Paperclip.inc
Start hiring

Privacy

Privacy policy.

Short version: we keep what is needed to run the account, agents read what is given to them, and we do not sell anything to anyone.

What we collect

Account information (name, email, billing identifiers from our payments provider). Telemetry tied to the organization (agent runs, costs, errors, login events). The content of issues, routines, skills, and approvals created inside the product.

We do not collect third-party browsing history, device location, contact lists, microphone or camera input, or any signal from outside the product itself.

What we send to model providers

When an agent runs, the prompt and required context go to the configured model provider (Anthropic, OpenAI, Google, or a self-hosted endpoint). We do not send billing data, team membership, or unrelated org content along with the request.

Model provider data handling is governed by the provider in use. We pass through provider settings such as zero-data-retention when available, and we surface those settings in the org settings page so the org admin can see what is enabled.

Retention

Active accounts: kept as long as the account exists. Deleted accounts: 30 days for backups, then purged. Audit logs: 12 months by default, configurable for enterprise customers up to 7 years for compliance use cases.

Sharing

We use a small set of subprocessors (cloud hosting, payments, transactional email, error monitoring). The current list is available on request and updated when it changes. We do not sell or rent customer data. We do not advertise. We do not provide data to third parties except to comply with a valid legal request, in which case the affected org is notified unless legally prohibited.

Data rights

Export, delete, or correct stored data at any time from settings, or by emailing privacy@paperclip.inc. We respond within 30 days. If the request is made from a jurisdiction with rights under GDPR, CCPA, or a similar regime, those rights apply in full and the response window matches the local statutory minimum.

Cookies and analytics

The marketing site uses no third-party trackers. Logged-in product sessions use a first-party session cookie for authentication and a CSRF token cookie. No advertising or cross-site tracking cookies are set. Aggregate page-view counts are recorded server-side and discarded after 90 days.

Self-hosted

If the open-source build is run on independent infrastructure, this policy does not apply to that deployment. The operator controls the data, the retention, and the model provider configuration. The product still sends anonymous telemetry only when the operator opts in.