Klaws gives you a personal AI agent that runs 24/7. It can chat, research, automate tasks, manage social media, and learn new skills — all from your dashboard or Telegram.

How much does it cost?

Plans start at $19/month for Starter. Every new user gets a 3-day free trial with 100 credits.

Is there a free trial?

Yes — 3 days free on any plan. Card required. Deploy your agent and start chatting immediately.

Yes. Each agent runs in its own isolated environment. Your conversations, memory, and files are never shared with other users.

Legal

Privacy Policy

Last updated: April 29, 2026

1. Who we are (Data Controller)

Klaws is the data controller for the purposes of the EU General Data Protection Regulation (GDPR).

Contact for any privacy-related question, request, or complaint: hello@klaws.app. We respond within 30 days as required by GDPR Art. 12.

See our Imprint for legal contact details.

2. Information we collect

Account information: Email address, display name, and profile picture (via Google sign-in or email login).

Agent data: Your agent's personality, memory, learned skills, conversation history, scheduled tasks, and files created in Canvas.

Payment information: Billing is processed by Stripe. We store your Stripe customer ID and subscription status but never your card details.

Integration credentials: API keys and tokens for connected services (X/Twitter, Telegram, Discord, Gmail, GitHub) are stored encrypted on our servers and only used by your agent.

Usage data: Message counts, credit usage, and basic anonymous analytics (pageviews, route, viewport).

Storage on your device: We do not set tracking cookies. We use localStorage on your browser to keep you signed in (auth token), remember your theme preference, and store dismissed in-app notifications. These are strictly necessary to operate the service.

3. Lawful bases (GDPR Art. 6)

Performance of a contract — for everything required to operate your agent: account creation, agent provisioning, message processing, billing, transactional emails, and integrations you authorize.

Legitimate interest — for cookieless aggregate analytics, fraud prevention, and security logging. You can object at any time.

Legal obligation — for billing records and tax compliance.

Consent — for any optional marketing communications. You can withdraw at any time.

4. How we use your information

We use your information to: provide and operate your AI agent; personalize your agent's behavior and memory; process payments; send transactional emails (welcome, weekly digest, account notifications); operate the live support chat; and measure aggregate, anonymous traffic to improve the service.

5. Data isolation

Each user's agent runs in an isolated container. Your agent's memory, skills, conversations, files, and credentials are not accessible by other users or other agents on the platform.

6. Third-party processors

We share data with the following processors strictly to provide the service. Each processes data on our behalf under a Data Processing Agreement.

AI providers (OpenRouter and downstream model providers): Your messages and agent context are sent to AI model providers via OpenRouter to generate responses. These providers operate primarily in the United States. Transfers rely on EU Standard Contractual Clauses where applicable.

Hetzner (hosting): Application servers and your agent containers are hosted with Hetzner Online GmbH in Germany (EU).

Stripe (payments): Payment processing is handled by Stripe, Inc. See Stripe's Privacy Policy.

Resend (transactional email): We send onboarding and account emails through Resend.

Umami (analytics): We use Umami Cloud for cookieless, aggregate analytics. Umami does not set cookies, does not track individuals across sites, and does not share data with third parties. See Umami's Privacy Policy.

Composio (integrations): When you connect a third-party app (Gmail, Reddit, etc.), Composio brokers the OAuth flow and tool execution. Your tokens are stored encrypted on our servers.

Google (sign-in): When you sign in with Google we receive your email, name, and profile image only.

We do not sell your personal data to anyone.

7. International data transfers

Some processors (AI providers, Stripe, Resend) operate from the United States. Transfers outside the European Economic Area rely on the EU Standard Contractual Clauses or, where applicable, an EU adequacy decision. By using the service you acknowledge these transfers are necessary to provide the platform.

8. Automated decision-making and AI

Your agent runs on large language models. It can take autonomous actions on your behalf (sending messages, posting on social media, executing code) when you grant it permission to do so. This is not automated decision-making with legal effect under GDPR Art. 22 — actions are scoped to features you explicitly enable, and you can disable any integration at any time. AI-generated outputs may be incorrect; review content before publishing.

9. Email communications

We send: welcome email on signup, weekly activity digest (Mondays), inactivity reminders (after 3 days), and subscription notifications. You can stop transactional emails by deleting your account; you can opt out of digest and reminder emails by emailing us.

10. Data retention

Your data is retained while your account is active. On cancellation, agent data (memory, skills, files, conversation history) is preserved for 30 days to allow reactivation, then permanently deleted. Account email and billing records are retained for the period required by tax law (typically 5–10 years depending on jurisdiction). Aggregate analytics in Umami are retained for up to 24 months and contain no personal identifiers.

11. Security

We implement: encrypted connections (HTTPS/TLS), isolated per-user agent containers, encrypted storage of integration tokens, JWT-based authentication, Stripe webhook signature verification, rate limiting, and server-side egress filters that strip internal references from agent responses.

12. Your rights under GDPR

If you are in the European Economic Area, the United Kingdom, or Switzerland, you have the following rights:

Access (Art. 15): obtain a copy of your data. Most of it is visible directly in the dashboard (memory, skills, activity, files).

Rectification (Art. 16): correct inaccurate data. Edit your agent and profile from Settings.

Erasure / "right to be forgotten" (Art. 17): delete your agent or your entire account from Settings. This permanently removes associated data.

Restriction (Art. 18) and objection (Art. 21): you can ask us to restrict processing or object to legitimate-interest-based processing.

Portability (Art. 20): request a machine-readable export by emailing hello@klaws.app.

Withdraw consent (Art. 7): if processing is based on consent, withdraw at any time.

Lodge a complaint (Art. 77): with the data protection authority of your country of residence. The list of EU/EEA authorities is available at edpb.europa.eu.

13. Children's privacy

The Service is not intended for users under 16. We do not knowingly collect data from children. If you believe a child has provided us with personal data, contact us and we will delete it.

14. Changes to this policy

We may update this policy. Material changes are notified by email. The "Last updated" date at the top reflects the most recent revision. Continued use of the Service after changes constitutes acceptance.

15. Contact

Questions, requests, or complaints: hello@klaws.app.