Privacy Policy

TEAM CONTROL is operated by OneTeam ("we", "us"). This policy explains what personal data we collect when you use the Service, why we collect it, and what we do with it. We act as the data controller for your account data and as a processor for the prompts and content you route through your agents.

• Account data: email, display name, hashed password (managed by Supabase Auth), organization name, role.
• Billing data: Stripe customer ID, subscription state, invoice metadata. Card numbers are handled by Stripe and never touch our servers.
• Operational data: VPS IDs and regions, agent configurations, skill definitions, channel pairings (Telegram, WhatsApp, X), provisioning logs, gateway connection state.
• Agent content: prompts, files, memories, terminal output, activity events and AI token usage produced by your agents. Stored encrypted at rest and isolated per organization in Postgres via row-level security.
• Technical logs: request logs, IP address, user agent and error traces, kept for security and debugging.

• To provide, secure and improve the Service.
• To route prompts to upstream AI providers and bill token usage accurately.
• To send account, billing and security notifications.
• To detect and prevent abuse, fraud and violations of our Terms.
• To comply with legal obligations.

We share data with the following sub-processors:

• Supabase — Postgres database and authentication.
• Hetzner Online GmbH — VPS infrastructure where your OpenClaw agents run.
• Stripe — payment processing and invoice storage.
• OneToken AI gateway and upstream model providers — AI inference (Anthropic, Google and others reached through our gateway).
• NATS broker — transport for real-time agent logs, terminal and office streams.

We require sub-processors to provide appropriate security and to process data only on our instructions.

Account data is kept while your account is active and for up to 90 days after closure for billing reconciliation and audit. Agent content (memories, activity events, logs) is kept until you delete it or for the lifetime of the parent VPS. Backups are rotated on a 30-day cycle. Stripe invoices are retained as required by tax law.

Our infrastructure is primarily in the EU (Hetzner) and the US (Supabase, Stripe, AI providers). Where data leaves the EEA we rely on Standard Contractual Clauses or equivalent safeguards.

Depending on where you live (GDPR, UK GDPR, CCPA and similar laws), you have rights to access, correct, export, delete or restrict processing of your personal data, and to withdraw consent. You can exercise most of these from the dashboard or by emailing us. We respond within 30 days.

We use TLS in transit, encryption at rest, row-level security in Postgres, scoped service tokens between team-control and each VPS, and least-privilege access internally. No system is perfectly secure — please tell us promptly if you suspect a vulnerability or breach.

We use strictly-necessary cookies for authentication and session management. We do not use third-party advertising cookies. Browser local storage is used to remember UI preferences such as dismissed banners and selected tabs.

The Service is not directed at children under 18 and we do not knowingly collect data from them.

We will update the "Last updated" date when this policy changes and notify account owners by email for material changes.

For privacy questions or to exercise your rights, email privacy@onetoken.team.