AI Team OS

Privacy Policy

Last updated: February 14, 2026

1. Who We Are

AI Team OS is operated by Digital Central Pty Ltd (“we”, “us”, or “our”), registered in the Republic of Seychelles. We provide managed AI agent deployment and hosting services powered by OpenClaw. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website and Service. If you do not agree with the terms of this Privacy Policy, please do not access or use the Service.

2. Information We Collect

2.1 Information You Provide Directly

  • Account information: Email address for authentication and communication
  • Deployment configuration: Agent name, personality settings, and Telegram bot token
  • Telegram User ID: Your numeric Telegram identifier, used to configure secure access to your AI agent
  • Billing information: Processed securely by Polar.sh and Stripe — we never see or store your full card details. We may receive the last four digits, card brand, and expiration date for your records
  • Communications: Content of emails and support messages you send to us
  • Instance data: Configurations, files, and data you store on your managed server as part of using the Service

2.2 Information Collected Automatically

When you access or use the Service, we may automatically collect:

  • Log data: IP address, browser type and version, operating system, referring/exit pages, date/time stamps
  • Device information: Device type, screen resolution, and hardware model
  • Usage data: Pages visited, features used, deploy success rates, and interaction patterns
  • Location data: Approximate geographic location based on your IP address. We do not collect precise GPS location data

2.3 Information from Third Parties

We may receive information about you from third-party services you use to log in (e.g., Google OAuth), or from our payment processor regarding the status of your transactions.

3. How We Use Your Information

3.1 To Provide and Maintain the Service

  • Create and manage your account
  • Provision, configure, and maintain your dedicated cloud server
  • Process payments and manage your subscription
  • Provision and manage AI credits via OpenRouter
  • Provide customer support and respond to inquiries

3.2 To Improve the Service

  • Analyze usage patterns to improve user experience
  • Identify and fix bugs and performance issues
  • Develop new features and functionality

3.3 To Communicate With You

  • Send transactional communications (billing receipts, account confirmations)
  • Notify you of service updates, maintenance windows, and security alerts
  • Send promotional communications about new features (you can opt out at any time)

3.4 To Ensure Security

  • Detect, investigate, and prevent fraudulent or unauthorized access
  • Monitor for abuse of the Service and violations of our Terms
  • Protect the rights, property, and safety of our users and the public

4. API Keys & Credentials

Your Telegram bot token is used during initial server setup and stored securely on your dedicated server only. When using Bring Your Own Keys (BYOK):

  • Your API keys are stored on your dedicated server only
  • We do not access, log, transmit, or share your API keys
  • Keys are configured locally on your server via SSH or Telegram commands

When using our managed AI credits, we provision a dedicated OpenRouter API key for your server. This key is scoped to your instance only with a monthly credit limit.

5. Your Server & Conversations

Each customer gets a dedicated, isolated virtual private server. Your AI conversations, memory files, and personal data stay on your server.

  • We have SSH access for maintenance and support purposes only
  • We do not read, analyze, monitor, or share your conversations
  • Your conversations are processed by the AI provider (e.g., Anthropic, OpenAI) according to their own privacy policies
  • We do not have access to conversation content — it flows directly between your server and the AI provider

6. Cookies & Tracking

We use the following types of cookies and tracking technologies:

  • Essential cookies: Required for authentication and session management. Cannot be disabled.
  • Analytics: We use Umami (privacy-focused, cookieless analytics) to understand usage patterns. No personally identifiable information is collected.
  • Affiliate tracking: If you arrive via an affiliate link, a cookie may be set to attribute the referral. This cookie contains only the referral identifier.

We do not use advertising cookies or sell your data to advertisers.

7. Third-Party Services

The Service integrates with the following third-party services, each with their own privacy policies:

  • Polar.sh / Stripe: Payment processing and subscription management
  • Hetzner: Server infrastructure (EU data centers — Helsinki, Finland and Nuremberg, Germany)
  • OpenRouter: AI model routing for managed credit users
  • Cloudflare: DNS, CDN, and security services
  • Telegram: Messaging platform for agent communication
  • Google: OAuth authentication (sign-in only)
  • Umami: Privacy-focused web analytics
  • Vercel: Website hosting
  • Convex: Application database
  • Affonso: Affiliate program management and tracking

We encourage you to review the privacy policies of these providers.

8. Data Storage & International Transfers

Your data may be processed and stored in multiple jurisdictions:

  • Your AI server: Hosted on Hetzner in the European Union (Finland or Germany)
  • Account & billing data: Stored on Convex (United States) and Polar.sh/Stripe infrastructure
  • Website: Served via Vercel and Cloudflare (global CDN)
  • Company: Digital Central Pty Ltd is registered in the Republic of Seychelles

By using the Service, you consent to the transfer of your information to these jurisdictions, which may have different data protection laws than your country of residence. We take reasonable measures to ensure your data is treated securely and in accordance with this Privacy Policy.

9. Legal Basis for Processing (EEA/UK Users)

If you are located in the European Economic Area (EEA) or the United Kingdom, we process your personal data on the following legal grounds:

  • Contract performance: Processing necessary to provide the Service you have subscribed to (account management, server provisioning, payment processing)
  • Legitimate interests: Processing necessary for our legitimate business interests, such as improving the Service, analytics, and fraud prevention, provided these interests are not overridden by your rights
  • Consent: Where you have given explicit consent, such as receiving promotional communications. You may withdraw consent at any time
  • Legal obligation: Where processing is necessary to comply with applicable laws

10. Data Retention

  • Active accounts: Data is retained while your subscription is active
  • After cancellation: Your server and all data on it are permanently deleted within 30 days after your paid period ends
  • Account records: Basic account information (email, billing history) may be retained for up to 7 years for legal and tax purposes
  • Analytics data: Aggregated, anonymized analytics are retained indefinitely

You can request immediate deletion by contacting us.

11. Your Rights

Depending on your jurisdiction, you may have the following rights:

  • Access: Request a copy of the personal data we hold about you
  • Correction: Request correction of inaccurate personal data
  • Deletion: Request deletion of your personal data
  • Portability: Request your data in a structured, machine-readable format
  • Objection: Object to processing based on legitimate interests
  • Restriction: Request restriction of processing in certain circumstances
  • Withdraw consent: Where processing is based on consent, withdraw it at any time

You can export your server data at any time via SSH. For any privacy-related requests, contact us at digital@central.sc. We will respond within 30 days.

12. Children's Privacy

The Service is not intended for users under 18 years of age. We do not knowingly collect personal data from children. If we become aware that we have collected data from a child, we will take steps to delete it promptly.

13. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via email at least 30 days before taking effect. The “Last updated” date at the top reflects the most recent revision.

14. Contact

For privacy inquiries or to exercise your rights, contact Digital Central Pty Ltd at digital@central.sc.