Plain English summary: We collect only what we need to run your AI service. Your conversations stay on our servers and are never sold or shared with advertisers. You can request deletion of your data at any time by emailing privacy@clawly.app.
1. Who We Are
Clawly ("we", "us", "our") provides a cloud-hosted personal AI assistant service accessible via iOS App and messaging platforms (Telegram, Feishu/Lark). This Privacy Policy explains how we collect, use, disclose, and protect information about users ("you") of the Clawly app and website at clawly.beavontech.com ("Service").
For privacy enquiries, contact us at: privacy@clawly.app
2. Information We Collect
2.1 Account Information
- Email address — used to identify your account and send transactional emails.
- Apple ID identifier — if you sign in with Apple, we receive a stable anonymous identifier but never your real email (unless you choose to share it).
- Display name — optional, used to personalise your experience.
2.2 Subscription & Billing Information
- Subscription plan, status, and expiry date.
- App Store receipt tokens for verifying purchases (processed by Apple — we never receive or store your payment card details).
2.3 Messaging Channel Identifiers
- Telegram User ID — to route messages to your dedicated AI agent.
- Feishu/Lark Open ID — if you connect a Feishu account.
- These identifiers are stored so your AI agent can recognise you across sessions.
2.4 Conversation Data
- Messages you send to your AI agent and the responses generated.
- Files, images, or other content you share with your agent.
- Your agent's long-term memory (facts your agent has learned about you over time).
Conversation data is stored in your isolated workspace on our servers. It is used solely to provide and improve your personal AI experience and is never used to train shared AI models.
2.5 Usage & Technical Data
- Token consumption counts (input / output / total) per monthly billing cycle.
- Gateway error logs (anonymised where possible).
- App version, device type, and OS version (collected by the iOS App for crash diagnostics).
2.6 Information We Do NOT Collect
- Payment card numbers or bank details (handled entirely by Apple).
- Location data.
- Contacts or address book.
- Camera or microphone content (unless you explicitly send media to your agent).
3. How We Use Your Information
| Purpose | Data Used | Legal Basis |
|---|
| Provide the AI assistant service | Account info, channel IDs, conversation data | Contract performance |
| Process and verify subscriptions | Subscription data, Apple receipt | Contract performance |
| Send transactional notifications (expiry, quota warnings) | Email, Telegram/Feishu ID | Contract performance |
| Monitor usage quotas and enforce plan limits | Token usage counts | Contract performance |
| Diagnose and fix technical issues | Error logs, app diagnostics | Legitimate interests |
| Comply with legal obligations | Any data required by law | Legal obligation |
We do not use your data for advertising, profiling, or sale to third parties.
4. Data Sharing & Third Parties
We share data only in the following limited circumstances:
- Apple Inc. — subscription and IAP verification via the App Store server API. Apple's Privacy Policy applies to that processing.
- AI Model Providers — messages you send to your agent are forwarded to our contracted AI inference provider (currently z.ai / 智谱 AI) to generate responses. We pass only the conversation context necessary to generate a reply; your account identity is not disclosed to the AI provider.
- Infrastructure Providers — our servers run on Akamai/Linode. Data is stored in the United States. Akamai does not access your content.
- Legal requirements — if required by applicable law, court order, or governmental authority.
- Business transfers — in the event of a merger, acquisition, or sale of assets, user data may be transferred. We will notify affected users beforehand.
5. Data Retention
- Account & subscription data: Retained for the lifetime of your account, plus 90 days after deletion.
- Conversation & memory data: Retained while your account is active. Upon account deletion, conversation data is purged within 30 days.
- Token usage logs: Retained for 13 months (rolling) for billing dispute resolution.
- Error & diagnostic logs: Retained for 30 days and then automatically deleted.
6. Data Security
We take reasonable technical and organisational measures to protect your data, including:
- All data in transit is encrypted with TLS 1.2 or higher.
- Each user's AI workspace is logically isolated — other users cannot access your conversations or memory.
- Administrative access to production systems is restricted to authorised personnel via SSH key authentication.
- Regular automated backups are encrypted and stored separately from the live system.
No method of transmission or storage is 100% secure. In the event of a data breach that is likely to cause harm to users, we will notify affected users as required by applicable law.
7. Children's Privacy
The Service is not directed to children under the age of 13 (or 16 in the EU/UK). We do not knowingly collect personal information from children. If you believe a child has provided us personal information, please contact privacy@clawly.app and we will delete it promptly.
8. Your Rights
Depending on your jurisdiction, you may have the right to:
- Access — request a copy of the personal data we hold about you.
- Correction — request that inaccurate data be corrected.
- Deletion — request that we delete your account and associated data.
- Data portability — receive your data in a machine-readable format.
- Objection / restriction — object to or request restriction of certain processing.
- Withdraw consent — where processing is based on consent, you may withdraw it at any time.
To exercise any of these rights, email us at privacy@clawly.app. We will respond within 30 days.
You may also delete your account directly through the Clawly iOS App (Settings → Delete Account), which will initiate the data purge process.
9. Cookies & Tracking
The Clawly website uses no third-party analytics or advertising trackers. No tracking cookies are set. The iOS App does not use advertising SDKs or cross-app tracking.
10. International Data Transfers
Our servers are located in the United States. If you access Clawly from the EU, UK, or other regions with data protection laws, your data will be transferred to and processed in the US. By using the Service, you consent to this transfer. We ensure appropriate safeguards are in place consistent with applicable law.
11. California Privacy Rights (CCPA)
California residents have additional rights under the California Consumer Privacy Act (CCPA). We do not sell personal information. You may request to know, delete, or opt out of the sale of personal information (though no sale occurs) by contacting privacy@clawly.app.
12. Changes to This Policy
We may update this Privacy Policy from time to time. When we do, we will update the "Last Updated" date at the top of this page. For material changes, we will notify you via the App or by email. Your continued use of the Service after the effective date of a revised Policy constitutes your acceptance of the changes.
13. Contact Us
For questions or concerns about this Privacy Policy, or to exercise your rights, please contact:
📧 privacy@clawly.app
🌐 https://clawly.beavontech.com/privacy