06 · privacy

privacy policy

last updated 2026-04-29

cookiedclaw is open-source software you self-host. There is no central cookiedclaw server that collects, stores, or processes your data. This page covers two things: what this website does with visitors, and what the cookiedclaw software does with data when you run it.

this website

This landing page is static HTML. It loads two fonts from Google Fonts (fonts.googleapis.com, fonts.gstatic.com) — those requests are subject to Google's privacy policy. There are no analytics scripts, no tracking pixels, no cookies set by this page, and no first-party fingerprinting.

The site is hosted on Vercel. Vercel may log standard request metadata (IP address, user agent, timestamp) for operational and abuse-prevention purposes per their own policy. We do not access or correlate those logs.

the cookiedclaw software

When you install and run cookiedclaw, it runs entirely on infrastructure you control — your Raspberry Pi, server, or laptop. Nothing in the runtime phones home to the project's maintainers. Specifically:

Telegram — the bot connects to Telegram's Bot API to send and receive messages on your behalf. Whatever you and your paired users type to the bot is delivered to Telegram per their own privacy policy.
Anthropic — Claude Code runs against Anthropic's API. Prompts, attachments, and responses are processed under Anthropic's privacy policy and the terms of your own Claude account.
Local storage — chat state, paired-user IDs, downloaded attachments, conversation history, and supervisor logs live on your machine under ~/.cookiedclaw/ and Claude Code's own data directory. The cookiedclaw maintainers cannot see any of this.
Update check — on each MCP session init the gateway pings api.github.com/repos/cookiedclaw/cookiedclaw/releases/latest once an hour to check for a newer release. GitHub receives standard request metadata; cookiedclaw does not.
Telemetry — none. There is no error reporting, no crash upload, no usage metrics endpoint operated by the project.

operator responsibilities

If you run cookiedclaw and let other people pair to your bot, you are the data controller for their messages and metadata under most privacy regimes. You are responsible for telling paired users what data you retain locally, how long, and what third-party services (Telegram, Anthropic, any MCP servers you wire in) the bot routes their messages through.

cookiedclaw does not offer a hosted service. If someone offers you a cookiedclaw-as-a-service, that is not us — ask them for their own privacy policy.

third parties referenced from the site

The landing links to GitHub, Anthropic's documentation, and a handful of comparison vendors. Following those links sends you to the linked site under their own terms. We do not embed any third-party iframes, pixels, or share buttons.

contact

Questions, complaints, or takedown requests: open an issue at github.com/cookiedclaw/cookiedclaw.

cookiedclaw · mmxxvi ← back to home