Privacy Policy

Last updated: January 31, 2025

MyClaw ("us", "we", or "our") operates the MyClaw.ai website and service (the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or use our Service. We are committed to protecting your privacy and handling your data with transparency. Please read this policy carefully. If you do not agree with the terms of this Privacy Policy, please do not access or use the Service.

1. Information We Collect

We collect several types of information to provide and improve our Service:

1.1 Information You Provide Directly

  • Account information: When you create an account or reserve an instance, we collect your name, email address, and any other information you provide during registration.
  • Payment information: When you make a purchase, payment details (credit card number, billing address) are collected and processed directly by our payment processor, Stripe. We do not store your full credit card number on our servers. We may receive and store limited payment information from Stripe, such as the last four digits of your card, card brand, and expiration date, for your account records.
  • Communications: When you contact us via email, support channels, or feedback forms, we collect the content of your messages, your email address, and any other information you choose to provide.
  • Instance data: Configurations, files, and data you store on your managed instance as part of using the Service.

1.2 Information Collected Automatically

When you access or use the Service, we may automatically collect certain information, including:

  • Log data: Your IP address, browser type and version, operating system, referring/exit pages, date/time stamps, and clickstream data.
  • Device information: Device type, unique device identifiers, screen resolution, and hardware model.
  • Usage data: Pages visited, features used, actions taken, time spent on pages, and interaction patterns within the Service.
  • Location data: Approximate geographic location based on your IP address. We do not collect precise GPS location data.

1.3 Information from Third Parties

We may receive information about you from third-party services you use to log in or connect to our Service (e.g., OAuth providers), or from our payment processor Stripe regarding the status of your transactions.

2. How We Use Your Information

We use the information we collect for the following purposes:

2.1 To Provide and Maintain the Service

  • Create and manage your account
  • Provision, configure, and maintain your cloud instance
  • Process payments and manage your subscription
  • Perform backups and data recovery
  • Provide customer support and respond to your inquiries

2.2 To Improve and Develop the Service

  • Analyze usage patterns and trends to improve user experience
  • Identify and fix bugs, errors, and performance issues
  • Develop new features and functionality
  • Conduct research and analysis to better understand our users

2.3 To Communicate With You

  • Send transactional communications (billing receipts, account confirmations, reservation updates)
  • Notify you of service launches, updates, maintenance windows, and security alerts
  • Send promotional communications about new features or offers (you can opt out at any time)
  • Respond to your support requests and feedback

2.4 To Ensure Security and Prevent Fraud

  • Detect, investigate, and prevent fraudulent transactions and unauthorized access
  • Monitor for abuse of the Service and violations of our Terms
  • Protect the rights, property, and safety of MyClaw, our users, and the public

3. Legal Basis for Processing (EEA/UK Users)

If you are located in the European Economic Area (EEA) or the United Kingdom (UK), we process your personal data based on the following legal grounds:

  • Contract performance: Processing necessary to provide the Service you have requested (account management, payment processing, instance provisioning).
  • Legitimate interests: Processing necessary for our legitimate business interests, such as improving the Service, marketing, and fraud prevention, provided these interests are not overridden by your rights.
  • Consent: Where you have given explicit consent, such as opting in to marketing communications. You may withdraw consent at any time.
  • Legal obligation: Processing necessary to comply with applicable laws and regulations.

4. Information Sharing & Disclosure

We do not sell, rent, or trade your personal information to third parties for their marketing purposes. We may share your information in the following circumstances:

4.1 Service Providers

We share information with trusted third-party service providers who assist us in operating the Service, subject to confidentiality obligations:

  • Stripe: Payment processing. Stripe's use of your data is governed by their Privacy Policy.
  • Cloud infrastructure providers: Hosting and computing services for running your instances.
  • Analytics providers: Website analytics and performance monitoring to help us understand how the Service is used.
  • Email service providers: Transactional and marketing email delivery.

4.2 Legal Requirements

We may disclose your information if required to do so by law or in the good-faith belief that such action is necessary to:

  • Comply with a legal obligation, regulation, or valid legal process (e.g., subpoena, court order)
  • Protect and defend the rights or property of MyClaw
  • Prevent or investigate possible wrongdoing in connection with the Service
  • Protect the personal safety of users of the Service or the public

4.3 Business Transfers

If MyClaw is involved in a merger, acquisition, reorganization, or sale of assets, your personal information may be transferred as part of that transaction. We will notify you via email and/or a prominent notice on our website of any change in ownership or uses of your personal information, as well as any choices you may have regarding your information.

4.4 With Your Consent

We may share your information for other purposes with your explicit consent.

5. Cookies & Tracking Technologies

We use cookies and similar tracking technologies to collect and track information about your use of our Service. Cookies are small data files stored on your device.

Types of Cookies We Use

  • Essential cookies: Required for the Service to function properly. These include session cookies for authentication and security.
  • Analytics cookies: Help us understand how visitors interact with our website by collecting information about pages visited, time spent, and navigation patterns.
  • Preference cookies: Remember your settings and preferences (e.g., language, display options) to provide a personalized experience.

Managing Cookies

Most web browsers allow you to control cookies through their settings. You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. Please note that if you disable or refuse cookies, some parts of the Service may become inaccessible or not function properly.

6. Data Security

We take the security of your data seriously and implement appropriate technical and organizational measures to protect your personal information, including:

  • Encryption of data in transit using TLS/SSL protocols
  • Encryption of sensitive data at rest
  • Regular security assessments and vulnerability scanning
  • Access controls and authentication mechanisms for our internal systems
  • Isolated instance environments to prevent cross-tenant data access
  • Automated daily backups with encrypted storage

However, no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security. In the event of a data breach that affects your personal information, we will notify you and relevant authorities as required by applicable law.

7. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes described in this Privacy Policy, including:

  • Account data: Retained for as long as your account is active. Upon account deletion, personal data is removed within 30 days, except where retention is required by law.
  • Instance data: Retained for the duration of your subscription. After cancellation, data may be deleted at any time. You are responsible for exporting your data before canceling.
  • Payment records: Retained as required for tax, accounting, and legal compliance purposes (typically 7 years).
  • Log data: Retained for up to 12 months for security and analytics purposes, then aggregated or deleted.
  • Support communications: Retained for as long as necessary to resolve your inquiry and improve our support processes.

8. Your Privacy Rights

Depending on your location, you may have certain rights regarding your personal information. We respect these rights and will respond to your requests in accordance with applicable law.

8.1 General Rights

You may have the right to:

  • Access: Request a copy of the personal information we hold about you
  • Rectification: Request correction of inaccurate or incomplete personal data
  • Erasure: Request deletion of your personal data ("right to be forgotten")
  • Restriction: Request restriction of processing of your personal data
  • Data portability: Request transfer of your data in a structured, commonly-used, machine-readable format
  • Objection: Object to processing of your personal data based on our legitimate interests
  • Withdraw consent: Withdraw consent at any time where we rely on consent for processing

8.2 For EEA/UK Residents (GDPR)

If you are a resident of the European Economic Area or the United Kingdom, you have additional rights under the General Data Protection Regulation (GDPR), including the right to lodge a complaint with your local data protection authority if you believe we have not complied with applicable data protection laws.

8.3 For California Residents (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA), including:

  • The right to know what personal information is collected, used, shared, or sold
  • The right to delete personal information held by us
  • The right to opt-out of the sale of personal information
  • The right to non-discrimination for exercising your CCPA rights

We do not sell personal information as defined under the CCPA.

8.4 Exercising Your Rights

To exercise any of these rights, please contact us at contact@myclaw.ai. We will respond to your request within 30 days (or sooner if required by applicable law). We may ask you to verify your identity before processing your request. We will not discriminate against you for exercising your privacy rights.

9. International Data Transfers

Your information may be transferred to and maintained on servers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ from those of your jurisdiction. If you are located outside the United States and choose to provide information to us, please note that we transfer the data to the United States and process it there.

Where required, we implement appropriate safeguards for international data transfers, such as Standard Contractual Clauses approved by the European Commission, to ensure your data receives an adequate level of protection.

10. Children's Privacy

The Service is not intended for anyone under the age of 18. We do not knowingly collect personally identifiable information from children under 18. If you are a parent or guardian and you are aware that your child has provided us with personal information, please contact us at contact@myclaw.ai. If we become aware that we have collected personal information from a child without verification of parental consent, we will take steps to remove that information from our servers promptly.

11. Third-Party Links & Services

The Service may contain links to third-party websites, applications, or services that are not operated by us. If you click on a third-party link, you will be directed to that third party's site. We strongly advise you to review the Privacy Policy of every site you visit.

We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services. This includes, but is not limited to:

  • Payment processors (Stripe) — see Stripe Privacy Policy
  • Cloud infrastructure providers used to host your instances
  • Third-party tools, APIs, or integrations you configure on your instance

12. Do Not Track Signals

Some browsers include a "Do Not Track" (DNT) feature that signals to websites that you do not want to have your online activity tracked. Because there is no uniform standard for interpreting DNT signals, we do not currently respond to DNT browser signals or headers. We will continue to review new technologies and may adopt a standard once one is established.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make changes:

  • We will update the "Last updated" date at the top of this page
  • For material changes, we will notify you by email (to the address associated with your account) or through a prominent notice within the Service prior to the change becoming effective
  • We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information

Your continued use of the Service after any changes to this Privacy Policy constitutes your acceptance of the updated policy.

14. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

We aim to respond to all privacy-related inquiries within 30 days.