Legal
Last updated: March 2026 ย ยทย GDPR compliant
This Privacy Policy explains how ClawHost collects, uses, and protects your personal information when you use our managed AI hosting platform.
ClawHost ("we", "our", "us") operates the managed OpenClaw hosting platform at bharatfinx.com. We provision dedicated cloud servers for customers and manage the infrastructure on their behalf. Your data privacy is important to us.
Account data: name, email address, and OAuth profile information (from Google or GitHub) when you sign up. Billing data: processed via Stripe โ we store only your Stripe customer ID, not full payment card details. Usage data: instance status, provisioning events, support tickets, and activity logs for service operation. Technical data: IP address, browser type, and timestamps from standard server logs.
LLM API keys: your API keys are transmitted directly to your dedicated server environment and are never stored in our database. Conversation content: your AI conversation history lives on your dedicated server and is not accessed, read, or stored by ClawHost. We have no backdoor into your OpenClaw instance.
We use your data to: provision and manage your dedicated server; process subscription payments; send service notifications and account-related emails; respond to support requests; improve our platform and diagnose technical issues; comply with legal obligations. We do not sell your data to third parties. We do not use your data for advertising.
Under GDPR, we process your data on the following legal bases: (a) Contract โ to provide the Service you subscribed to; (b) Legitimate interests โ for security, fraud prevention, and platform improvement; (c) Legal obligation โ where required by law; (d) Consent โ for marketing communications (which you may withdraw at any time).
We share data only with essential service providers: Hetzner Cloud (server infrastructure, EU), Stripe (payment processing), and authentication providers (Google, GitHub) when you choose to sign in via OAuth. All providers are contractually bound to process your data only for the purposes we specify. We do not share data with advertisers, data brokers, or analytics platforms.
Account data is retained for as long as your account is active. After account deletion, personal data is purged within 30 days, except where required by law (e.g., billing records retained for 7 years for tax purposes). Server logs are retained for up to 90 days.
We use industry-standard security measures: TLS encryption in transit, hashed credentials, access controls, and regular security reviews. Dedicated servers are isolated per-customer. Despite these measures, no internet transmission is 100% secure โ use the Service at your own risk.
If you are in the EU/EEA, you have the right to: access your personal data; correct inaccurate data; request deletion of your data ("right to be forgotten"); object to or restrict processing; receive your data in a portable format; withdraw consent at any time. To exercise any right, email us at support@bharatfinx.com. We will respond within 30 days.
We use only essential cookies: a session cookie (httpOnly, SameSite=Lax) for authentication. We do not use advertising cookies, tracking pixels, or third-party analytics. No cookie consent banner is needed as we use only strictly necessary cookies.
ClawHost is not directed at children under 18. We do not knowingly collect personal data from minors. If you believe a minor has provided us data, contact us and we will delete it promptly.
We may update this policy occasionally. Material changes will be communicated via email or an in-dashboard notice. Continued use after the effective date constitutes acceptance of the revised policy.
For privacy questions, data requests, or to contact our Data Protection Officer, email us at support@bharatfinx.com. We will acknowledge your request within 72 hours.