Privacy Policy
Last updated: June 7, 2026 · Effective date: June 7, 2026 · Contact: [email protected]
Operator: DotOwl Pte Ltd, Singapore
1. Introduction
ClippyBot ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform, desktop application, and website.
By using ClippyBot, you consent to the practices described in this policy. If you do not agree, please do not use the service.
2. Data We Collect
2.1 Account Information
When you register, we collect: email address, password (hashed using Argon2id; we never store plaintext), display name and optional avatar, workspace membership and roles, and two-factor authentication settings (if enabled).
2.2 Workspace Data
Data created within your workspace: project names, descriptions, and configurations; group structures and permission assignments; domain monitoring records and SSL scan results; widget layouts and dashboard preferences; audit logs of actions taken within the workspace.
2.3 Plugin Execution Data
When you run a plugin or tool: input parameters and arguments, execution logs (success, failure, duration), generated output (text, images, files, structured data), and plugin version and execution environment metadata.
2.4 Files and Uploads
Files uploaded for processing (documents, images, archives), files generated by plugins (reports, exports, rendered assets), and temporary files created during execution.
2.5 AI Conversations
If you use AI features: prompts and messages you send, AI-generated responses, conversation thread history, and token usage and model metadata.
2.6 Billing and Payment Data
Payment method details (handled exclusively by Stripe), credit balance, transaction history, and ledger entries, subscription plan, invoices, and billing address. We do not store full card numbers.
2.7 OAuth Tokens and API Keys
OAuth tokens for Google, Cloudflare, and other providers. API keys for third-party integrations (encrypted at rest using AES-256-GCM). Token expiration and refresh metadata.
2.8 Automatically Collected Data
IP address and user agent (for rate limiting and security), device platform and last-seen timestamp, cookie and session identifiers, and error logs and crash reports (via Sentry).
3. How We Use Your Data
| Purpose | Data Used | Legal Basis |
|---|---|---|
| Provide the platform | Account, workspace, plugin data | Contractual necessity |
| AI processing | Prompts, execution context | Legitimate interest (user-initiated) |
| Billing and credits | Stripe data, transaction history | Contractual necessity |
| Security and fraud prevention | IP, logs, device info | Legitimate interest |
| Service improvement | Anonymized usage patterns | Legitimate interest |
| Legal compliance | Audit logs, billing records | Legal obligation |
| Communication | Email address | Consent or contractual necessity |
We do not sell your personal data to third parties. We do not use your data to train general-purpose AI models without explicit consent. We do not share your workspace data with other workspaces unless you explicitly invite them.
4. Data Retention
| Data Category | Retention Period | Notes |
|---|---|---|
| Account data | Until account deletion | Deleted 30 days after you request deletion |
| Workspace data | Until workspace deletion | Owned by the workspace; deleted with the workspace |
| Generated files | 30 days (configurable) | Enterprise plans can extend retention |
| AI conversations | 90 days | Anonymized after 90 days for model evaluation |
| Audit logs | 7 years (billing), 1 year (general) | Billing logs retained for tax/legal obligations |
| OAuth tokens | Until revocation or expiration | Auto-deleted when you disconnect the integration |
| API keys | Until deletion by user | Encrypted at rest; deleted immediately upon request |
| Session tokens | 15 minutes (email), 7 days (refresh) | Rotated automatically |
| Error logs | 90 days | Crash reports in Sentry |
5. Third-Party Processors
| Subprocessor | Purpose | Location | Data Transferred |
|---|---|---|---|
| Stripe | Payment processing | United States | Billing data, card tokens |
| Cloudflare | CDN, DDoS protection, R2 storage | Global | All traffic, uploaded files |
| Resend | Transactional email delivery | United States | Email address, email content |
| Sentry | Error tracking and performance | United States | Error logs, stack traces, user agent |
| Google OAuth | Authentication | United States | OAuth tokens, email, profile info |
| OpenAI / Anthropic | AI model inference | United States | Prompts, execution context (if using AI features) |
We have Data Processing Agreements (DPAs) in place with all subprocessors. A copy of our standard DPA is available upon request.
6. Your Rights
6.1 Access
You can request a copy of all personal data we hold about you. We aim to respond within 30 days.
6.2 Correction
Update your account information at any time in the app settings.
6.3 Deletion (Right to be Forgotten)
You can delete your account, which will immediately deactivate your login and queue all personal data for deletion within 30 days. Anonymized audit logs are retained for legal compliance. Workspace deletion is performed by the workspace owner and removes all associated data.
6.4 Data Portability
Export your data in machine-readable formats (JSON, CSV) via the in-app export tool or by contacting [email protected].
6.5 GDPR and EU Users
For EU users: we act as the data controller for your account data. The workspace owner acts as the data controller for workspace data. You can file a complaint with your local supervisory authority. EU data residency is available for Enterprise plans.
6.6 California Residents (CCPA/CPRA)
California residents have the right to know what personal data is collected, know whether personal data is sold or shared (it is not), request deletion of personal data, and opt out of any future sale (N/A, as we do not sell data).
7. Cookies and Tracking
7.1 Essential Cookies
Required for the service to function: session (7 days or until logout), csrf_token (session), workspace_id (7 days).
7.2 Analytics Cookies
Optional cookies for service improvement: _cb_analytics (90 days). You can disable analytics cookies in your account settings. Essential cookies cannot be disabled.
7.3 Third-Party Cookies
We do not use third-party advertising cookies. Sentry and Cloudflare may set cookies for security and performance monitoring.
8. Data Security
We implement the following security measures:
- Encryption at rest: PostgreSQL data, Redis snapshots, and R2 objects are encrypted.
- Encryption in transit: TLS 1.3 for all API and web traffic.
- Access controls: Role-based access control (RBAC) within workspaces; least-privilege access for staff.
- Audit logging: All administrative actions and data access are logged.
- Penetration testing: Conducted annually by a third-party security firm.
- Incident response: See docs/ops/incident-runbooks.md.
9. Children's Privacy
ClippyBot is not intended for users under the age of 16. We do not knowingly collect data from children. If you believe a child has provided us with personal data, contact [email protected] and we will delete it.
10. International Data Transfers
Your data may be transferred to and processed in countries outside your jurisdiction, including Singapore and the United States. We ensure adequate protection through Standard Contractual Clauses (SCCs) for EU data, Data Processing Agreements with all subprocessors, and encryption during transit and at rest.
11. Changes to This Policy
We may update this policy periodically. Significant changes will be notified via email to the address associated with your account, in-app notification, and a banner on the website.
12. Contact
For privacy-related questions, data requests, or complaints:
- Email: [email protected]
- Postal: DotOwl Pte Ltd, Singapore
- Response time: 30 days for formal requests; 2 business days for general inquiries