ClawInstall Privacy Policy
Last updated: 5 June 2026 · Version 1.1
Sable, Inc., a Delaware corporation doing business as ClawInstall (“ClawInstall”, “we”, “us”, “our”), operates the service at clawinstall.ai (the “Service”), which provisions and manages autonomous Agent nodes that act on a customer's behalf. This Privacy Policy explains what personal data we process, why, the legal bases we rely on, who we share it with, and the rights you have over it.
This policy covers the clawinstall.ai website, dashboard, and APIs. It does not cover third-party services you choose to connect to your Agent, which are governed by their own privacy policies.
1. Who we are and how to contact us
For account, billing, and product-usage data described in this policy, the data controller is Sable, Inc., a Delaware corporation doing business as ClawInstall.
- Controller: Sable, Inc. (a Delaware corporation), trading as ClawInstall.
- Privacy contact: privacy@clawinstall.ai
- Postal address: available on request via the privacy contact above.
If you are in the EEA or UK, you may also contact our representative or Data Protection Officer where one has been appointed (see §13).
2. Our role: controller vs. processor
ClawInstall plays two distinct data-protection roles, depending on the data:
2.1 Where we are the controller
We are the controller for the data we collect to run our business and operate your account, including:
- Account & identity data — your name, email, and organization, managed through our authentication provider.
- Billing data — subscription and payment identifiers held by our payments provider, plan and invoice records.
- Product usage & telemetry — how you use the dashboard and APIs, Agent and Node operational health/telemetry, logs, and diagnostics.
- Support communications — messages you send us and our replies.
For this data we decide the purposes and means of processing, and your data-subject rights (§10) run against us.
2.2 Where we are the processor (customer-directed data)
The Service exists to let your Agent read from and send data to systems you choose and connect (for example, accounts you authorize via OAuth or API keys). For everything the Agent reads, generates, or sends on your instruction — together “customer-directed content” — you are the controller and we act as your processor. We process customer-directed content only to provide the Service and only on your documented instructions, which include:
- Connection credentials — OAuth tokens and API keys you provide so the Agent can act on your behalf. These are stored encrypted at rest and used solely to operate the connections you configure.
- Content the Agent handles — the data your Agent reads, transforms, or transmits to the third-party systems you connected, including any data passed to an LLM provider to fulfil your instructions (see §6).
We do not use customer-directed content for our own purposes, do not sell it, and do not use it to train models. A standalone Data Processing Addendum (DPA) with Standard Contractual Clauses is available for customers who require one.
3. The data we collect
| Category | Examples | Role |
|---|---|---|
| Account & identity | Name, email, organization, authentication identifiers | Controller |
| Billing | Subscription/customer identifiers held at our payments provider, plan, invoice history | Controller |
| Connection credentials | Encrypted OAuth tokens and API keys you supply for your Agent | Processor |
| Customer-directed content | Data the Agent reads/sends on your instruction, including prompts/content sent to LLM providers | Processor |
| Agent & Node telemetry | Health, status, resource and connectivity metrics, operational logs | Controller |
| Product usage | Dashboard/API interactions, feature usage, device and approximate location from IP | Controller |
| Support | Correspondence with our team | Controller |
| Cookies & similar | See §11 | Controller |
We do not intentionally collect special-category data, and we ask that you not route special-category data through the Agent without an appropriate lawful basis and a DPA in place.
4. How we use your data
We use controller-role data to:
- create and secure your account and authenticate you;
- provision, operate, monitor, and support your Agents and Nodes;
- process subscriptions, payments, and invoices;
- understand product usage and improve the Service;
- communicate with you about service, security, and account matters;
- comply with legal obligations and enforce our terms.
We use processor-role (customer-directed) data only to perform the Service on your instructions, as described in §2.2.
5. Legal bases (GDPR / UK GDPR)
Where the GDPR or UK GDPR applies, we rely on:
- Contract (Art. 6(1)(b)) — to provide the Service, operate your account, and process payments.
- Legitimate interests (Art. 6(1)(f)) — to secure, monitor, and improve the Service, prevent abuse, and run product analytics, balanced against your rights.
- Consent (Art. 6(1)(a)) — for non-essential cookies/analytics where required (§11) and any optional communications. You may withdraw consent at any time.
- Legal obligation (Art. 6(1)(c)) — to meet tax, accounting, and other legal requirements.
For customer-directed content we process as a processor, the legal basis is determined by you as controller.
6. AI / LLM provider processing
The Agent uses a large language model (LLM) provider to carry out your instructions. To do so, customer-directed content (such as prompts and the content the Agent is working with) is transmitted to the LLM provider, processed to generate a response, and returned to the Agent.
- The LLM provider is OpenAI (processing in the United States). The Service does not currently offer per-customer provider selection or regional (data-residency) routing for LLM processing.
- We send to the provider only what is needed to fulfil your instruction.
- We do not permit your customer-directed content to be used to train the provider's foundation models, and we rely on the provider's enterprise/API terms that exclude API content from training.
If we add LLM providers or regional processing options in the future, we will update the subprocessor table (§8) and give notice of the change as described there.
7. Sharing and disclosure
We share personal data only with:
- the subprocessors listed in §8, under contract and only as needed to provide the Service;
- professional advisers, auditors, and authorities where required by law or to protect our rights; and
- a successor entity in the event of a merger, acquisition, or asset sale, subject to this policy.
We do not sell personal data, and we do not “share” it for cross-context behavioral advertising as those terms are defined under U.S. state privacy laws.
8. Subprocessors
The following third parties process personal data on our behalf to deliver the Service. We maintain contracts (including data-processing terms and, where relevant, Standard Contractual Clauses) with each. We will give notice of material changes to this list.
| Subprocessor | Purpose | Data processed | Primary location |
|---|---|---|---|
| Stripe | Payments & subscription billing (web) | Billing/customer & subscription identifiers, payment events | United States / EU |
| RevenueCat | Mobile subscription entitlements, synced with Stripe | Subscriber/app-user identifiers, entitlement & purchase metadata | United States |
| Clerk | Authentication, identity, and transactional auth email | Account identity, session tokens, org membership | United States |
| AgentMail | Transactional product email (e.g. installation/setup messages) | Customer name, email address, message content | United States |
| DigitalOcean | Application / control-plane hosting (Kubernetes: API, web, and cluster services for *.clawinstall.ai) and managed Valkey (Redis) cache/queues | All controller-role data in transit and at the application tier; transient queue/cache records | United States (region-configurable) |
| Neon | Managed PostgreSQL database | Stored account, billing, usage data and customer-directed metadata | United States (AWS) |
| Hetzner Cloud | Compute for customer Agent/Node provisioning | Agent runtime state and customer-directed content processed on the Node | Germany / EU (or selected region) |
| Tailscale | Secure mesh networking between Nodes and control plane | Connection and device metadata | United States |
| OpenAI | LLM inference (sole LLM provider; see §6) | Customer-directed prompts/content | United States |
| Tavily | Web search powering customer-initiated research workflows | Search queries derived from customer-directed research instructions | United States |
| Discord | Managed Discord bot applications operated for customer Agents | Customer/workspace name applied to the bot application; messages the Agent exchanges in Discord servers you connect | United States |
| Amazon Web Services (S3) | Object storage for workflow/research outputs and session transcripts | Customer-directed content artifacts | United States |
| PostHog | Product analytics (website, dashboard, mobile app) | Usage events, device data, approximate location, cookie identifiers | United States (us.i.posthog.com) |
| Datadog | Observability / distributed tracing | Operational telemetry and trace metadata | United States (region-configurable) |
A current list is available on request via privacy@clawinstall.ai.
8.1 Infrastructure and internal tooling (no customer personal data)
We also use providers that support how we build and distribute the Service but that do not process customer personal data, and are therefore not subprocessors: Cloudflare R2 (public distribution of Agent binaries and release manifests — public artifacts only), GitHub (source hosting, CI, and internal development automation over our own code), Linear (internal project management), and Slack (internal operational alerts containing service identifiers, not customer content). If any of these is later placed in the customer personal-data path, it will be added to the table above first.
9. International transfers
We are a global service and our subprocessors are located in the United States, the EU/EEA, and elsewhere. Where we transfer personal data out of the EEA or UK, we rely on appropriate safeguards, principally the European Commission's Standard Contractual Clauses (and the UK International Data Transfer Addendum), supplemented by technical and organizational measures. A copy of the relevant transfer mechanism is available on request.
10. Your rights
Subject to applicable law, you have the right to:
- access the personal data we hold about you;
- rectify inaccurate or incomplete data;
- erase your data (“right to be forgotten”);
- restrict or object to certain processing, including processing based on legitimate interests;
- data portability — receive your data in a structured, machine-readable format;
- withdraw consent at any time where processing is based on consent; and
- lodge a complaint with your supervisory authority (in the EEA/UK) or your state Attorney General.
EEA/UK (GDPR): exercise any right above by contacting privacy@clawinstall.ai. You may also complain to your local Data Protection Authority.
California (CCPA/CPRA) and other U.S. states: you have the rights to know, delete, correct, and to opt out of any “sale” or “sharing” of personal data. We do not sell or share personal data as defined by these laws. We do not discriminate against you for exercising your rights. Submit requests, including authorized-agent requests, to privacy@clawinstall.ai; we will verify your request against your account.
Where you are exercising rights over customer-directed content that we process as a processor, please direct your request to the relevant customer (controller); we will assist them as required by our contract.
11. Cookies and analytics
The Service uses cookies and similar technologies:
- Strictly necessary — our authentication provider sets a session cookie (e.g.
__session) required to keep you signed in. These are exempt from consent. - Functional — a first-party cookie (e.g.
fm_waitlist) remembers product-flow state such as waitlist participation. - Analytics — PostHog sets cookies/identifiers to measure product usage and feature engagement. These are non-essential.
Consent: Because non-essential analytics cookies load, visitors in the EEA and UK are asked for prior consent through a cookie-consent banner before analytics cookies are set, and analytics is suppressed until consent is given. You can withdraw consent or change your choice at any time. (The consent-banner interface is delivered separately from this policy.)
We do not use cookies for cross-context behavioral advertising.
12. Security
We protect personal data with technical and organizational measures, including:
- encryption in transit (TLS) and encryption at rest, including encryption of stored OAuth tokens and API keys;
- private mesh networking (Tailscale) between Agent Nodes and our control plane;
- access controls and least-privilege for internal systems;
- monitoring, logging, and observability to detect and respond to incidents; and
- regular review of our subprocessors and security practices.
No method of transmission or storage is completely secure, but we work to protect your data and will notify you and regulators of a qualifying breach as required by law.
13. EU / UK representative and DPO
Where ClawInstall offers the Service to data subjects in the EEA or UK without an establishment there, we appoint a representative under Article 27 of the GDPR / UK GDPR. Where appointment of a Data Protection Officer is required under Article 37, we appoint one. Current representative/DPO contact details, where applicable, are published here and available via privacy@clawinstall.ai.
14. Data retention
We keep personal data only as long as necessary for the purposes in this policy:
- Account & identity data — for the life of your account and a limited period afterward to handle disputes and legal obligations.
- Billing records — as required by tax and accounting law (typically several years).
- Connection credentials & customer-directed content — for as long as the relevant connection or Agent is active; deleted or returned on termination in accordance with our processing terms.
- One-time setup tokens & sign-up magic links — these short-lived credentials expire quickly by design (minutes to hours). Once expired or used they carry no further function, and an automated sweep purges the expired credential within about an hour of expiry.
- Provisioning & installation telemetry — the step-by-step progress events shown while an Agent is being set up are retained for 90 days, then deleted.
- Installation runtime logs — operational log lines emitted by the installer and management agent are retained for 30 days, then deleted.
- Other telemetry and analytics — for a limited operational period, then deleted or aggregated.
These windows are enforced automatically by a scheduled retention job, which runs on a regular cadence to remove data that has aged past the limits above. When data is no longer needed, we delete or irreversibly anonymize it.
15. Children
The Service is not directed to children under 16, and we do not knowingly collect personal data from them. If you believe a child has provided us personal data, contact privacy@clawinstall.ai and we will delete it.
16. Changes to this policy
We may update this policy from time to time. Material changes will be posted on this page with an updated “Last updated” date and version, and, where required, we will notify you directly.
17. Contact
Questions or requests about this policy or your personal data: privacy@clawinstall.ai.