Privacy Policy

Last updated: April 12, 2026

1. Data We Collect

• Identity data: Public profile information from OAuth providers (GitHub, Google, WeChat), including user ID, username, avatar
• Device data: Public IP address of your OpenClaw node, ward draft ID, ward secret hash
• Usage data: HTTPS request logs (for debugging and security)
• Payment data: Order information processed via Paddle (Global) or WeChat Pay (CN)

2. Why We Collect This Data

We collect data to: provide the service (domain allocation, HTTPS certificate issuance, authentication), security and fraud prevention, customer support, and legal compliance.

3. Data Relationships with Third-Party Providers

We do not store your OAuth passwords. Identity providers (GitHub, Google, WeChat) are used solely for authentication; we receive only the public profile information returned by the OAuth flow.

Payment data is processed by professional payment processors: Paddle (Merchant of Record) for Global, WeChat Pay for China. We do not directly store your credit card or payment account information.

4. Cookies and Sessions

We use the following cookies:

• Platform Session Cookie: Maintains your login state, 7-day expiration
• Local JWT: Issued by warded serve under your domain for accessing protected pages, 8-hour expiration

5. Data Retention

We retain your account data until you delete your account or we terminate the service. Log data is retained for 30 days for security auditing. Payment records are kept as required by law.

6. Contact

For privacy-related questions, contact: privacy@warded.me