Privacy Policy

Last updated: April 7, 2026

The short version

We collect the minimum needed to run your subscription — nothing more. ClippyAI is accessibility-tree first: most tasks send only structured UI text (visible labels, button names, coordinates), not pixels. When visual understanding is required, a single screenshot may be sent for that one request only — never stored, never used for training, and the behaviour can be disabled in Settings. No analytics, no ads, no data resale. Delete your account and we delete your data.

The website (clippyai.app)

The marketing site itself collects zero personal information. There are no signup forms, no newsletter, no analytics scripts, no tracking pixels, no advertising SDKs, no localStorage, and no first-party cookies.

The only data touched when you visit is what Cloudflare (our hosting provider) logs at the edge for basic abuse prevention:

  • IP address
  • Browser user agent
  • Requested URL and timestamp
  • A short-lived Cloudflare bot-management cookie (__cf_bm, ~30 minutes)

When you click a pricing button you leave our site and go to Stripe, which handles all payment data under Stripe's privacy policy. We never see your card number.

Your account

To run a paid subscription we store the absolute minimum:

  • Email address (so we can send your license key)
  • Stripe customer ID (so billing works)
  • License key, plan, and subscription status
  • Monthly token usage count (so we can enforce your plan's quota)

That's the entire account record. No name, no address, no phone number, no profile.

The desktop app

When you chat with Clippy or ask him to do something on your computer, the following is sent to our backend so the AI can respond:

  • Your message — what you typed or asked
  • Active window title — which app is in focus
  • UI accessibility tree — structured text describing visible buttons, labels, and text fields (names and coordinates only)

Your prompt + accessibility context is forwarded to our AI provider (OpenAI, L.L.C.) to generate a response, then discarded. We do not store conversation logs. All AI processing goes through our own backend — your license key authenticates you, and your plan's monthly token quota is enforced server-side.

If you use the "Report Issue" feature in the log viewer, your local log file is sent to our backend for debugging. Logs are stored for 30 days and then automatically deleted.

About screenshots

Clippy reads your screen as text via the operating system's accessibility tree — UI Automation on Windows, the Accessibility API on macOS (button names, labels, visible text — not pixels). When the accessibility tree can't describe what's on screen (e.g. canvas drawings, raster images, custom-rendered UIs), Clippy may take a single screenshot of the visible desktop and forward it to the AI for that one turn only. Screenshots are never stored, never used for training, and only sent when the task genuinely requires them.

You can disable screenshot use entirely from Clippy's Settings for a strict "no pixels ever" mode — Clippy will then refuse tasks that he can't complete without visual context, rather than capturing the screen.

What we never collect

  • ❌ Passwords, credentials, API keys, or 2FA codes (Clippy actively avoids fields containing them)
  • ❌ Credit card or bank account details (Stripe handles those directly)
  • ❌ Files, folders, or documents on your computer (unless you explicitly ask Clippy to read one — e.g. "summarize C:\notes.txt")
  • ❌ Browser history, bookmarks, or saved passwords
  • ❌ Microphone or webcam input
  • ❌ Keystroke logging — we never capture keys you type outside of Clippy's bubble
  • ❌ Content from windows that aren't currently visible
  • ❌ Any form of device fingerprinting for tracking
  • ❌ Persistent screenshots — pixels are forwarded only for the single turn that needs them, never retained

Who we share data with

We use a small number of processors strictly to run the service:

  • Stripe — payments and subscription management
  • Cloudflare — hosting, edge, and abuse prevention
  • OpenAI, L.L.C. — the AI model provider that generates all responses

We do not sell, rent, or share your data with advertisers, brokers, or analytics companies. We don't have a marketing database.

How long we keep it

  • Account info: for the life of your subscription, plus 90 days after cancellation (billing and tax records)
  • Chat messages & screen context: processed in real time and discarded immediately — not logged
  • Token usage counts: reset every billing cycle
  • Diagnostic logs (submitted via "Report Issue"): 30 days, then auto-purged

Your rights

Wherever you live, you can:

  • Pause Clippy — right-click the menu-bar (Mac) or system-tray (Windows) icon → Sleep. He stops reading the screen instantly.
  • Quit Clippy — nothing is sent while the app is closed.
  • Cancel any time from your Stripe customer portal. No questions asked.
  • Access or delete your data — email hello@clippyai.app and we'll action it within 30 days.
  • Opt out of AI training — we never use your prompts to train models, full stop.

GDPR, UK GDPR, and CCPA residents have the additional rights guaranteed by those laws (rectification, portability, objection, non-discrimination). Same email reaches us.

Local storage

The desktop app stores your settings, license key, and buddy name locally on your computer — in %APPDATA%\clippyai on Windows, or ~/Library/Application Support/clippyai on macOS. This never leaves your machine and is deleted when you uninstall.

Children

ClippyAI is not directed at children under 13 (or 16 in the EU/UK). If you believe a child has created an account, email us and we'll remove it.

Changes

If we change this policy we'll update the date at the top and, for material changes, email active subscribers at least 7 days in advance. Continued use after the effective date means you accept the update.

Contact

Questions, deletion requests, or just want to reach a real human?

hello@clippyai.app

Cloudana · operator of ClippyAI