EthioClaw (“we,” “us,” or “our”) operates the EthioClaw platform (the “Service”). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.
Information We Collect
Account Information
When you create an account, we collect your name, email address, username, and password. Passwords are hashed using industry-standard cryptographic functions. We do not store plaintext passwords.
Conversations and Messages
We store the content of your conversations with EthioClaw, including the messages you send and the responses generated by the AI. This is necessary for the Service to function — your agent needs context to remember preferences, handle ongoing tasks, and maintain continuity across sessions.
Tool Usage and Execution Logs
When EthioClaw connects to third-party services on your behalf (via OAuth), we log the tools invoked, their parameters, and execution results. These logs are used for debugging, security auditing, and improving tool selection accuracy. We do not log the full content of emails, documents, or other data retrieved through tools unless it is required for the Service to function.
OAuth Credentials
We use OAuth to connect to third-party services such as Gmail, Notion, GitHub, and others. We store OAuth access tokens and refresh tokens encrypted at rest. We never store the plaintext passwords for any third-party service. You can revoke access to any connected service at any time from your Settings page.
Technical Information
We collect standard server logs including IP address, browser type, operating system, access times, and pages viewed. We also collect error logs to diagnose and fix issues with the Service.
How We Use Your Information
- To provide, maintain, and improve the Service
- To process and execute your requests through connected tools
- To communicate with you about your account, updates, or security notices
- To detect, prevent, and address technical issues, fraud, or abuse
- To comply with legal obligations
Data Storage and Security
Your data is stored in encrypted PostgreSQL databases hosted in the European Union (EU). All data is encrypted in transit using TLS 1.3 and at rest using AES-256. OAuth tokens are additionally encrypted with a separate key before being stored.
Code execution is performed in isolated, ephemeral sandbox environments that are destroyed immediately after task completion. No user data persists in these environments.
Third-Party Services
EthioClaw connects to third-party services solely at your direction. When you authorize a connection, the third party’s privacy policy governs their handling of your data. We encourage you to review the privacy policies of any services you connect.
We do not sell your personal information to third parties. We do not use your conversation data to train AI models without your explicit consent.
Your Rights
Depending on your jurisdiction, you may have the right to:
- Access the personal data we hold about you
- Request correction of inaccurate data
- Request deletion of your account and associated data
- Withdraw consent for data processing (where applicable)
- Export your data in a machine-readable format
- Lodge a complaint with a supervisory authority
To exercise any of these rights, contact us at the email address listed at the bottom of this policy.
Data Retention
We retain your account data and conversation history for as long as your account is active. If you delete your account, we will remove your personal data from our active systems within 30 days. Anonymized usage statistics may be retained for analytical purposes.
Children’s Privacy
The Service is not intended for use by individuals under the age of 16. We do not knowingly collect personal information from children under 16. If you believe we have collected such information, please contact us immediately.
Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the “Last updated” date. Continued use of the Service after changes constitutes acceptance of the updated policy.
Contact Us
If you have any questions about this Privacy Policy, please contact us at privacy@ethioclaw.dev.