Security at ClawTether

Data Handling

ClawTether processes IoT device states, sensor readings, and smart home commands routed between your agent and connected devices. Device telemetry is streamed in real-time and not persisted beyond the session. Device connection credentials and platform tokens are stored encrypted per user.

Encryption

All data is encrypted in transit (TLS 1.3) and at rest (AES-256). API keys and credentials are stored using industry-standard secret management.

Infrastructure

Hosted on European infrastructure. Application containers are isolated per deployment. No shared tenancy between customers.

Access Control

Device connectors use per-device authentication tokens. Agents can only interact with devices explicitly authorized in their connector configuration. Physical device actions (locks, switches, thermostats) require explicit confirmation rules to prevent unintended actuation. All device commands are logged in an immutable audit trail.

Compliance Roadmap

• SOC 2 Type I — targeting Q3 2026
• GDPR — compliant by design (EU hosting, data minimization, right to deletion)

Responsible Disclosure

Found a vulnerability? Email security@clawtether.com. We respond within 48 hours.

Questions

For security inquiries, contact security@clawtether.com.