Privacy and Policy

Purpose: This privacy policy explains how we collect, use, store, share, and protect your data when you use our AI code analysis application.
Commitment to Privacy: We are committed to safeguarding your data and complying with applicable data protection laws, such as GDPR and CCPA, where relevant.

We collect the following data to provide our services:

Source Code: Code retrieved from git providers, including Azure DevOps, Gitlab, Bitbucket, and Github.
Work Items: Tasks, issues, or other work-related data from board providers, such as Jira and Azure DevOps.
Other Data: If applicable, we may collect user account information (e.g., email addresses, usernames) for authentication or communication purposes.

We use your data to deliver code analysis and related services:

Source Code:
- Sent to third-party LLMs for automated analysis to provide insights or recommendations.
- Processed by SonarQube (hosted by us) for static code analysis to identify issues or vulnerabilities.
- Converted into a vectorized form and stored in our Qdrant database for future analysis or reference.
Work Items:
- Stored in our database to analyze project workflows and provide integrated insights.
Purpose:
- To enhance code quality, provide actionable insights, and integrate with your development processes.

We share your data only as necessary to provide our services:

Source Code:
- Shared with third-party LLMs for analysis. These providers are contractually obligated to use the data solely for the requested analysis and not for other purposes, such as training their models, without your explicit consent.
- Processed by SonarQube, which is hosted and controlled by us.
Vectorized Code:
- Stored in Qdrant, which is hosted and managed by us.
Work Items:
- Stored in our database and not shared with third parties unless required for service delivery (e.g., with hosting providers).
Service Providers:
- We may share data with trusted service providers (e.g., cloud hosting services) under strict confidentiality agreements to ensure data security.

We implement industry-standard security measures to protect your data:

Transmission: Source code is transmitted to third-party LLMs using secure channels (e.g., HTTPS).
Storage: Vectorized code in Qdrant and work items in our database are protected with encryption and access controls, limiting access to authorized personnel only.
Third-Party Security: We require third-party LLMs to maintain robust security practices compliant with industry standards.

We retain data only as long as necessary:

Source Code: Not stored by our app; it is only transmitted for analysis and deleted after processing.
VECTORIZED CODE: Stored in Qdrant for the duration of your service use plus 30 days, after which it is deleted, unless required by law.
Work Items: Stored in our database for the duration of your service use plus 90 days, after which they are deleted, unless required by law.
Retention Policy: We periodically review stored data to ensure compliance with this policy.

‍

You have rights over your data, subject to applicable laws:

Access: Request a copy of the data we hold about you.
Correction: Request corrections to inaccurate data.
Deletion: Request deletion of your data, subject to legal obligations.
Contact: Reach out to us at [insert contact email] to exercise these rights or for any privacy concerns.

‍

For questions or concerns about this privacy policy or our data practices:

Privacy Policy