Privacy Policy

Last updated: April 2, 2026

1. What We Collect

When you sign up for Clawmark, we collect:

  • Account information: name, email address, business name, business type
  • Payment information: processed securely by Stripe — we never see or store your card number
  • Connected service data: when you connect Instagram, Google, or other services, we access the data you authorize (posts, analytics, reviews, calendar)
  • Usage data: how you interact with your AI team (messages, approvals, preferences)

2. How We Use Your Data

  • To operate your AI agent team (create content, monitor reviews, track performance)
  • To improve the quality of your agents' output based on your feedback
  • To process payments via Stripe
  • To send you operational notifications (morning briefs, approval requests)
  • To monitor system health and prevent abuse

3. Where Your Data Lives

Each customer gets a dedicated server instance — your data is not shared with other customers.

  • Your VPS: hosted on DigitalOcean. Agent data, memory files, and conversation history live here.
  • OAuth tokens: stored on your VPS only. Our control plane relays tokens during initial setup and does not retain them.
  • Control plane: hosted on Google Cloud Platform. Stores account info, subscription status, and usage metrics.
  • Payments: processed by Stripe. We do not store credit card information.

4. Third-Party Services

We use the following third-party services to operate Clawmark:

  • Anthropic (Claude): AI model provider for agent intelligence
  • DigitalOcean: customer VPS hosting
  • Google Cloud Platform: control plane and inference server hosting
  • Stripe: payment processing
  • Telegram / Discord / Slack: customer communication channels

When your agents interact with AI models, the content of those interactions is processed by the model provider (Anthropic). We use models that do not train on customer data.

5. Data Sharing

We do not sell your data. We share data only:

  • With service providers listed above, strictly to operate Clawmark
  • When required by law (subpoena, court order)
  • With your explicit consent

6. Your Rights

  • Access: you can view all your data through the dashboard and chat
  • Export: on cancellation, you can export your content, drafts, and contact lists
  • Delete: request account deletion by emailing privacy@getclawmark.com — we will delete your data within 30 days
  • Correction: update your information through the dashboard or by messaging your orchestrator

7. Security

  • All data encrypted in transit (TLS/HTTPS)
  • Dedicated VPS per customer — full tenant isolation
  • OAuth tokens stored with restricted file permissions on your VPS
  • Admin access restricted to authorized personnel with SSH key authentication
  • Daily automated backups with 30-day retention

8. Cookies

We use a single session cookie (clawmark_session) to keep you logged in. It is HTTP-only, secure, and expires after 7 days. We do not use tracking cookies or third-party analytics cookies.

9. Children

Clawmark is designed for businesses and is not intended for use by individuals under 18.

10. Changes

We may update this policy from time to time. We'll notify you via your orchestrator or email if we make material changes.

11. Contact

Questions about privacy? Email privacy@getclawmark.com