Data Privacy & Security Overview
Version 1.2 · February 2026
Your Data Stays With You
Argus runs entirely on a dedicated device inside your home or office. There is no Argus cloud, no shared infrastructure, and no multi-tenant database. Your emails, calendar, files, and conversations never leave your premises.
Architecture at a Glance
| Layer | Where It Runs | What It Does |
|---|---|---|
| Hardware | MacBook Air at your location | Dedicated compute for your agent |
| Agent Runtime | Local (OpenClaw) | Orchestrates tasks, memory, and integrations |
| Memory & Files | Local disk only | Conversations, notes, preferences — stored on-device |
| AI Model Calls | Encrypted API to Anthropic | Prompts sent over TLS 1.3; subject to Anthropic's data policies [1] |
| Integrations | OAuth from your device | Gmail, Calendar, etc. authenticate directly from your machine |
What Leaves Your Device
1. AI model requests — Your agent sends prompts to Anthropic's API (Claude) over encrypted HTTPS. Under Anthropic's Commercial Terms, this data will not be used to train models [1]. Anthropic may retain data as necessary to provide the service, comply with law, resolve disputes, or combat harmful use [2].
2. Tool-specific API calls — When your agent checks weather, searches the web, or queries a third-party service you've authorized, those requests go to the respective provider with only the minimum data needed. Each provider's own privacy policy applies.
3. Outbound messages you approve — Emails, calendar invites, or messages your agent sends on your behalf, which you explicitly authorize.
What never leaves:
- Your full email archive
- Calendar history
- File contents
- Conversation logs with your agent
- Personal notes and memory files
- Credentials and API keys
Access Controls
| Physical access | Device is in your home/office; you control who can reach it |
| Remote management | Secure tunnel (Tailscale) for maintenance — can be disabled on request |
| Authentication | Your Telegram account is the sole interface; no shared logins |
| Permissions | macOS system permissions granted only to required apps |
| Integrations | OAuth tokens stored locally; revocable anytime from your Google/Microsoft account |
How This Compares
| Argus (On-Premise) | Typical SaaS AI Assistant | |
|---|---|---|
| Data residency | Your device | Provider's cloud (usually US) |
| Multi-tenancy | Single-tenant (yours alone) | Shared infrastructure |
| Email/calendar access | OAuth on your machine | OAuth to their servers |
| Conversation history | Local files only | Provider's database |
| Data portability | Full — it's your filesystem | Usually limited export |
| Regulatory alignment | Data never crosses borders | Subject to provider's jurisdiction |
For Regulated Professionals
If you work in financial services, legal, or advisory roles subject to DFSA, VARA, ADGM, or similar regulatory frameworks:
- No cross-border data storage — Your data stays on your device in the UAE. AI model API calls are processed by Anthropic's infrastructure (primarily US-based) but are not stored for training purposes [1][2]
- Audit trail — All agent actions are logged locally in plain-text files you can inspect anytime
- No vendor lock-in — Memory files, conversation logs, and configurations are standard formats (Markdown, JSON)
- Immediate revocation — Disconnect integrations or power off the device at any time
- No third-party data sharing — Argus has no analytics, telemetry, or data partnerships
Frequently Asked Questions
Can Argus read all my emails?
Only if you grant Gmail/Outlook access via OAuth. You can limit scope or revoke access anytime. Your agent reads emails on-device — they are never uploaded to any Argus server.
Does Anthropic (Claude) see my data?
Only the specific context sent in each API request. Under Anthropic's Commercial Terms, this data is not used for model training [1]. Anthropic may retain data to provide the service, for safety and abuse prevention, to comply with legal obligations, or to combat harmful use of their services [2]. For full details, review Anthropic's policies directly at the links below.
Can the Argus team access my device?
Only during setup and maintenance, via a secure tunnel you can disable. We do not have standing access. Post-setup, you can close remote access entirely.
What happens if I stop using Argus?
Everything stays on your device. There is nothing to “export” — it's already yours. Uninstall the software and your data remains untouched. Per Anthropic's DPA, Anthropic will delete Customer Data within 30 days of account termination [2].
Is this GDPR/PDPL compliant?
The on-premise architecture inherently simplifies compliance because personal data is not transferred to a third-party processor for storage. AI API calls do transit Anthropic's infrastructure, which incorporates Standard Contractual Clauses for international data transfers [2]. For formal compliance assessments, we recommend consulting your legal counsel with this document as a technical reference.
Source References
[1] Anthropic Commercial Terms of Service — Section B (Customer Content): “Anthropic may not train models on Customer Content from Services.”
anthropic.com/legal/commercial-terms
[2] Anthropic Data Processing Addendum — Covers data processing scope, retention, deletion (30 days post-termination), subprocessors, security breach protocols, and international transfer mechanisms (SCCs).
anthropic.com/legal/data-processing-addendum
For questions, contact alex@riverventures.co or book a call.