Privacy

How it works

When you send a message, it is routed through the IdleClaw server to a community volunteer node running a local AI model. The volunteer's machine processes your prompt and streams a response back through the server to your browser.

No data is stored

IdleClaw does not store your messages, conversations, or any user data. There are no accounts, no cookies, and no tracking. Messages pass through the server in transit and are not logged or persisted.

What the server logs

The server logs request metadata for operational purposes: which model was requested, timing information, and node ID. Message content is never logged. Rate limiting uses IP addresses, which are held in memory only for the duration of the rate limit window and are not persisted to disk.

Contributor data visibility

Contributors' IP addresses are visible to the server operator but are masked in any admin interfaces (only the first two octets are shown). Contributors are not visible to other users or to each other. The server does not expose contributor identity information through any public API.

Community contributor routing

Your prompts are processed on machines operated by community volunteers. These contributors share their GPU compute to power the network. Node operators can see the full text of your prompts and the model's responses as they are processed on their hardware. Contributors do not have access to a conversation history or user identity — each request is stateless.

What this means for you

Do not send sensitive personal information (passwords, financial details, private keys) through IdleClaw. Treat it like a public conversation — your prompts are processed on community hardware.

Response accuracy

Responses are generated by community volunteer GPUs running open-source AI models. They may be inaccurate, incomplete, or misleading. IdleClaw does not verify the correctness of model outputs. Do not rely on responses for medical, legal, financial, or safety-critical decisions.

Known risks

IdleClaw is an open, community-run network. There are inherent risks you should be aware of:

• Unverified nodes. Contributors run their own hardware. A malicious contributor could theoretically log prompts or return manipulated responses. Most traffic is handled by seed nodes we operate, but community nodes are not audited.
• Basic content filtering. The server applies pattern-based filtering to block obviously harmful content in prompts and responses, but this is not comprehensive content moderation. Models also have their own built-in safety tuning.
• No authentication. There are no user accounts. Anyone can use the chat, and rate limiting is the only abuse protection.