Privacy & Security
OpenClaw is designed with privacy first. Your data stays under your control.
Data Flow
You → Your Server → Model Provider API → Your Server → You
(OpenClaw) (OpenClaw)- Messages flow through YOUR server
- Only the AI API call goes to your configured provider
- No data stored on third-party servers
- No telemetry or analytics sent externally
Hosted Bot Networking
For hosted OpenClaw VPS, there are now two separate network surfaces:
- Public web chat on Cloudflare
- Private tailnet web chat on the customer’s own Tailscale tailnet
The customer tailnet path is optional. Public-only bots keep the normal public behavior. Telegram remains public-only.
What Data Goes to Your Provider?
When you send a message, OpenClaw sends to the configured provider API:
- Your message content
- Recent conversation context
- System prompts and configuration
What happens next depends on the provider behind your BYOK key:
- Review that provider’s API retention and privacy terms
- Verify whether API data is used for training
- Confirm deletion windows and enterprise agreement options if you need them
If privacy terms matter for your use case, review the retention and privacy policy tied to the provider key you use in production.
What Data Stays Local?
Everything else stays on your infrastructure:
- Full conversation history
- User preferences and memories
- Uploaded files (after processing)
- Usage logs and analytics
- Configuration and secrets
Security Features
Authentication
- API key authentication for web access
- Platform-native auth for Telegram today
- Slack and Discord are still coming soon in the hosted public flow
- Optional password protection
- Session management
Encryption
| Layer | Cloudflare | VPS | Local |
|---|---|---|---|
| In transit | TLS 1.3 | Your config | Your config |
| At rest | Encrypted | Your config | Your config |
| API keys | Secret bindings | Env vars | Env vars |
Network Security
Cloudflare Workers:
- Cloudflare Access for zero-trust security
- DDoS protection included
- WAF available
VPS:
- Cloudflare Tunnel recommended (no open ports)
- Firewall configuration guides provided
- Fail2ban for brute force protection
Local:
- Local network access only (by default)
- Port forwarding optional (not recommended)
- Tailscale/Wireguard for remote access
Hosted private networking:
- Customer bots join the customer-owned tailnet, not OpenClaw’s internal tailnet
- Private web chat is controlled by the customer’s tailnet policy
- Custom domains stay on the public web path only
Compliance
GDPR
OpenClaw helps you comply with GDPR:
- Data stored in region of your choice
- User data export available
- User data deletion available
- No third-party data sharing (except AI API)
HIPAA
For healthcare use:
- Deploy on HIPAA-compliant infrastructure
- Confirm whether your chosen provider offers the agreements you need
- Audit logging available
- Encryption at rest required
HIPAA compliance requires additional configuration. Contact us for guidance.
SOC 2
For enterprise deployments:
- Cloudflare is SOC 2 certified
- Your VPS provider’s compliance applies
- Audit trails available
Best Practices
API Key Security
- Never commit API keys to git
- Use environment variables
- Rotate keys periodically
- Use separate keys for dev/prod
Access Control
- Limit who can access your OpenClaw instance
- Use channel-native permissions and access lists where available
- Review access logs regularly
Backup & Recovery
- Regular database backups (VPS/Local)
- Test restoration procedures
- Document recovery steps
Updates
- Keep OpenClaw updated for security patches
- Subscribe to security announcements
- Review changelogs before updating
Reporting Security Issues
Found a vulnerability? Please report responsibly:
- Email: [email protected]
- Do not disclose publicly until fixed
- We’ll acknowledge within 48 hours