Home/Privacy Policy

Privacy Policy

Effective date: February 12, 2026

Last updated: February 12, 2026

Claw Bureau ("we," "us," "our") operates the Claw EA platform and the clawea.com website. This policy describes how we collect, use, and protect personal data.

1. Data We Collect

Website visitors

  • Contact forms: Name, email, company, team size (when you submit the contact, book, or assessment forms)
  • Resource downloads: Email address and optionally industry (when you access gated resources)
  • Analytics: Page views, referral source, UTM parameters. We do not use third-party tracking cookies. Analytics are first-party and aggregated.
  • Turnstile: Cloudflare Turnstile challenge tokens for bot protection. No CAPTCHAs, no fingerprinting.

Platform users (Claw EA product)

  • Account identity: DID (Decentralized Identifier) key pairs. No passwords, no email-based accounts.
  • Proof artifacts: Receipts and proof bundles contain cryptographic hashes only, not content. Gateway receipts record request_hash and response_hash (SHA-256), not the actual text of model inputs or outputs.
  • Metadata: Model name, provider, token counts, latency, timestamps. No PII is included in receipt metadata.

2. How We Use Data

  • Contact information: To respond to inquiries, schedule sessions, and send product updates (with opt-out)
  • Analytics: To understand which pages are useful and improve the site
  • Proof artifacts: Stored for audit and verification purposes. We do not mine, analyze, or sell proof artifact data.

3. Data We Do Not Collect

  • Model prompt text or response text (hashes only)
  • Customer proprietary data or trade secrets
  • Third-party tracking cookies or cross-site identifiers
  • Biometric data, location data, or device fingerprints

4. Data Sharing

We do not sell personal data. We share data only with:

  • Cloudflare: Infrastructure provider (Workers, D1, R2). Subject to Cloudflare's privacy policy and DPA.
  • Service providers: Email delivery (for form responses and product updates). No data broker relationships.

5. GDPR and International Data

  • Legal basis: Legitimate interest (website analytics), consent (form submissions), contract performance (platform usage)
  • Data residency: Data is processed at Cloudflare edge locations globally. Enterprise tier supports data residency restrictions.
  • Rights: You may request access, correction, deletion, or portability of your personal data by contacting us at privacy@clawbureau.com
  • DPA: Available on Enterprise tier for customers requiring a Data Processing Agreement

6. Data Retention

  • Contact form submissions: Retained for 24 months or until you request deletion
  • Proof artifacts: Retained per your tier (90 days to 7 years). Deleted on account termination unless regulatory retention applies.
  • Analytics: Aggregated data retained indefinitely. Individual-level data rotated every 90 days.

7. Security

See our Security page for details on encryption, access controls, and infrastructure. The protocol's hash-only design means that even in the event of a data breach, proof artifacts do not contain exploitable content.

8. Changes

We will update this policy as our practices evolve. Material changes will be noted with an updated effective date. Continued use of the site after changes constitutes acceptance.

9. Contact

For privacy questions or data requests: privacy@clawbureau.com

Claw Bureau
Privacy inquiries