Effective date: March 30, 2026
This Privacy Policy applies to the OpenClaw mobile apps for Android and iOS.
OpenClaw mobile apps access device data only when you enable a feature or grant a permission. The apps connect to the gateway you choose. OpenClaw does not operate a central cloud that receives all app data by default.
Depending on the features you enable, the app may access:
- Connection and setup data, including gateway host and port, tokens, passwords, TLS fingerprints, pairing state, local display name, feature toggles, local discovery state, and notification or push tokens where supported.
- A local device identity and device-specific authentication tokens used to pair and authenticate with your gateway.
- Camera photos or videos if you use camera features.
- Microphone audio if you use voice transcription, talk mode, voice wake, or audio capture features.
- Location data if you enable location features.
- Photos you choose to make available through device permissions.
- Contacts if you enable contact search or contact creation features.
- Calendar data if you enable calendar features.
- Notification content and metadata if you enable notification access features.
- Motion sensor data if you enable motion or pedometer features.
- On Android, SMS data if you enable SMS features. This can include SMS sending and SMS search or review features, depending on the permissions you grant.
- Screen content only when you explicitly start a supported screen capture or recording flow.
- Content you intentionally share through a system share sheet or share extension where supported.
The app uses this information to:
- Pair and authenticate your device with your chosen gateway.
- Execute features you enable, such as camera capture, voice input, notifications, location sharing, contacts lookup, calendar actions, SMS features, and screen features.
- Show device status, capabilities, and app settings.
- Deliver app notifications or wake events where supported.
- The app sends commands, content, and device capability data to the gateway you configure.
- If you use speech features, platform speech recognition services may process microphone audio and transcripts.
- If you enable third-party voice output or AI services through your gateway, those services may process the data sent to them under their own privacy policies.
- Push notification tokens may be sent to your gateway so it can deliver notifications or wake events.
- Mobile operating systems may include app data in backup, restore, or device-transfer features depending on your device and system settings.
- We do not sell personal data.
- We do not include mobile advertising SDKs in the current mobile builds.
- We do not include mobile analytics or crash-reporting SDKs in the current mobile builds.
The mobile apps store connection secrets such as gateway tokens and passwords locally using platform security features, including Android encrypted storage and the iOS Keychain where applicable.
The apps also store local device identity, app settings, pairing state, and cached operational data in app-private storage. Temporary files may be written to app cache while features run, such as media output or debugging artifacts.
OpenClaw retains data on your device until one of the following happens:
- you remove it in the app where that control exists,
- you disconnect and clear app data,
- you clear the app's storage through your device settings, or
- you uninstall the app.
OpenClaw does not set a single universal retention period for data processed by your chosen gateway or third-party services. Data sent to your gateway, AI providers, voice providers, or other connected services is retained according to that service's own configuration and policies.
You can delete data controlled by the mobile app by:
- disconnecting the app from your gateway,
- clearing the app's storage or app data in your device settings, or
- uninstalling the app.
These actions remove locally stored app data from the device, subject to normal operating-system behavior and backup settings.
If data has been sent to your gateway or to third-party services connected through your gateway, you must delete that data through those systems. OpenClaw cannot directly delete data stored by gateways, AI providers, voice providers, notification providers, or other third-party services you choose to use.
You can:
- deny or revoke permissions at any time in system settings,
- disable features such as location, notifications, voice, contacts, calendar, or SMS inside the app where supported,
- disconnect from a gateway at any time, and
- control retention and third-party routing on the gateway you choose to use.
We may update this Privacy Policy as the app changes. If we do, we will post the updated version and update the effective date above.
For privacy or security questions, contact:
security@openclaw.ai