Privacy Policy

sidanclaw ("we", "us", "our") is operated by Sidan Lab. This policy explains what data we collect when you use sidanclaw at sidan.ai and through connected messaging platforms, how we use it, and your rights.

1. What we collect

Account information

sidanclaw uses Google OAuth 2.0 for authentication. When you sign in, we receive your name, email address, and profile picture from your Google account. We use this solely to create and identify your account. We do not receive or store your Google password.

Conversations and memory

sidanclaw stores your conversation messages and the memories it extracts from them. Memories are structured summaries of your preferences, facts, and context. They are what allow the assistant to improve over time. Conversations and memories are associated with your account and are not shared with other users.

Connected services (optional)

If you connect third-party services such as Google Calendar, Gmail, Notion, or Slack, we access only the data required to perform the actions you request. Specifically:

• Google Calendar: read and manage calendar events and tasks on your behalf.
• Gmail: compose and send emails on your behalf. We do not read or access your inbox.
• Google Docs, Sheets & Slides: read and edit documents, spreadsheets, and presentations that you share with the assistant via link. We do not browse or search your Google Drive.
• Notion: read and write pages in workspaces you authorize.
• Slack: read and send messages in workspaces you authorize.
• Threads (Meta): create and publish posts, manage replies to your posts (hide/unhide), view mentions of your account, access engagement insights (views, likes, shares, comments, follower metrics) for posts you own, and delete your own posts or replies on your request. We do not access your private messages or inbox.
• X (Twitter): create and publish tweets, monitor replies and @-mentions, access public engagement metrics (impressions, likes, reposts, bookmarks), read your recent tweets for voice calibration when you request it, and read tweets from Lists you specify for content inspiration. We do not access your direct messages.

We do not bulk-download, index, or train on data from connected services. Responses from connected services may be briefly cached (up to 24 hours) to reduce redundant API calls and improve performance; these caches expire automatically. Access tokens are stored encrypted and can be revoked at any time from your settings.

Analytics

We collect anonymous, metadata-only analytics events (e.g., feature usage counts, error rates, response latency) to improve the service. Analytics events do not contain message content or personal data.

2. How we use your data

• To provide and improve the sidanclaw assistant service.
• To build and maintain your workspace's memory and knowledge graph across conversations so the assistant becomes more helpful over time.
• To execute actions you request through connected services (sending emails, creating calendar events, etc.).
• To diagnose errors and improve reliability using anonymous analytics.

We do not sell your data. We do not use your conversations or memories to train AI models.

3. Data storage and security

Your data is stored in Google Cloud Platform (GCP) infrastructure in the Asia-East region. Databases are encrypted at rest and in transit. Access to production systems is restricted to authorized personnel with multi-factor authentication.

We retain your data for as long as your account is active. When you delete your account, all associated data (conversations, memories, connector tokens) is permanently deleted within 30 days.

4. Data sharing

We share data with third parties only in the following cases:

• AI model provider: your conversation messages are sent to Google's Gemini API to generate responses. Google processes this data under its API terms and does not retain it for training.
• Connected services: when you use a connector, relevant data is sent to that service to execute your request (e.g., sending an email via Gmail).
• Meta Platforms (Threads connector): when you use the Threads connector, your post content and reply actions are sent to Meta's Graph API to execute your request. Meta processes this data under its Platform Terms.
• X Corp (X connector): when you use the X connector, your tweet content and reply actions are sent to X's API v2 to execute your request. X processes this data under its Developer Agreement.
• Legal requirements: we may disclose data if required by law or to protect our rights.

5. Google API Services User Data Policy

sidanclaw's use and transfer of information received from Google APIs to any other app adheres to the Google API Services User Data Policy, including the Limited Use requirements.

Specifically, sidanclaw:

• Only uses Google user data to provide and improve user-facing features visible to you.
• Does not transfer Google user data to third parties except as necessary to provide the service, with your explicit consent, or for security/legal purposes.
• Does not use Google user data for serving advertisements.
• Does not allow humans to read your Google user data unless you provide affirmative consent, it is necessary for security purposes (e.g., investigating abuse), or it is required by law.

6. Meta Platform Terms (Threads)

sidanclaw's use of the Threads API adheres to the Meta Platform Terms and the Threads API Terms of Service.

Specifically, sidanclaw:

• Only uses Threads user data to provide the features you request (publishing, reply management, mention monitoring, insights, deletion).
• Does not transfer Threads user data to third parties except as necessary to execute your requests or as required for security/legal purposes.
• Does not use Threads user data for advertising or to train AI models.
• Does not allow humans to read your Threads data without your explicit consent, unless required for security investigation or by law.
• Stores Threads access tokens encrypted at rest; when you disconnect Threads from the feed app at feed.sidan.ai, the encrypted token, Threads handle, and connection metadata are permanently deleted (not merely deactivated) and the mention poller for that account is stopped immediately. The audit log of prior Threads activity is retained while your sidanclaw account is active and is permanently deleted when you delete your account.

7. X Developer Agreement

sidanclaw's use of the X API adheres to the X Developer Agreement and Policy.

Specifically, sidanclaw:

• Only uses X user data to provide the features you request (publishing, reply and mention monitoring, engagement analytics, voice calibration, content inspiration).
• Does not redistribute, sell, or sublicense tweet data.
• Does not use X user data for advertising or to train AI models.
• Does not cache or store tweet content beyond what is required for a single operation; engagement metrics may be cached briefly (up to 24 hours) to reduce redundant API calls.
• Stores X access tokens encrypted; you can revoke access at any time from Settings > Connectors.

8. Your rights

Delete your memories

You can delete individual memories or all memories at any time from Settings > Privacy in the app.

Delete your account

You can delete your entire account and all associated data (conversations, memories, connected service tokens) from Settings > Privacy. Deletion is permanent and cannot be undone. For step-by-step instructions accessible without signing in, see our Data Deletion Instructions page.

Revoke connected services

You can disconnect any connected service at any time from Settings > Connectors. This revokes our access and deletes the stored access token.

Export your data

Contact us at contact@sidan.io to request an export of your data.

9. Cookies

We use essential cookies only: authentication tokens and session identifiers. We do not use third-party tracking cookies or advertising pixels.

10. Children

sidanclaw is not intended for children under 13. We do not knowingly collect data from children.

11. Changes to this policy

We may update this policy from time to time. Material changes will be communicated through the app. The "last updated" date at the top of this page reflects the most recent revision.

12. Contact

For questions about this policy or your data, contact us at contact@sidan.io. See also our Terms of Service.