Privacy Policy

1. Information We Collect

1.1 Information You Provide Directly

• Account information: When you register, we collect your name, email address, and any other information you provide during sign-up.
• Payment information: Payment details are collected and processed by our third-party payment processor. We do not store your full payment card number. We may receive limited details such as the last four digits of your card, card brand, and expiration date for your account records.
• Communications: When you contact us via email or support channels, we collect the content of your messages, your email address, and any other information you choose to share.
• Agent configurations and data: Content, instructions, and data you provide when creating and configuring OpenClaw agents on the platform.

1.2 Information Collected Automatically

When you access or use the Service, we may automatically collect:

• Log data: Your IP address, browser type, operating system, referring pages, timestamps, and clickstream data.
• Device information: Device type, unique device identifiers, screen resolution, and hardware model.
• Usage data: Features accessed, actions taken, time spent on pages, and interaction patterns within the Service.
• Approximate location: Derived from your IP address. We do not collect precise GPS-based location data.

1.3 Information from Third Parties

We may receive information from third-party authentication providers (if you log in via OAuth), and from our payment processor regarding transaction status.

1.4 Google Workspace Data

When you connect your Google account to TapClaw, we may access the following Google data based on the permissions you grant:

• Google Drive (app files): To help your AI agent create, read, and edit files that you create or open through TapClaw. We do not access other files in your Drive.
• Google Calendar: To help your AI agent view, create, and manage calendar events.
• Google Contacts: To help your AI agent look up and manage contact information such as names, email addresses, and phone numbers.
• Google Tasks: To help your AI agent view, create, and manage your task lists.
• Google Sheets: To help your AI agent read, create, and edit spreadsheet data.
• Google Docs: To help your AI agent read, create, and edit documents.
• Gmail (send only): To help your AI agent send emails on your behalf. TapClaw does not read or access the content of your inbox.

2. How We Use Your Information

2.1 To Provide and Maintain the Service

• Create and manage your account
• Provision, configure, and maintain your agent deployments
• Process payments and manage your subscription
• Perform backups and data recovery
• Provide customer support

2.2 To Improve and Develop the Service

• Analyze usage patterns and trends to improve user experience
• Identify and resolve bugs, errors, and performance issues
• Develop new features and capabilities
• Conduct research to better understand user needs

2.3 To Communicate With You

• Send transactional messages such as billing receipts and account confirmations
• Notify you of service updates, maintenance, and security alerts
• Send promotional communications about new features or offers (you may opt out at any time)
• Respond to support requests and feedback

2.4 To Ensure Security and Prevent Fraud

• Detect, investigate, and prevent fraudulent transactions and unauthorized access
• Monitor for abuse or violations of our Terms of Service
• Protect the rights, property, and safety of TapClaw, our users, and the public

3. Legal Basis for Processing (EEA/UK Users)

If you are located in the European Economic Area (EEA) or the United Kingdom (UK), we process your personal data under the following legal grounds:

• Contract performance: Processing necessary to deliver the Service you have requested.
• Legitimate interests: Processing for our legitimate business purposes such as improving the Service, fraud prevention, and marketing, where not overridden by your rights.
• Consent: Where you have provided explicit consent, such as for marketing communications. You may withdraw consent at any time.
• Legal obligation: Processing required by applicable law or regulation.

4. Information Sharing & Disclosure

We do not sell, rent, or trade your personal information to third parties for their marketing purposes. We may share your information in the following circumstances:

4.1 Service Providers

We share information with trusted third-party providers who assist in operating the Service, including payment processors, cloud infrastructure providers, analytics providers, and email service providers. All service providers are bound by confidentiality obligations and are not permitted to use your information for any purpose other than providing services to us.

4.2 Legal Requirements

We may disclose your information if required by law or in the good-faith belief that such disclosure is necessary to comply with a legal obligation, protect our rights or property, prevent wrongdoing, or protect user safety.

4.3 Business Transfers

If TapClaw is involved in a merger, acquisition, or sale of assets, your personal information may be transferred as part of that transaction. We will notify you of any change in ownership or use of your information, along with any choices available to you.

4.4 With Your Consent

We may share your information for other purposes with your explicit consent.

4.5 Google Workspace Data

When you connect your Google account, your Google data (calendar events, contacts, tasks, files, documents, spreadsheets, and sent emails) is handled as follows:

• Your Google data is processed in real-time by AI models (including Google Gemini and OpenAI GPT) to fulfill your agent's tasks. This constitutes a transfer of data to third-party AI services.
• We do not permanently store the content of your calendar events, contacts, tasks, files, or other Google data on our servers. Data is only accessed during active agent sessions.
• Google data is transmitted securely via encrypted connections (TLS).
• We do not use your Google data for advertising, training AI models, or any purpose other than providing the Service to you.
• You can revoke TapClaw's access to your Google account at any time via Google Account → Security → Third-party apps with account access.

TapClaw's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

5. Cookies & Tracking Technologies

We use cookies and similar technologies to collect and track information about your use of the Service. Types of cookies we use include:

• Essential cookies: Required for the Service to function, including authentication and security.
• Analytics cookies: Help us understand usage patterns, pages visited, and navigation behavior.
• Preference cookies: Remember your settings and preferences for a personalized experience.

You may control cookies through your browser settings. Disabling certain cookies may affect the functionality of the Service.

6. Data Security

We implement appropriate technical and organizational measures to protect your personal information, including:

• Encryption of data in transit using TLS/SSL protocols
• Encryption of sensitive data at rest
• Regular security assessments and vulnerability scanning
• Access controls and authentication for internal systems
• Isolated agent environments to prevent cross-tenant data access

No method of internet transmission or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee absolute security. In the event of a data breach affecting your personal information, we will notify you and relevant authorities as required by applicable law.

7. Data Retention

• Account data: Retained while your account is active. Upon deletion, personal data is removed within 30 days, except where retention is required by law.
• Agent data: Retained for the duration of your subscription. After cancellation, data may be deleted at any time. You are responsible for exporting your data before cancelling.
• Payment records: Retained as required for tax, accounting, and legal compliance purposes (typically 7 years).
• Log data: Retained for up to 12 months for security and analytics purposes, then aggregated or deleted.
• Support communications: Retained as long as necessary to resolve your inquiry and improve support quality.

8. Your Privacy Rights

8.1 General Rights

Depending on your location, you may have the right to access, correct, delete, restrict, or port your personal data, and to object to processing or withdraw consent.

8.2 For EEA/UK Residents (GDPR)

If you are a resident of the European Economic Area or the United Kingdom, you have additional rights under the GDPR, including the right to lodge a complaint with your local data protection authority.

8.3 For California Residents (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information is collected, the right to delete personal information, the right to opt out of the sale of personal information, and the right to non-discrimination for exercising your rights. We do not sell personal information as defined under the CCPA.

8.4 Exercising Your Rights

To exercise any of your rights, please contact us at contact@tapclaw.app. We will respond within 30 days (or sooner as required by applicable law). We may verify your identity before processing your request and will not discriminate against you for exercising your privacy rights.

9. International Data Transfers

Your information may be transferred to and processed on servers located outside your jurisdiction. Where required, we implement appropriate safeguards for international data transfers, such as Standard Contractual Clauses approved by the European Commission, to ensure your data receives adequate protection.

10. Children's Privacy

The Service is not intended for anyone under the age of 18. We do not knowingly collect personal information from children under 18. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at contact@tapclaw.app and we will promptly remove that information from our systems.

11. Third-Party Links & Services

The Service may contain links to third-party websites or services not operated by TapClaw. We are not responsible for the privacy practices of third parties. We encourage you to review the privacy policies of any third-party sites you visit.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the effective date. Your continued use of the Service after any changes constitutes acceptance of the revised Privacy Policy.

13. Contact Us

If you have any questions, concerns, or requests related to this Privacy Policy or our data practices, please contact us at:

TapClaw Privacy Team
Email: contact@tapclaw.app