How Your Data Stays Private
Unlike typical SaaS products where all data flows through one server, SeeClaw gives every user their own dedicated cloud server. Your conversations, emails, files, and memories never leave it.
๐ฑ Your iPhone
SeeClaw app connects
directly to your server
๐ฅ๏ธ Your Server
Dedicated cloud server
only you control
๐ค AI (OpenRouter)
Processes your prompts
returns responses
๐ง SeeClaw Backend
Only handles: account signup, server provisioning, system health metrics (CPU/RAM/disk). Never sees your messages, emails, or files.
What We Store vs. What We Don't
Full transparency on exactly what data lives where.
| Data | Location | SeeClaw Can See? |
|---|---|---|
| Your name & email | SeeClaw backend | Yes โ needed for account |
| Password | SeeClaw backend (bcrypt hash) | No โ hashed, unreadable |
| Subscription plan | SeeClaw backend | Yes โ needed for billing |
| Chat messages | Your server only | No |
| AI memories & preferences | Your server only | No |
| Google OAuth tokens | Your server only | No |
| Emails & calendar data | Your server only (via Google API) | No |
| Agent configurations | Your server only | No |
| Server health (CPU, RAM, disk) | SeeClaw backend | Yes โ system metrics only |
Verify It Yourself
Don't just trust us โ verify. Our gateway code is source-available, and you can confirm the code running on your server matches what's published.
Read the Source Code
Our gateway server code is published under the OCVSAL (source-available) license on GitHub. You can read every line that runs on your server.
SSH Into Your Server
You can request SSH access to your own server from the SeeClaw app. Once connected, check the actual code running:
cat /opt/openclaw/gateway-server.js
Compare the Hash
Verify the code matches the published version by comparing SHA-256 hashes:
sha256sum /opt/openclaw/gateway-server.js
Compare this hash with the one published on our GitHub repository's releases page.
Check What Gets Sent
Monitor network traffic from your server to see exactly what data leaves it. You'll find only AI API calls and health heartbeats โ no message content goes to SeeClaw.
sudo tcpdump -i eth0 -n host seeclaw.ai | head -20
Emergency Support Access Policy
If you ever need our help troubleshooting your server, here's how it works โ fully under your control.
| Safeguard | Details |
|---|---|
| User-initiated only | You must explicitly tap "Grant Support Access" in the app. We cannot access your server without your permission. |
| Time-limited | Access automatically expires after 1 hour (default). Maximum 24 hours. You set the duration. |
| Revocable any time | Tap "Revoke Access" in the app to instantly remove support access. |
| Fully audited | All commands executed by support staff are logged via Linux auditd. You can view the full audit trail in the app. |
| Limited permissions | Support access can only view service logs and restart services. No access to your data files. |
Source-Available License
Our gateway code is published under the OCVSAL (Open Core Ventures Source Available License). This means:
โ You Can
View the full source code. Read every line. Audit it. Verify your server runs the same code. Modify and test it locally. Report issues.
๐ซ You Can't
Run it in production commercially without a SeeClaw subscription. Copy the project and launch a competing service.
This gives you full transparency โ you can verify exactly what runs on your server โ while protecting our ability to keep building and improving SeeClaw. Learn more about OCVSAL โ
Bring Your Own API Keys (Optional)
By default, SeeClaw provides AI access through our OpenRouter account โ we handle the complexity so you don't have to. But if you prefer full control, you can provide your own OpenRouter API key. When you do, AI requests go directly from your server to OpenRouter under your own account โ SeeClaw has zero visibility into your usage.