← Back to BlitzClaw

Privacy Policy

Last updated: May 10, 2026

1. Data Controller

The data controller for BlitzClaw is:

2M Ventures UG (haftungsbeschränkt)
Geschäftsführer: Philipp Müller
Hohenstaufenstr. 22, 10779 Berlin, Germany
Email: support@blitzclaw.com

2. Data We Collect

Account Data

Email address and authentication credentials (processed via Clerk).

Instance Configuration

Settings you configure for your AI assistant: name, personality, connected services.

Usage Data

API usage metrics, token consumption, instance status — for billing and service operation.

Conversation Data

Messages exchanged with your AI assistant are processed to provide the service. See Section 3 for important information about third-party processing.

3. Third-Party Data Processing

⚠️ AI model providers

BlitzClaw is model-agnostic. Depending on the model configured for your instance or workflow, content you send to your AI assistant may be transmitted to third-party AI model providers such as Anthropic, OpenAI, or other providers configured for your instance. This may include:

  • All messages you send
  • Files or data you share with or through the assistant
  • Tool outputs and content the assistant accesses on your behalf (websites, documents, integrations)
  • Any secrets or credentials you instruct the assistant to use

These providers process data under their own privacy policies and terms. Review Anthropic's policy at anthropic.com/legal/privacy and OpenAI's policy at openai.com/policies/privacy-policy.

Data transfer: AI processing may involve transfers outside the EU, including to the USA. Where available, we rely on provider data-processing terms, adequacy decisions, and/or standard contractual clauses for international transfers.

Polar.sh (Payment Processing)

Polar acts as Merchant of Record for all payments. Polar collects billing information including payment method details. We do not store your payment card data. See: polar.sh/legal/privacy

Clerk (Authentication)

Clerk processes your login credentials and manages authentication sessions. See: clerk.com/legal/privacy

Infrastructure Providers

Your managed BlitzClaw instance currently runs on servers provided by Hetzner in Germany. Legacy instances or future deployments may use other infrastructure providers where explicitly configured. Infrastructure providers have physical access to server infrastructure but not routine application-level access to your workspace.

4. Sub-Processors

We use the following third-party service providers who may process your data:

ProviderPurposeLocation
Anthropic, PBCAI model provider, where selected/configuredUSA
OpenAI, L.L.C.AI model provider, where selected/configuredUSA
Clerk, Inc.AuthenticationUSA
Polar Software ABPayment processing (MOR)Sweden
Hetzner Online GmbHServer infrastructureGermany
Google LLCOptional user-authorized Google connectorsUSA / global
Vercel, Inc.Web application hostingUSA

5. Legal Basis for Processing (GDPR Art. 6)

  • Contract performance (Art. 6(1)(b)): Processing necessary to provide the service you requested
  • Legitimate interest (Art. 6(1)(f)): Service security, fraud prevention, service improvement
  • Legal obligation (Art. 6(1)(c)): Tax records, law enforcement requests
  • Consent (Art. 6(1)(a)): For optional processing, where applicable

6. Data Retention

  • Account data: Until account deletion plus 30 days
  • Instance data: Deleted within 7 days of instance termination
  • Billing records: 10 years (German tax law requirement)
  • Conversation data on your instance: You control this; deleted when instance is deleted

Note: Data sent to third-party AI model providers is retained according to the selected provider's policies and contractual terms, which we do not fully control.

7. Your Rights (GDPR)

You have the right to:

  • Access (Art. 15): Request a copy of your personal data
  • Rectification (Art. 16): Correct inaccurate data
  • Erasure (Art. 17): Request deletion of your data
  • Restriction (Art. 18): Limit how we process your data
  • Portability (Art. 20): Receive your data in machine-readable format
  • Object (Art. 21): Object to processing based on legitimate interest
  • Withdraw consent: Where processing is based on consent

Contact support@blitzclaw.com to exercise these rights. We respond within 30 days.

Supervisory authority: You may lodge a complaint with the Berlin Commissioner for Data Protection (Berliner Beauftragte für Datenschutz und Informationsfreiheit).

8. International Transfers

Your data is transferred to:

  • USA (AI model providers): Conversation and workflow data for AI processing where a US provider is selected/configured
  • USA (Clerk): Authentication data
  • EU/USA (Polar): Payment data
  • USA / global (Google): Optional connector data if you authorize Google integrations

For US transfers, we rely on Standard Contractual Clauses (SCCs) where available from the provider. You acknowledge that US law may provide different data protection standards than EU law.

9. Server Access & Secrets

Your instance is a dedicated server

Each BlitzClaw instance runs on a dedicated virtual server provisioned for your account. Your conversations, files, memory, and configuration live on this server.

Secrets you store

You may store API keys, tokens, or other credentials on your instance (via the dashboard or by instructing your assistant). These secrets are stored on your server in plain text configuration files. They are not encrypted at rest by BlitzClaw.

Our access to your server

BlitzClaw maintains SSH (root) access to your instance for:

  • Provisioning and initial setup
  • Software updates
  • Troubleshooting and support (when you report issues)
  • Service monitoring and health checks

This means we technically have the ability to read any data on your instance, including conversation history, stored secrets, and files your assistant has created or accessed. We do not routinely access this data and only do so for legitimate operational purposes.

We are working toward time-limited, user-granted support access and audit logging for all server access events. These features are not yet available.

Browser relay

If you use the browser relay feature (Chrome extension), session data including cookies from your browser is transmitted through our relay server to your instance. This data passes through our infrastructure in transit. We do not store or log browser session data, but we technically have the ability to inspect it in transit.

End-to-end encryption for the browser relay is planned but not yet implemented.

What this means for you

Do not store highly sensitive credentials (bank passwords, government IDs, medical records) on your instance. Treat your BlitzClaw instance like a computer managed by a trusted IT provider — convenient and useful, but not a vault.

10. Security

We implement basic technical and organizational measures including:

  • TLS encryption for data in transit
  • SSH key-based access to instances
  • Access controls and authentication via Clerk

As noted in our Terms of Service, BlitzClaw is experimental software that has not undergone formal security audits. Data stored on your instance (including secrets and credentials) is not encrypted at rest by BlitzClaw. Provider-level disk encryption may be available depending on the infrastructure provider.

No system is 100% secure. You are responsible for securing your account credentials and any secrets you store in your instance.

11. Children

BlitzClaw is not intended for users under 18. We do not knowingly collect data from minors. If you believe a minor has provided data, contact us for deletion.

12. Changes

We may update this policy. Material changes will be notified via email at least 14 days before taking effect.

13. Contact

For privacy inquiries: support@blitzclaw.com
General support: support@blitzclaw.com