Privacy Policy

What we collect

• • Email address — for account creation and notifications
• • GitHub username — via OAuth authentication
• • Repository names — the repos you choose to scan
• • Scan results — issues found, severity, file paths
• • Code snippets — only lines containing detected issues

What we don't collect

• • Full source code (deleted after scan)
• • Your actual secrets or API keys
• • Git history or commit messages
• • Data from other GitHub resources (issues, wikis, etc)

How we use your data

• • Display scan results and security verdicts
• • Send email notifications about scan completion
• • Improve detection patterns (aggregated, anonymized)

Third-party services

• • Supabase — database and authentication
• • GitHub — OAuth and repository access
• • Stripe — payment processing (for future paid features)

We do not sell your data to anyone.

Data retention

Scan results are retained for as long as you have an active account. You can request deletion of your data at any time.

Your rights

• • Request a copy of your data
• • Request deletion of your data
• • Revoke GitHub access anytime