ClawPilot Privacy Policy
Effective Date: February 20, 2026 Last Updated: February 20, 2026
The ClawPilot team ("we", "us", or "our") takes personal information and data security seriously. This Privacy Policy explains how we collect, use, store, share, and protect information when you use the ClawPilot iOS app and related services, and what rights you may exercise.
1. Scope
This Policy applies to the ClawPilot iOS app and supporting backend capabilities, including but not limited to bootstrap onboarding, installation reporting, gateway binding, subscription entitlement processing, voice upload pre-signing, and hosting legal pages.
This Policy does not apply to processing activities performed by independent parties such as any OpenClaw Gateway you deploy or connect, third-party model services, third-party object storage providers, or Apple App Store. Please refer to the policies published by those parties.
2. Information We Collect
We process information only as needed to provide our services. This mainly includes:
Anonymous identifier and installation information: including "external_user_token", "installation_id", platform, app version, OS version, device model, locale, and time zone, used to identify an anonymous account and installation instance on the same device.
Gateway binding information: including the submitted "gatewayClientId", Gateway address, Gateway label, and server-generated webhook URL and webhook token, used for gateway binding, callback authentication, and configuration sync.
Subscription and entitlement information: including transaction ID, original transaction ID, product identifier, transaction environment, purchase time, expiry time, revocation time, "appAccountToken", and Apple server notification payloads, used to validate transactions and refresh entitlement status.
Notification pipeline logs: including task events from Gateway webhooks, processing status, and error messages, used for troubleshooting, audit trails, and retry handling.
Session title and voice upload related information: when you trigger automatic session title generation, the first user message and assistant reply may be sent to your configured title model service; when you use voice upload, file type, size, and filename are processed and uploaded via pre-signed object storage URLs.
Local cache and device permissions: the app stores gateway configuration, session cache, and media cache locally on your device. When you actively use related features, the app may request local network, photo library, camera, microphone, and notification permissions.
Note: ClawPilot's core chat flow is designed so that the app communicates directly with your configured Gateway. Under the current implementation, our backend is not the default relay for regular chat content.
3. How We Use Information
To initialize anonymous accounts, manage installations, and identify login status.
To support Gateway binding, config sync, webhook validation, and task notification handling.
To process Apple in-app purchase transactions and provide subscription entitlement status.
To generate session titles, issue voice upload credentials, and enforce upload limits.
To maintain system stability, security, and observability, including troubleshooting and audits.
To comply with applicable laws, regulations, and regulatory requirements.
4. Sharing and Disclosure
We do not sell or provide your information to unrelated third parties, except when:
Service providers required for functionality (such as cloud, database, and object storage providers) process data within the scope of our instructions.
Data is needed for Apple App Store transaction verification and notification reconciliation.
You actively trigger third-party features (such as title generation model services) that require data processing.
Disclosure is required by laws, regulations, supervisory authorities, courts, or administrative agencies.
Disclosure is necessary in emergencies to protect significant lawful rights and interests of users or the public.
5. Storage and Retention
We retain data based on business necessity and apply security controls such as access control, authentication checks, and minimized writes.
Local device data is stored in secure system storage and app sandbox directories. You can clear cache or delete account in the app.
After you request account deletion, we delete or de-identify identifiable data directly linked to the anonymous identifier, while retaining necessary transaction audit records to the extent permitted by law.
Where laws require retention periods, relevant data will be retained accordingly.
6. Your Rights
Subject to applicable laws, you may have the right to:
Understand the rules and scope of how we process information.
Request correction, deletion, or restricted processing of your related information.
Withdraw device permissions (for example camera, photos, microphone, notifications).
Submit an account deletion request via Settings - Account & Data - Delete Account.
Contact us with privacy questions, complaints, or data security inquiries.
7. Protection of Minors
ClawPilot is primarily intended for users with full civil capacity. If you are a minor, please read and use this service with your guardian, and let your guardian decide whether to accept this Policy.
8. Policy Updates
We may update this Policy due to product changes, legal requirements, or regulatory requests. Updated versions will be published in the app or on legal pages on our website with the latest update date. If an update materially affects your rights, we will provide reasonable notice.
9. Contact Us
If you have any questions, suggestions, or complaints about this Policy, please contact us at:
Email: [email protected]
We will respond as soon as reasonably practicable after receiving your request.