Privacy

Privacy Policy

Short version: we scan your code to produce findings. If you're signed in, we store your report. Pro explanations use Anthropic.

What We Collect

  • Repo URL or upload name (for ZIP uploads).
  • Scan metadata: timestamps, grade/score, summary, scanner statuses.
  • Findings (titles, severities, file paths/line numbers). We do not store code snippets in the database.
  • Billing data required to process one-time purchases and subscriptions (Stripe customer/checkout references in our database).

What We Send To Anthropic (Pro)

If you use Pro AI explanations, we send the finding details to Anthropic so it can generate plain-English explanations and fixes. This includes severity/title and may include short code snippets when available. We do not send your entire repository.

Retention

  • Anonymous scans are not attached to an account and are not retrievable in "My Recent Scans".
  • Signed-in scans are stored so you can re-open them later, until you delete them.

Security

Please do not upload secrets. If you believe you've found a vulnerability in this service, use the Security page to report it.

Changes

We may update this policy as the product evolves. We will keep the wording clear and human.