Clawly Privacy Policy

This Privacy Policy explains how Clawly collects, uses, discloses, and stores information when you install or use our Shopify app and related services (the "Services").

1. Scope

This Policy applies to merchant and operational data processed through Clawly. It does not govern data practices of Shopify or other third-party services you connect; those providers have their own terms and privacy policies.

2. Information We Collect

2.1 Information from Shopify and your store

Store identifiers, domain, and account metadata
Product, order, customer, inventory, and fulfillment data you authorize us to access
Theme, content, and configuration data required for requested tasks

2.2 Integration and API data

OAuth tokens, API credentials, and integration account metadata
Data exchanged with connected providers (marketing, support, logistics, analytics, messaging)

2.3 AI interaction data

Prompts, instructions, run context, tool calls, logs, and generated outputs
Execution history for automations and agent actions

2.4 Technical and usage data

IP address, browser/device data, timestamps, and error logs
Feature usage and performance telemetry

3. How We Use Information

Provide, maintain, and secure the Services
Run automations and AI tasks you configure
Enable integrations and API connectivity
Troubleshoot incidents and prevent abuse or fraud
Measure reliability and improve product performance
Comply with legal obligations and enforce our Terms

4. Data Sharing and Disclosure

To operate the Services, we may share information with third parties, including:

Shopify and app-platform infrastructure providers
LLM and AI providers used to process prompts and generate outputs
Integration providers you connect (for example support, CRM, shipping, analytics, messaging tools)
Cloud hosting, logging, monitoring, and security vendors
Professional advisors and legal authorities where required by law

We do not sell your personal information for cash consideration. However, data may be processed by multiple third-party providers as required to run requested workflows.

5. Cross-Border Transfers

Your data may be processed in countries outside your jurisdiction, including countries with different data-protection laws. By using the Services, you authorize these transfers to the extent permitted by law.

6. Retention

We retain data for as long as needed to provide the Services, meet legal obligations, resolve disputes, and enforce agreements. Retention periods vary by data type, account status, and operational requirements.

7. Security

We use reasonable technical and organizational measures to protect data. No system is perfectly secure, and we do not guarantee absolute security or uninterrupted operation.

You are responsible for maintaining secure credentials, reviewing permissions, and validating automation behavior.

8. Your Choices and Rights

You can uninstall Clawly and revoke integrations at any time.
You can request access, correction, or deletion where applicable law provides those rights.
You may request export of certain account data, subject to legal and technical constraints.

Some information may need to be retained for security, legal, billing, or fraud-prevention purposes.

9. Cookies and Similar Technologies

We and our providers may use cookies, local storage, and similar technologies for authentication, session integrity, analytics, and performance monitoring.

10. Children

The Services are intended for business users and are not directed to children.

11. Third-Party Responsibility Limits

When you enable integrations or AI providers, your data may be transmitted to those systems based on your settings. You are responsible for evaluating provider suitability for your business and legal requirements.

12. Policy Updates

We may update this Privacy Policy from time to time. Updated versions are effective when posted. Continued use of the Services after updates means you accept the revised Policy.

13. Contact

For privacy requests or questions, use our contact page.