Privacy Policy

Last updated: February 7, 2026

1. Introduction

This Privacy Policy describes how Instaclaw ("we," "us," or "our"), a product operated by ArcSpeed AI (51 Goldhill Plaza #07-07, Singapore 308900), collects, uses, and handles information when you use our platform. By using Instaclaw, you acknowledge and agree to the practices described in this policy.

2. Information We Collect

When you use Instaclaw, we may collect the following types of information:

  • Account information: When you sign in via Google OAuth, we receive your email address, name, and profile picture from Google. This information is used for account creation and identification.
  • Instance configuration: Information you provide when setting up and configuring your OpenClaw instances, including templates, settings, and preferences.
  • Usage data: General information about how you interact with the Service, including instance activity and API usage.
  • Payment information: If applicable, payment details are collected and processed by our payment provider, Stripe. We do not store your full payment card details.

3. How We Use Your Information

We use the information we collect to:

  • Provide, operate, and maintain the Service
  • Provision and manage your OpenClaw instances and associated infrastructure
  • Process transactions and send related communications
  • Respond to your requests and provide support
  • Improve and develop the Service
  • Protect against fraud and abuse

4. Third-Party Service Providers

We rely on third-party services to operate the platform. Your data may be processed by and retained with the following providers in the course of delivering the Service:

  • Google — Authentication via OAuth (email, name, profile picture)
  • Stripe — Payment processing (billing and transaction data)
  • Hetzner Cloud — Server provisioning and hosting (instance data, configurations)
  • Cloudflare — Networking, tunnels, DNS, and object storage via R2 (instance traffic and persistent data)

Each of these providers operates under their own privacy policies and data handling practices. Data shared with these providers is retained according to their respective retention policies, which may differ from ours. We encourage you to review their privacy policies.

5. Data Processed by Your OpenClaw Instance

Your OpenClaw instance connects to third-party AI providers and messaging platforms that you configure (such as Anthropic, OpenAI, WhatsApp, Telegram, and others). Data processed through your instance — including messages, prompts, and responses — is transmitted to and processed by those external services according to their own terms and privacy policies.

We do not monitor, log, or inspect the content of messages or data processed by your OpenClaw instance. You are solely responsible for the data that flows through your instance, the API keys you configure, and ensuring that your use of those services complies with their respective terms.

6. AI Processing

Instaclaw deploys OpenClaw, an AI gateway that routes messages between chat platforms and AI providers. By using the Service, you acknowledge that:

  • Your instance processes data through AI models provided by third-party providers you select and configure
  • AI responses are generated automatically and may not always be accurate or appropriate
  • We do not use your instance data or conversations to train AI models — however, the third-party AI providers you connect to may have their own data usage policies
  • You are responsible for reviewing and complying with the terms of any AI provider whose API keys you use

7. Data Retention

We retain your account information for as long as your account is active. Instance data is stored on infrastructure provisioned for your account (Hetzner servers and Cloudflare R2 storage). When you deprovision an instance, the server is destroyed. Storage buckets may be retained briefly for recovery before permanent deletion.

Data shared with our third-party service providers is retained according to their own retention schedules, which are outside our direct control.

8. Data Security

We implement reasonable security measures to protect information processed through the Service, including encrypted tunnels (Cloudflare Tunnels), token-based authentication, and isolated server instances. However, no method of electronic transmission or storage is completely secure, and we cannot guarantee absolute security.

9. Data Removal

If you would like your personal data removed from our systems, please contact us at support@arcspeed.ai. We will process your request within 14 business days. Please note that some data may persist in our third-party providers' systems according to their own retention policies, and certain data may need to be retained to comply with legal obligations.

10. International Data Transfers

Your data may be transferred to and processed in countries outside your country of residence, including Singapore, Germany, and the United States, depending on the location of our infrastructure providers. By using the Service, you consent to such transfers.

11. Children

The Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children.

12. Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you through the Service or by email. Continued use of the Service after changes constitutes acceptance of the updated policy.

13. Contact

If you have questions about this Privacy Policy or our data practices, please contact us at support@arcspeed.ai.