1. TL;DR
Clauge is enterprise workplace software provided to your organization. Signing in is required, via your organization's single sign-on (currently Microsoft Entra ID). We store your work profile (name, work email, organization membership, role) and your application data — workspace notes and boards, SSH connection profiles, database connection configurations, REST collections, and AI conversation history — in our cloud so it syncs across your devices and can be shared within your organization. Connection secrets and credentials are stored encrypted.
Because Clauge is administered by your organization, your organization's administrator can see usage information about you — per-user and per-mode usage metrics, your app version, your online status, and audit logs (see section 4). We do not sell your data, we do not show advertising, and we do not run third-party analytics or trackers inside the app.
Data is hosted on enterprise-grade cloud infrastructure provided by Amazon Web Services, with primary data storage in data centers located in India, and delivered globally via a content delivery network.
2. You, your organization, and us
Clauge is provisioned to organizations under a commercial agreement; there is no individual signup. For data managed through your organization's Clauge tenant — your account, your workspace data, usage records — your organization is typically the data controller and we process that data on its behalf and under its instructions. Your organization's administrator decides who may access Clauge, what is provisioned or shared, and how its policies apply to your use.
For requests about your data, contact your organization's administrator first; you can also contact us directly (see Contact) and we will assist, coordinating with your organization where required.
3. What we collect
| Category | Examples | Source |
|---|---|---|
| Account data | Name, work email address, organization membership, role | Your organization's identity provider (e.g. Microsoft Entra ID) during single sign-on |
| Application data | Workspace notes and boards, SSH connection profiles, database connection configurations, REST collections and requests, AI conversation history. Connection secrets and credentials are stored encrypted. | Created by you (or pre-provisioned by your administrator) in the app; stored in our cloud database so it syncs across devices and can be shared within your organization |
| AI usage metadata | Model used, token counts (including cache metrics), response times, recorded per user | Our backend, when you use AI features (see §5) |
| Usage & telemetry | Per-user and per-mode feature-usage metrics, application version, operating system, session/online status | The desktop app and our backend |
| Audit logs | Records of significant account and administrative actions | Our backend |
| Operational logs | Request IP, timestamp, request path, response status — for security, rate-limiting, and abuse prevention | Our infrastructure, retained briefly |
The app also caches your data locally on your device so that it remains usable while you are offline; the server is the source of truth, and the cache syncs when connectivity returns.
4. What your organization can see
Clauge is workplace software managed by your employer or organization. Be aware that your organization's administrator can see, for users in their organization:
- Usage metrics — per user in total and broken down per mode (e.g. REST, database, SSH, workspace, AI)
- Application version each user is running
- Online status — whether a user is currently connected
- Audit information — logs of significant account and administrative actions
Administrators can also manage and view resources shared within the organization and pre-provision resources (such as connection profiles or notes) to user accounts. How your organization uses this information is governed by its own policies; ask your administrator if you have questions.
5. AI features
AI requests are processed through our backend using the AI provider account and keys configured by your organization's administrator. When you use an AI feature, your prompts and the relevant context are transmitted to the applicable AI model provider (for example, Anthropic, or another provider your administrator configures) in order to generate a response.
We record AI usage metadata per user — model, token counts (including cache metrics), and response times — and we may retain prompt and response content server-side for service operation and organization administration. We do not sell this content and we do not use it to train AI models. The AI model provider processes your prompts under its own terms, as configured by your organization.
6. Clauge mobile apps (iOS & Android)
The Clauge mobile apps are companions to the Clauge desktop app — they let you watch and control terminals running on your own desktop. The apps touch very little:
- Pairing details — your desktop's address and a device token, created when you scan the QR code your desktop shows. These are stored encrypted on your phone (Android EncryptedSharedPreferences / iOS Keychain).
- A push notification token — so your desktop can alert you (e.g. "approval needed", "task done"). Notifications are delivered through the platform's push service (Apple on iOS, Google on Android); the token and a short notification title/body (no terminal contents) pass through our relay to reach your phone.
- Camera — used only to scan the pairing QR code. Images are not stored, saved, or uploaded.
The terminal contents you mirror flow between your phone and your desktop and are not used for advertising or analytics; the mobile apps contain no advertising or third-party analytics SDKs. You can turn push notifications off or unpair a device at any time.
7. What we don't do
- We do not sell your personal data and we do not share it with third parties for their own marketing purposes.
- No advertising — the apps contain no ads and no ad SDKs.
- No third-party analytics or trackers inside the desktop or mobile apps. Usage metrics (see §3) are collected by us, for us and your organization's administrator — not by third-party analytics vendors.
- We do not use your content or AI conversations to train AI models.
8. Why we collect it
- To sign you in through your organization's identity provider and associate you with your organization (account data)
- To store and sync your workspace across devices and enable sharing and pre-provisioning within your organization (application data)
- To provide AI features via your organization's configured provider, and to account for that usage (AI data and metadata)
- To give your organization's administrator the visibility described in §4 (usage metrics, versions, online status, audit logs)
- To secure and maintain the service (operational logs, rate-limiting metadata)
- To respond to support requests if you contact us (your message + email)
9. Where it's stored
Clauge is hosted on enterprise-grade cloud infrastructure provided by Amazon Web Services, with primary data storage in data centers located in India. Account data and application data are stored in our cloud-hosted database. Static content and downloads are delivered globally through a content delivery network.
The app also keeps a local cache of your data on your device for offline use; the server remains the source of truth.
10. Subprocessors we use
- Amazon Web Services, Inc. — cloud hosting, storage, and content delivery. AWS Privacy Notice.
- Microsoft Corporation — enterprise single sign-on via Microsoft Entra ID, when your organization uses Entra ID as its identity provider. Microsoft Privacy Statement.
- AI model providers — the provider your organization's administrator configures for AI features (for example, Anthropic) receives prompts and returns responses, as described in §5.
We do not sell your personal information. We do not share it with third parties for their own marketing purposes.
11. How long we keep it
- Account and application data: kept while your account is active within your organization's tenant. When your administrator deactivates your account, or your organization's agreement with us ends, data is deleted or returned in accordance with that agreement, after which operational backups age out within our standard retention window.
- Usage metrics and audit logs: retained for service operation and organization administration, in accordance with your organization's agreement.
- Operational logs: retained briefly for security, rate-limiting, and abuse-prevention purposes, then aged out.
12. Your rights
Because your organization is typically the controller of org-managed data, requests to access, correct, or delete that data are best directed to your organization's administrator, who can act on them directly or instruct us. You can also contact us at any time and we will assist, coordinating with your organization where required.
- Access — view your profile and your workspace data in the app; request a fuller export via your administrator or us
- Correct — profile details come from your organization's identity provider; corrections made there flow through at your next sign-in
- Delete — request deletion via your administrator or by emailing us
If you are located in the European Economic Area, the United Kingdom, or another jurisdiction that grants you additional data-subject rights (such as the right to object to processing or lodge a complaint with your local data-protection authority), you may exercise those rights by contacting us using the details below.
13. Cookies and analytics
The website at clauge.ai sets only strictly-necessary cookies. No third-party analytics or ad tags. The desktop and mobile apps do not contain third-party analytics or trackers; the usage metrics we collect are described in §3.
14. Children
Clauge is enterprise software provided to organizations and is not directed to children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us information, contact us and we will delete it.
15. Security
We design for security in depth:
- Connection secrets and credentials stored in our cloud are encrypted
- All connections to our infrastructure use TLS
- Access to your organization's data is restricted to authenticated, authorized members of your organization, with role-based controls for administrators
- Sign-in is delegated to your organization's identity provider — we never see or store your directory password
No system is perfectly secure. If you discover a vulnerability, please email us so we can fix it before disclosure.
16. International data transfers
Your data is processed and stored primarily in data centers located in India and delivered globally via a content delivery network. If you access Clauge from outside India, your data will be transferred to and processed in India, subject to the protections described in this policy, your organization's agreement with us, and applicable law.
17. Changes to this policy
We may update this Privacy Policy from time to time. Material changes will be reflected by updating the "Last updated" date and, where appropriate, by notifying your organization or you through the application or by email. Continued use of the Service after a change takes effect constitutes acceptance of the updated policy.
18. Contact
Privacy questions, data-deletion requests, or to exercise any of the rights described above — email support@clauge.ai.