Privacy Policy

Effective date: 16 February 2025 · Last updated: 16 February 2025

Ellul AI (“we”, “us”, “our”) operates the ellul.ai website, the ellul.ai cloud platform, and the ZeroClaw mobile application (collectively, the “Services”). This Privacy Policy explains what information we collect, how we use it, and the choices you have.

1. Information We Collect

Account Information

When you create an account, we collect your name, email address, and authentication credentials provided through third-party sign-in providers (such as GitHub or Google). We do not store passwords directly.

Usage Data

We collect basic usage telemetry to operate and improve the Services, including server provisioning events, session duration, feature usage, and error logs. This data is associated with your account but does not include the content of your code or terminal sessions.

Device Information

When you use the ZeroClaw mobile application, we may collect device type, operating system version, and application version for diagnostics and compatibility purposes.

Payment Information

Payment processing is handled entirely by our third-party payment processor (Stripe). We do not store credit card numbers or bank account details on our servers. We receive only a transaction reference and subscription status.

2. Information We Do Not Collect

API Keys

Your API keys for third-party services (such as Anthropic, OpenAI, or OpenRouter) are stored locally on your device or within your provisioned server. They are never transmitted to or stored on ellul.ai infrastructure.

Code & Files

The content of your source code, files, and terminal sessions lives on your provisioned server. We do not access, read, or analyse your code.

Cryptographic Keys

Sovereign key pairs are generated on your device. Only the public key is transmitted to our servers for authentication purposes. We never have access to your private key.

3. How We Use Your Information

  • To provision, operate, and maintain your cloud development environment.
  • To authenticate your identity and secure access to your account.
  • To process payments and manage subscriptions.
  • To send transactional communications (e.g., account verification, billing receipts, security alerts).
  • To diagnose technical issues and improve reliability.
  • To comply with legal obligations.

4. Third-Party Services

The Services integrate with third-party providers. When you choose to use these integrations, your interactions with those providers are governed by their respective privacy policies:

AnthropicAI model provider (Claude)
OpenAIAI model provider
OpenRouterAI model routing
GitHubAuthentication & Git hosting
GoogleAuthentication
StripePayment processing
Hetzner / DigitalOceanCloud infrastructure
CloudflareCDN & DNS

We do not sell, rent, or share your personal information with third parties for their marketing purposes.

5. Data Storage & Security

Account data is stored on infrastructure within the European Union. Your provisioned servers are hosted in the region you select at creation time. We use industry-standard security measures including TLS encryption in transit, encrypted volumes at rest, and least-privilege access controls.

While we take every reasonable precaution to protect your data, no method of electronic transmission or storage is 100 % secure. We cannot guarantee absolute security.

6. Data Retention

We retain your account information for as long as your account is active. When you delete your account, we remove your personal data within 30 days, except where retention is required by law or to resolve disputes. Server volumes and associated data are destroyed when a server is terminated.

7. Children's Privacy

The Services are not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided us with personal information, please contact us and we will take steps to delete that information promptly.

8. Your Rights

Depending on your jurisdiction, you may have the right to access, correct, delete, or port your personal data, as well as the right to restrict or object to certain processing. To exercise any of these rights, please contact us at legal@ellul.ai. We will respond within 30 days.

9. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will revise the “Last updated” date at the top of this page. For material changes, we will notify you by email or through a prominent notice within the Services.

10. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us at legal@ellul.ai.

← Back to ellul.ai