Privacy Policy

1. Introduction

RunTheAgent ("Company", "we", "us", "our"), a company organized under the laws of the State of Illinois, United States, is committed to protecting your privacy. This Privacy Policy ("Policy") describes how we collect, use, disclose, and safeguard your information when you visit our website at https://runtheagent.com (the "Site") and use our managed hosting services for OpenClaw (previously known as MoltBot and ClawdBot), including all related tools, APIs, dashboards, and integrations (collectively, the "Services").

Please read this Privacy Policy carefully. By accessing or using the Services, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with the terms of this Privacy Policy, please do not access or use the Services.

This Privacy Policy applies to all users of the Services, including visitors, registered users, and paying subscribers.

2. Information We Collect

We collect information in several ways depending on how you interact with our Services.

2.1 Information You Provide Directly

We may collect the following information that you provide to us voluntarily:

• Account Information: Name, email address, username, password, and other credentials used to create or authenticate your account.
• Payment Information: Billing address, payment card details, and transaction history. Note: Payment card information is processed by our third-party payment processors and is not stored directly by us.
• Profile Information: Any additional information you choose to add to your account profile.
• Communications: Information you provide when you contact us for support, submit feedback, or communicate with us through any channel.
• AI Agent Configuration Data: Settings, preferences, prompts, skills, and configurations you create for your AI agent instances.
• User Content: Any content, data, or materials you upload, transmit, or store through the Services, including documents, files, and messages processed by your AI agents.

2.2 Information Collected Automatically

When you access or use the Services, we automatically collect certain information, including:

• Device Information: Device type, operating system, browser type and version, screen resolution, and device identifiers.
• Log Data: IP address, access times, pages viewed, referring URL, click-stream data, and other diagnostic data.
• Usage Data: Information about how you interact with the Services, including features used, actions taken, session duration, and frequency of use.
• Location Data: Approximate geographic location based on your IP address.
• Cookies and Similar Technologies: We use cookies, web beacons, pixels, and similar tracking technologies to collect information about your browsing behavior. See Section 7 (Cookies and Tracking Technologies) for more details.

2.3 Information from Third Parties

We may receive information about you from third-party sources, including:

• Authentication Providers: If you sign in using a third-party service (e.g., Google, GitHub), we may receive your name, email address, and profile picture from that provider.
• Payment Processors: We receive transaction confirmations and billing-related information from our payment processing partners.
• Analytics Providers: We receive aggregated and de-identified analytics data from services such as Google Analytics and Microsoft Clarity.
• Messaging Platforms: When you integrate your AI agent with platforms like WhatsApp, Telegram, Discord, or Slack, we may receive metadata necessary to facilitate those integrations (such as channel identifiers and message delivery confirmations).

2.4 AI Agent Data

When you deploy AI agents through our Services, your agent may process various types of data, including messages received from end-users, documents, web content, and other inputs. While we provide the infrastructure for hosting your AI agent, you are solely responsible for the data processed by your agent. We do not monitor, review, or use the content of messages processed by your AI agents except as necessary to provide, maintain, and improve the Services, or as required by law.

3. How We Use Your Information

We use the information we collect for the following purposes:

• Provide and Maintain the Services: To operate, deliver, and maintain the Services, including processing transactions, managing accounts, and deploying AI agent instances.
• Improve the Services: To understand usage patterns, diagnose technical issues, and develop new features and improvements.
• Personalization: To personalize your experience and deliver content relevant to your interests.
• Communication: To send you transactional emails, service updates, technical notices, security alerts, and support messages. We may also send promotional communications if you have opted in to receive them.
• Billing and Payments: To process payments, manage subscriptions, and send invoices and billing-related communications.
• Security: To detect, prevent, and address fraud, abuse, security incidents, and technical issues.
• Legal Compliance: To comply with applicable laws, regulations, legal processes, or government requests.
• Analytics: To analyze trends, track user engagement, and measure the effectiveness of our marketing campaigns.
• Customer Support: To respond to your inquiries, troubleshoot problems, and provide technical assistance.
• Enforce Our Terms: To enforce our Terms of Service and other agreements.

4. Legal Bases for Processing

We process your personal information based on the following legal grounds:

• Contractual Necessity: Processing is necessary for the performance of our contract with you (i.e., providing the Services you have subscribed to).
• Legitimate Interests: Processing is necessary for our legitimate interests, such as improving our Services, preventing fraud, and marketing, provided these interests are not overridden by your rights.
• Consent: Where you have given us explicit consent to process your personal information for specific purposes, such as receiving marketing communications.
• Legal Obligation: Processing is necessary to comply with applicable laws and regulations.

5. How We Share Your Information

We do not sell your personal information. We may share your information in the following circumstances:

5.1 Service Providers

We may share your information with third-party service providers who perform services on our behalf, including but not limited to:

• Cloud infrastructure providers (e.g., Google Cloud Platform)
• Payment processors and billing services
• Analytics providers (e.g., Google Analytics, Microsoft Clarity)
• Email service providers
• Customer support platforms
• Authentication providers

These service providers are contractually obligated to use your information only as necessary to perform services on our behalf and to maintain the confidentiality and security of your data.

5.2 Legal Requirements

We may disclose your information if required to do so by law or in response to valid legal requests, including subpoenas, court orders, or government demands. We may also disclose your information when we believe in good faith that disclosure is necessary to:

• Comply with applicable laws or regulations.
• Protect the rights, property, or safety of RunTheAgent, our users, or the public.
• Detect, prevent, or address fraud, security, or technical issues.
• Enforce our Terms of Service.

5.3 Business Transfers

If RunTheAgent is involved in a merger, acquisition, asset sale, bankruptcy, reorganization, or similar transaction, your information may be transferred as part of that transaction. We will notify you via email and/or a prominent notice on our Site of any change in ownership or uses of your personal information, as well as any choices you may have.

5.4 With Your Consent

We may share your information with third parties when you have given us your explicit consent to do so.

6. Data Retention

We retain your personal information for as long as your account is active or as needed to provide you with the Services. We may also retain and use your information as necessary to:

• Comply with our legal obligations.
• Resolve disputes and enforce our agreements.
• Maintain business records as required by applicable law.
• Prevent fraud and abuse.

When we no longer need your personal information for the purposes outlined in this Policy, we will securely delete or anonymize it. Specifically:

• Account Data: Retained for the duration of your account and up to 30 days after account deletion.
• AI Agent Data: Agent configurations and associated data are deleted within 30 days of instance termination or account deletion.
• Payment Records: Retained for up to 7 years as required by tax and financial regulations.
• Log Data: Automatically purged after 90 days.
• Analytics Data: Retained in aggregated, anonymized form indefinitely.

7. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to collect and track information about your use of the Services. Cookies are small data files stored on your device.

7.1 Types of Cookies We Use

• Essential Cookies: Necessary for the Services to function properly, including authentication, security, and session management. These cannot be disabled.
• Analytics Cookies: Help us understand how visitors interact with our Services by collecting information about pages visited, time spent, and navigation patterns. We use Google Analytics and Microsoft Clarity for this purpose.
• Functional Cookies: Enable enhanced functionality and personalization, such as remembering your preferences and settings (e.g., dark mode).
• Marketing Cookies: Used to track visitors across websites and display relevant advertisements. We use Google Tag Manager to manage these cookies.

7.2 Managing Cookies

Most web browsers allow you to control cookies through their settings. You can set your browser to refuse all cookies, accept only certain cookies, or delete cookies that have already been set. Please note that disabling cookies may affect the functionality of certain parts of the Services.

7.3 Do Not Track

Some browsers include a "Do Not Track" (DNT) feature that signals to websites that you do not want your online activity tracked. There is currently no universally accepted standard for how companies should respond to DNT signals. At this time, we do not respond to DNT signals; however, we respect your choices regarding cookies as described above.

8. Data Security

We implement commercially reasonable technical, administrative, and organizational security measures designed to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include, but are not limited to:

• Encryption of data in transit using TLS/SSL protocols.
• Encryption of sensitive data at rest.
• Isolated cloud infrastructure for each AI agent instance to prevent cross-contamination.
• Regular security audits and vulnerability assessments.
• Access controls and authentication mechanisms.
• Employee training on data protection practices.

However, no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security. You are responsible for maintaining the confidentiality of your account credentials and for any activity that occurs under your account.

9. Your Rights and Choices

Depending on your location, you may have certain rights regarding your personal information. These rights may include:

9.1 Access and Portability

You have the right to request access to the personal information we hold about you and to receive a copy of your data in a structured, commonly used, and machine-readable format.

9.2 Correction

You have the right to request correction of inaccurate or incomplete personal information we hold about you.

9.3 Deletion

You have the right to request deletion of your personal information, subject to certain exceptions required by law (such as for legal compliance or fraud prevention purposes).

9.4 Opt-Out of Marketing Communications

You may opt out of receiving promotional communications from us by clicking the "unsubscribe" link in any promotional email or by contacting us. Please note that you may still receive transactional or service-related communications even after opting out of marketing emails.

9.5 Restriction of Processing

You have the right to request that we restrict the processing of your personal information under certain circumstances.

9.6 Objection

You have the right to object to the processing of your personal information based on our legitimate interests.

9.7 Exercising Your Rights

To exercise any of these rights, please contact us using the information provided in the Contact Information section below. We will respond to your request within 30 days (or within the time frame required by applicable law). We may request verification of your identity before processing your request.

10. Illinois-Specific Privacy Rights

10.1 Illinois Biometric Information Privacy Act (BIPA)

We do not collect, capture, purchase, receive through trade, or otherwise obtain any biometric identifiers or biometric information as defined by the Illinois Biometric Information Privacy Act (740 ILCS 14), including fingerprints, voiceprints, retina or iris scans, hand scans, face geometry, or any other biometric data. If our practices change in the future, we will update this Privacy Policy and obtain any required consent before collecting biometric information.

10.2 Illinois Personal Information Protection Act (PIPA)

In compliance with the Illinois Personal Information Protection Act (815 ILCS 530), we implement and maintain reasonable security measures to protect your personal information from unauthorized access, use, modification, or disclosure. In the event of a data breach involving your personal information, we will notify you as required by Illinois law in the most expedient time possible and without unreasonable delay.

11. California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA):

• Right to Know: You have the right to request information about the categories and specific pieces of personal information we have collected about you, the categories of sources, the purposes for collection, and the categories of third parties with whom we share it.
• Right to Delete: You have the right to request deletion of your personal information, subject to certain exceptions.
• Right to Correct: You have the right to request correction of inaccurate personal information.
• Right to Opt-Out of Sale/Sharing: We do not sell your personal information. We do not share your personal information for cross-context behavioral advertising.
• Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights.
• Right to Limit Use of Sensitive Personal Information: We only use sensitive personal information for purposes authorized by the CCPA/CPRA.

To exercise your rights under the CCPA/CPRA, please contact us using the information in the Contact Information section. You may also designate an authorized agent to make a request on your behalf.

12. European Privacy Rights (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have additional rights under the General Data Protection Regulation (GDPR) or equivalent local legislation:

• The right to access, rectify, erase, restrict processing, or port your personal data.
• The right to object to processing based on legitimate interests.
• The right to withdraw consent at any time.
• The right to lodge a complaint with your local data protection authority.

When we transfer personal data outside the EEA, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission.

13. Children's Privacy

The Services are not intended for children under the age of 18. We do not knowingly collect personal information from children under 18. If you are a parent or guardian and you are aware that your child has provided us with personal information, please contact us immediately. If we become aware that we have collected personal information from a child under 18 without verification of parental consent, we will take steps to delete that information promptly.

14. International Data Transfers

Your information may be transferred to, stored, and processed in the United States or other countries where our service providers operate. These countries may have data protection laws that are different from the laws of your country of residence.

By using the Services, you consent to the transfer of your information to the United States and other jurisdictions as described in this Privacy Policy. We take appropriate steps to ensure that your personal information receives an adequate level of protection in the jurisdictions in which we process it.

15. Data Breach Notification

In the event of a data breach that compromises the security, confidentiality, or integrity of your personal information, we will:

• Investigate and take immediate steps to contain and remediate the breach.
• Notify affected individuals as required by applicable law, including the Illinois Personal Information Protection Act.
• Notify relevant regulatory authorities where required by law.
• Provide information about the nature of the breach and steps you can take to protect yourself.

16. Third-Party Analytics and Advertising

We use the following third-party services to help us understand how our Services are used:

• Google Analytics: Collects anonymized usage data to help us understand website traffic and usage patterns. You can opt out by installing the Google Analytics Opt-out Browser Add-on.
• Google Tag Manager: Used to manage analytics and marketing tags on our website.
• Microsoft Clarity: Records user interaction data (such as mouse movements, clicks, and scrolls) to help us understand how users interact with our website. Clarity does not collect personal information. Learn more at Microsoft Clarity.

17. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make material changes, we will:

• Update the "Last Updated" date at the top of this Policy.
• Notify you by email or through a prominent notice on our Site prior to the change becoming effective.
• Where required by law, obtain your consent before applying material changes.

We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information.

18. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: