Privacy Policy

Last updated: February 12, 2026 · Controller: Rzy, LLC, 131 Continental Dr Suite 305, Newark, DE 19713, US

1. Scope

This policy covers the Keep My Claw website, CLI integration, APIs, and any other interface that links to it (collectively, the "Services"). By using the Services you acknowledge that we process your personal information as described here.

2. Our Zero-Knowledge Architecture

🔐 Keep My Claw is zero-knowledge by design. All backup data — your agent's SOUL.md, memory files, config, credentials — is encrypted client-side with AES-256 before it ever leaves your machine. Your encryption key never touches our servers. We store only opaque, encrypted blobs. We literally cannot read, inspect, or access the contents of your backups.

3. Information We Collect

Information you provide

Account data — email address and authentication credentials used to identify your account.
Payment information — processed entirely by Stripe. We receive billing confirmations, subscription status, and fraud indicators. We never see or store your full card number.

Usage metadata

Backup metadata such as timestamps, snapshot count, backup sizes, and agent names (the label you assign, not agent contents).
Device and technical identifiers (IP address, browser/OS for web access, CLI version) used to secure the Services and troubleshoot issues.
Basic usage analytics such as feature interactions and API call timestamps.

What we do NOT collect

Backup contents — encrypted client-side before transmission. We cannot decrypt, read, or analyze them.
Encryption keys — generated and stored locally on your machine. They never leave your device.
Agent personality, memory, or configuration details — all encrypted within the backup blob.

4. How We Use Information

We process information to perform the contract governing your use of Keep My Claw, to pursue our legitimate interests (such as securing and improving the Service), to comply with legal obligations, and when you grant consent.

Provide encrypted backup storage, restore functionality, and snapshot management.
Process payments and manage subscriptions via Stripe.
Monitor uptime, detect abuse, and protect users from fraud.
Send mandatory service communications (e.g., account confirmations, security alerts).
Improve the Service and develop new features.
Meet tax, accounting, and regulatory compliance requirements.

5. How We Share Information

Cloudflare — your encrypted backup blobs are stored on Cloudflare R2. Cloudflare receives only encrypted data and storage metadata.
Stripe — processes all payments. Stripe receives your billing details directly under their own privacy policy.
Service providers — vetted subprocessors (hosting, analytics, customer support) bound by confidentiality agreements, with access limited to account-level data only.
Legal requirements — when required by law, court order, or to enforce our Terms of Service.
Business transfers — in connection with a merger, financing, or acquisition involving Rzy, LLC.

We do not sell personal information. Because backups are encrypted client-side, we could not share their contents even if compelled — we don't have the keys.

6. Cookies & Analytics

We use minimal cookies for session authentication and essential functionality. We do not use third-party advertising trackers. Any analytics we run are first-party and aggregate only. You can control cookies in your browser settings; disabling essential cookies may impact service availability.

7. International Transfers

Keep My Claw may store or process data in the United States and other countries where we or our service providers operate. When transferring personal information across borders, we rely on contractual safeguards such as Standard Contractual Clauses and require providers to meet our security standards. Note that backup contents are encrypted and unreadable regardless of where they are stored.

8. Retention & Deletion

We retain account information while you maintain an active account.
Encrypted backups are deleted within 30 days after you remove them, or upon account deletion.
After account deletion, we may retain anonymized usage data and records required for legal compliance (e.g., billing records for tax purposes).
Stripe retains payment data per their own retention policies.

9. Security

Your backup data is protected by client-side AES-256 encryption before transmission. In addition, we use encryption in transit (TLS), role-based access controls, and audit logging for infrastructure access. Cloudflare R2 provides encryption at rest for stored blobs.

No system is perfectly secure. If you suspect a security issue, please contact us immediately at support@keepmyclaw.com.

10. Your Rights & Choices

Access & export — download your encrypted backups at any time through the CLI or web interface.
Deletion — delete individual backups or your entire account. Account deletion removes all associated data.
Correction — update your email or account details in your account settings.
Restriction & objection — email us at support@keepmyclaw.com to request restriction of processing. We may ask for verification before fulfilling requests.

For EU/UK residents (GDPR)

You have additional rights including the right to lodge a complaint with your local supervisory authority. Our legal bases for processing are contractual necessity, legitimate interest (service security and improvement), and legal obligation.

For California residents (CCPA)

You have the right to know what personal information we collect, request its deletion, and opt out of its sale. We do not sell personal information. To exercise your rights, email support@keepmyclaw.com.

11. Children

Keep My Claw is not directed to children under 16, and we do not knowingly collect personal information from them. If we learn that we have collected data from a child, we will delete it and may close the account.

12. Changes to This Policy

We may update this policy to reflect new features, legal requirements, or security practices. Material changes will be communicated via email or in-product notice. Continued use of the Services after an update constitutes acceptance.

13. Governing Law

This policy and any disputes arising from it are governed by the laws of the State of Delaware, United States, without regard to its conflict of law provisions.

14. Contact

Questions, privacy requests, or complaints can be sent to support@keepmyclaw.com or mailed to:

Rzy, LLC
131 Continental Dr Suite 305
Newark, DE 19713, US

European users may also lodge a complaint with their local supervisory authority.