Privacy Policy

Last updated: March 20, 2026

For infrastructure and subprocessors, see our Security & data handling page.

Overview

SystemAudit.dev ("we", "our", or "the Service") is committed to protecting your privacy. This policy explains how we collect, use, and safeguard your information when you use our codebase analysis service.

What Data We Collect

  • GitHub Repository URLs — The public or private repository links you submit for analysis.
  • Email Addresses — When you unlock full reports or purchase an audit.
  • Payment Information — Processed securely by Stripe. We never see or store your card details.
  • Analysis Results — The generated reports and findings from your codebase scan.

How We Handle Your Code

Your code is never stored.

We access your repository through GitHub's official API, analyze it in real-time, and discard the source code immediately after processing. No code is saved to our servers, used for training AI models, or shared with third parties.

How We Use Your Data

  • To perform codebase analysis and generate your audit report
  • To send you your report and any related communications
  • To process payments for paid audit tiers
  • To improve our service (aggregated, anonymized usage patterns only)

Third-Party Services

We use the following third-party services:

  • GitHub API — To access repository contents for analysis (read-only access).
  • Stripe — To process payments securely. See Stripe's Privacy Policy.
  • Anthropic (Claude) — To power AI-driven analysis. Code snippets are processed but not stored or used for training.

Data Retention

  • Source Code — Never stored. Discarded immediately after analysis.
  • Audit Reports — Stored for 90 days to allow you to access your results. After 90 days, reports are automatically deleted.
  • Email Addresses — Retained until you request deletion.
  • Payment Records — Retained as required by law for accounting purposes.

Your Rights

You have the right to:

  • Access — Request a copy of the data we hold about you.
  • Deletion — Request that we delete your data (email us at the address below).
  • Portability — Receive your data in a machine-readable format.
  • Correction — Request corrections to inaccurate data.

For GDPR (EU) and CCPA (California) requests, we will respond within 30 days.

Cookies

We use minimal cookies for essential functionality only (e.g., session management). We do not use tracking cookies or sell your data to advertisers.

Changes to This Policy

We may update this policy from time to time. We will notify you of significant changes by posting a notice on our website. Your continued use of the Service after changes constitutes acceptance of the updated policy.

Contact Us

If you have questions about this Privacy Policy or want to exercise your data rights, contact us at:

support@systemaudit.dev