Privacy Policy

Agency Claw ("we", "us", "our") operates the Agency Claw SaaS platform. For any privacy-related questions, contact us at rishideoghare@gmail.com.

We collect the following categories of information:

• Account information — name, email address, profile picture (via Google OAuth or email/password registration)
• Billing information — subscription plan, billing cycle, payment status (payment card details are processed by Razorpay and never stored by us)
• Usage data — agents created, leads generated, content published, credit usage, token consumption, and feature interactions
• Content data — LinkedIn posts, images, and other content created using the platform
• Lead data — business leads scraped or imported by you, which you own and control
• Feedback — any feedback, feature requests, or support messages you submit
• Technical data — IP address, browser type, device type, and session information collected automatically

We use your information to:

• Provide, operate, and maintain the Service
• Process payments and manage subscriptions
• Personalise your experience and improve the platform
• Send transactional emails (account activity, billing receipts, trial reminders)
• Send product updates and announcements (you may opt out at any time)
• Monitor usage patterns via PostHog analytics to improve product features
• Respond to support requests
• Enforce our Terms and Conditions and comply with legal obligations

We use cookies and similar tracking technologies to maintain your session and authenticate your account. We also use PostHog for product analytics, which may set cookies to track page views and feature usage.

You can control cookies through your browser settings. Disabling cookies may affect the functionality of the Service.

We share data with the following third-party providers only as necessary to operate the Service:

• Razorpay — payment processing
• OpenAI — AI content and image generation
• PostHog — product analytics
• Vercel / Railway — hosting and infrastructure
• Telegram — bot notifications (if enabled)
• LinkedIn — content publishing (via OAuth)
• Google APIs — Gmail sending, Calendar events, and Drive storage (if user connects their Google account)

We do not sell your personal data to third parties.

AgencyClaw's use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

When you connect your Google account, AgencyClaw may request access to the following Google APIs — solely to carry out actions you explicitly request through your personal agent conversation:

• gmail.send — sends outreach or follow-up emails from your Gmail account
• gmail.compose — creates Gmail drafts for your review before sending
• gmail.readonly — reads email threads to check replies and report back to you
• calendar.events — creates and updates calendar invites for booked meetings
• calendar.events.readonly — reads your calendar events when you ask to review upcoming meetings
• calendar.freebusy — checks whether you are free or busy in a time window to suggest available slots
• drive.file — saves files (e.g., email summaries) to your Drive when you request it
• drive.appdata / drive.appfolder — stores and reads your agent configuration and preferences privately
• drive.install — registers AgencyClaw with Drive once during onboarding

AgencyClaw does not:

• Sell, share, or transfer any data obtained through Google APIs to third parties
• Use Google user data for advertising, profiling, or any purpose beyond the feature you explicitly requested
• Allow humans to read your Google data except as required to provide or improve the service

You can disconnect your Google account and revoke all API permissions at any time — either from the AgencyClaw settings page, or directly from your Google Account's connected apps page.

AgencyClaw uses LinkedIn's Community Management APIs to publish and manage content on behalf of your LinkedIn Page or Organization. We access this data only with your explicit authorization via OAuth and only to perform actions you request.

We follow LinkedIn's LinkedIn Community Management API guidance, including any applicable data use and member data protection requirements.

We only request the minimum permissions required to:

• Post updates and manage content on your LinkedIn Organization page
• Fetch post and engagement metrics needed to power your dashboard
• Read comments or reactions when you ask us to manage or respond to them

AgencyClaw does not:

• Sell, share, or transfer any data obtained through LinkedIn APIs to third parties
• Use LinkedIn data for advertising, profiling, or any purpose beyond the feature you explicitly requested
• Persist LinkedIn member data longer than necessary to provide the service (beyond what you explicitly save/own in the product)

You can revoke AgencyClaw's access to your LinkedIn account via LinkedIn’s Permitted Services settings page.

Your data is stored in a PostgreSQL database hosted on a secure cloud provider. We implement industry-standard security measures including encrypted connections (TLS), hashed passwords, and access controls.

While we strive to protect your data, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security.

We retain your account data for as long as your account is active. If you delete your account, we will delete or anonymise your personal data within 30 days, except where retention is required by law (e.g., billing records).

Lead data, content, and agent configurations are permanently deleted upon account deletion.

Depending on your jurisdiction, you may have the following rights regarding your personal data:

• Access — request a copy of your data
• Correction — request corrections to inaccurate data
• Deletion — request deletion of your personal data
• Portability — request your data in a machine-readable format
• Objection — object to the processing of your data for marketing purposes

To exercise any of these rights, email us at rishideoghare@gmail.com.

The Service is not directed to individuals under the age of 18. We do not knowingly collect personal data from children. If we become aware that a child has provided us with personal data, we will delete it promptly.

We may update this Privacy Policy from time to time. We will notify you of material changes by email or via a notice in the Service. Your continued use of the Service after the effective date constitutes acceptance of the revised policy.

For any privacy-related questions or concerns, please contact: rishideoghare@gmail.com