CleverCrow is operated by CleverCrow LLC. This page is a plain-English description of what we collect, why, who else sees it, and how long we keep it. We try to collect as little as possible while still being able to charge cards correctly and maintain a trustworthy audit trail of where money went.
Last updated 16 May 2026.
Sign-in, attributing pledges, checking maintainer permissions against CODEOWNERS.
DynamoDB table clevercrow-users (read by the dashboard and orchestrator).
Charging your card for pledges and crediting your CleverCrow wallet. We never see or store your card number — Stripe holds it; we hold an opaque token.
DynamoDB table clevercrow-wallets. Card data stays inside Stripe.
The audit trail that lets us show you what you funded, what was spent, and what was refunded to your wallet.
DynamoDB tables clevercrow-ledger, clevercrow-pledges, clevercrow-pools.
Maintainers connect CleverCrow to their repos and configure which coding agent runs on their issues. Their provider API key is encrypted at rest with AWS KMS and only decrypted at run time inside the agent sandbox.
DynamoDB table clevercrow-installations (KMS-encrypted fields).
Operating the service, debugging stuck runs, and giving maintainers a permanent record of what was done on their behalf.
DynamoDB table clevercrow-runs (metadata + state machine) and the S3 dead-drop bucket (workspace tarballs + prompts + outputs).
We do not sell or rent your data. We share it with a small set of providers we depend on to operate the service:
Run records are permanent. They are the audit trail that answers “what work was done with my pledge?” and we don't expire them. Ledger entries, pledges, and pool records are also permanent for the same reason.
Short-lived operational data — workspace tarballs in S3, agent outputs awaiting pickup, raw incoming emails to support@, CloudWatch logs — is retained for between 14 and 30 days depending on the path and then purged automatically.
We set a NextAuth session cookie when you sign in, and a CSRF cookie so that form submissions can't be forged. That is the full set. We do not run a third-party analytics tracker and we do not use advertising cookies. If we ever add privacy-preserving analytics, we'll update this page first.
Email privacy@clevercrow.io from the address on file (or with proof you control the GitHub account in question) and tell us what you'd like: a copy of what we hold about you, a correction, or a deletion. We respond within 2 business days.
One caveat on deletion: we cannot remove your share of the financial audit trail (ledger entries, the Stripe-side record of charges and refunds) — that's a record-keeping obligation we have to both you and to tax authorities. We can and will detach your GitHub identity from those rows on request, so they read as anonymous.
If we materially change what we collect or who we share it with, we'll update the “last updated” date at the top of this page and, for accounts with email on file, send a heads-up before the change takes effect.