to your credentials, data, or server environment. Credentials are decrypted only in memory during request execution and are never logged.
Cloud relay: When a daemon connects to the cloud relay, all tunnel traffic is encrypted in transit via TLS. A subset of routes — agent gateway requests, task operations, and connection requests — additionally enforce end-to-end encryption between the client and daemon, making their contents unreadable by the relay. Other routes, including the MCP protocol used by IDE plugins, are protected by TLS only. Credentials stored in the local vault are never transmitted to the relay.
6. Cloud Relay and Push Notifications
Local daemon installations connect to the Clawvisor cloud relay by default for remote access. Push notifications are enabled when you pair a mobile device. These services are provided on a best-effort basis. We do not guarantee uptime, availability, or uninterrupted operation of the relay or push services.
We reserve the right to suspend or revoke relay access for any instance that violates these Terms or engages in abuse, including but not limited to: proxying traffic unrelated to Clawvisor's intended purpose, or generating excessive connection volume.
The relay is intended solely for tunneling Clawvisor gateway traffic between your daemon and authorized clients. It must not be used as a general-purpose proxy or VPN.
7. Service Availability
For the cloud service, we use reasonable efforts to maintain availability but do not guarantee uninterrupted or error-free operation. The Service may be temporarily unavailable for scheduled or unscheduled maintenance.
Clawvisor shall not be liable for any delay or failure to perform resulting from causes beyond its reasonable control, including but not limited to acts of God, natural disasters, pandemic, war, terrorism, labor disputes, government actions, power or internet failures, or failures of third-party infrastructure providers (including cloud hosting platforms).
8. Termination
For the cloud service, either party may terminate at any time. We may suspend or terminate your access if you violate these Terms. Upon termination, your data will be permanently purged within thirty (30) days, except where retention is required by applicable law. You may request immediate deletion by contacting support@clawvisor.com.
9. No Warranty
The Service and the Software are provided "as is" without warranty of any kind, express or implied, including but not limited to warranties of merchantability, fitness for a particular purpose, and non-infringement. We do not warrant that the Service or the Software will be uninterrupted, error-free, or that it will prevent all unauthorized agent actions.
10. Limitation of Liability
To the fullest extent permitted by law, Clawvisor, Inc. and its officers, directors, employees, and affiliates shall not be liable for any indirect, incidental, special, consequential, or punitive damages, or any loss of data, revenue, or profits arising from your use of the Service or the Software. This includes damages resulting from actions taken by AI agents, credential exposure, or service interruptions.
To the extent permitted by applicable law, Clawvisor's total aggregate liability for all claims arising out of or related to the Service or the Software shall not exceed the greater of (a) the amounts you paid to Clawvisor in the twelve (12) months preceding the claim, or (b) one hundred U.S. dollars (US $100).
11. Indemnification
You agree to indemnify, defend, and hold harmless Clawvisor, Inc. and its officers, directors, employees, and affiliates from and against any claims, damages, losses, liabilities, costs, and expenses (including reasonable attorneys' fees) arising out of or related to: (a) your use of the Service or the Software; (b) actions taken by AI agents you configure, authorize, or approve; (c) your violation of these Terms or any applicable law; or (d) your use of third-party API credentials registered with the Service.
12. AI Feature Disclaimers
The intent verification feature uses a third-party LLM to check whether agent requests are consistent with approved purposes. This check is best-effort and may not catch all misuse. It is not a substitute for careful task scope design and human oversight.
Chain context tracking: When enabled, the output of API calls executed on your behalf — which may include email bodies, message content, file contents, contact details, and other data returned by third-party APIs — is sent partially or in full to the configured LLM provider to extract structural references such as IDs, email addresses, and phone numbers. Credentials are never sent. Self-hosted users select their own LLM provider and are responsible for reviewing that provider's data handling policies. On the cloud service, this processing occurs within Clawvisor's Google Cloud infrastructure.
Task risk assessment: When enabled, task purpose descriptions and authorized action scopes are sent to the configured LLM for risk evaluation. This assessment is advisory and does not guarantee that high-risk tasks will be blocked.
13. Governing Law and Disputes
These Terms are governed by and construed in accordance with the laws of the State of Delaware, United States, without regard to its conflict-of-law provisions. Any disputes arising out of or related to these Terms or the Service shall be resolved exclusively in the state or federal courts located in Delaware. You consent to personal jurisdiction in those courts.
14. Changes to Terms
We may update these Terms from time to time. For material changes, we will notify you at least thirty (30) days in advance by email or through a prominent notice within the Service. Changes will be posted on this page with an updated date. Continued use of the Service or the Software after the effective date of revised Terms constitutes acceptance of those Terms.
15. Contact
For questions about these Terms, contact us at support@clawvisor.com.