English
中文English日本語

Extension Privacy Policy

Summary

OpenClaw Browser Extension is a client for a user-configured OpenClaw Gateway. It stores local extension settings and sends chat requests only to the Gateway URL that the user enters in the extension settings.

Data the extension processes

The extension may process:

  • Gateway connection settings entered by the user, including Base URL and optional Gateway token or password
  • Chat prompts and model responses
  • Files or images that the user explicitly attaches
  • Local conversation history stored in browser extension storage
  • Basic request metadata needed to send a request to the configured Gateway, such as model, agent ID, and session key

How data is used

The extension uses this data only to:

  • Connect to the user-configured OpenClaw Gateway
  • Send chat and attachment requests requested by the user
  • Save local settings and conversation state inside the browser extension storage area
  • Show optional redacted image-debug information inside the settings page

Where data is sent

The extension sends request data only to the OpenClaw Gateway URL configured by the user. The extension does not send user data to any vendor-operated relay service owned by this repository.

Data sharing

The extension does not sell user data. The extension does not share user data with third parties except by sending requests to the user-configured OpenClaw Gateway as part of normal operation.

Data storage

Settings, local conversation history, and optional image-debug data are stored locally using browser extension storage. This data remains on the user’s device unless the browser syncs extension data as part of the user’s own browser account settings.

Sensitive information

If the user enters a Gateway token or password, that value is stored in extension storage and is used only to authenticate requests to the configured Gateway. The extension does not expose that credential to web pages.

User controls

Users can:

  • Update or delete saved settings in the extension options page
  • Delete local conversation history by clearing extension storage or removing the extension
  • Remove attached files before sending requests
  • Uninstall the extension at any time

Security

The extension does not inject a webpage bridge for reading settings or credentials from arbitrary websites. Requests are initiated from extension pages and the background service worker only.

Scroll to Top