SecureAI
Getting StartedDemoPricing
SecureAI

Privacy Policy

Last updated: September 1, 2025

1. Information We Collect

1.1 Information You Provide

We collect information you provide directly to us, including:

  • Account information (name, email address, company name)
  • Billing information (payment method, billing address)
  • Support requests and communications
  • Survey responses and feedback

1.2 Information We Collect Automatically

When you use our service, we automatically collect certain information:

  • Usage data (features used, time spent, scan results)
  • Device information (IP address, browser type, operating system)
  • Log data (access times, error logs, performance metrics)

1.3 Code Analysis Data

For our AI security scanning service:

  • We analyze code snippets and repository structures you submit
  • Vulnerability scan results and security assessments
  • Code metadata necessary for security analysis
  • We do NOT store your complete source code permanently

2. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve our AI security scanning services
  • Process transactions and send related information
  • Send technical notices, security alerts, and support messages
  • Respond to customer service requests and provide support
  • Monitor and analyze usage patterns to improve our service
  • Detect, investigate, and prevent security incidents
  • Comply with legal obligations and enforce our terms of service

3. Data Security and Storage

3.1 Security Measures

We implement industry-standard security measures to protect your data:

  • Encryption in transit and at rest using AES-256
  • Regular security audits and penetration testing
  • Access controls and multi-factor authentication
  • SOC 2 Type II compliant infrastructure

3.2 Data Retention

We retain your information for different periods depending on the type:

  • Account data: Until account deletion + 90 days
  • Scan results: 2 years or until account deletion
  • Code snippets: Deleted immediately after analysis
  • Billing data: 7 years for tax and accounting purposes

4. Information Sharing

We do not sell, trade, or otherwise transfer your personal information to third parties, except in the following limited circumstances:

4.1 Service Providers

We may share information with trusted third-party service providers who assist us in:

  • Cloud hosting and infrastructure (AWS, Google Cloud)
  • Payment processing (Stripe)
  • Customer support (Intercom)
  • Analytics and monitoring (DataDog)

4.2 Legal Requirements

We may disclose information when required by law or to protect our rights, users, or others.

5. Your Rights and Choices

5.1 Access and Control

You have the right to:

  • Access, update, or delete your personal information
  • Export your scan results and data
  • Opt out of non-essential communications
  • Request data portability
  • Object to certain data processing activities

5.2 GDPR Rights (EU Users)

If you are in the European Union, you have additional rights under GDPR, including the right to data portability and the right to be forgotten.

5.3 CCPA Rights (California Users)

California residents have specific rights under the California Consumer Privacy Act (CCPA) regarding their personal information.

6. Cookies and Tracking

We use cookies and similar tracking technologies to:

  • Maintain your login session
  • Remember your preferences
  • Analyze usage patterns
  • Improve service performance

You can control cookies through your browser settings, but some features may not function properly if cookies are disabled.

7. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place for international data transfers, including:

  • Standard Contractual Clauses approved by the European Commission
  • Adequacy decisions by relevant data protection authorities
  • Certification schemes and codes of conduct

8. Children's Privacy

Our service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13, we will take steps to delete such information.

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

  • Posting the updated policy on our website
  • Sending an email notification to registered users
  • Providing notice through our service interface

Your continued use of our service after changes are posted constitutes acceptance of the updated policy.

10. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

Email: privacy@secureai.com

Address: SecureAI Privacy Team
1234 Security Blvd, Suite 100
San Francisco, CA 94105

Data Protection Officer: dpo@secureai.com

11. Specific Provisions for AI Security Services

11.1 Code Analysis

When you use our AI security scanning service:

  • Code is analyzed in secure, isolated environments
  • Only metadata and vulnerability information is retained
  • Source code is not stored beyond the analysis period
  • All processing occurs within SOC 2 compliant infrastructure

11.2 AI Model Training

We do not use customer code or data to train our AI security models without explicit consent. Our models are trained on:

  • Publicly available vulnerability databases
  • Synthetic and anonymized code samples
  • Open source security research
  • Aggregated, non-identifying usage patterns (with consent)

© 2025 SecureAI. All rights reserved.

Terms of ServiceContactDocumentation