Privacy Policy

Last updated: October 22, 2025

At GitGuard, we take your privacy seriously. This policy explains what data we collect, why we collect it, and what we do with it. Spoiler: we're not selling your data to sketchy third parties.

1. Information We Collect

Account Information: When you sign up, we collect your name, email, and password (which we hash because we're not monsters).

GitHub Integration: When you connect your GitHub account, we get temporary access to scan your repositories. We only access what's necessary for scanning.

Scan Results: We store scan results so you can review them later. These include information about vulnerabilities found in your code.

Usage Data: We collect basic analytics (what features you use, when you scan, etc.) to improve the service. We're not tracking your every move like a creepy stalker.

2. How We Use Your Information

• To provide the service: You know, actually scanning your code for vulnerabilities
• To improve GitGuard: Understanding how people use our service helps us make it better
• To communicate with you: Sending important updates, security alerts, or responding to your questions
• To comply with legal obligations: If required by law, but we'll fight it if we can

3. Data Storage and Security

Your data is stored securely using industry-standard encryption. We don't store your actual source code - only scan results and metadata. Your GitHub access tokens are encrypted and we never log them in plain text.

We use Supabase (PostgreSQL) for data storage, which has its own robust security measures. Your scan results are only accessible to you (and maybe us if we need to debug something, but we promise not to judge your code).

4. Sharing Your Information

We don't sell, rent, or trade your personal information. Period. The only times we share data are:

• With your consent: If you explicitly tell us to share something
• Service providers: Third-party services that help us run GitGuard (like payment processors), who are bound by strict confidentiality agreements
• Legal requirements: If we're legally required to disclose information

5. Your Rights

You have the right to:

• Access your personal data
• Correct inaccurate data
• Delete your account and all associated data
• Export your scan results
• Opt out of marketing emails (though our emails are actually useful, promise)

6. Cookies and Tracking

We use minimal cookies for essential functions like keeping you logged in. We don't use creepy tracking cookies or sell your data to advertisers. If you disable cookies, the service won't work properly, but that's on you.

7. Children's Privacy

GitGuard is not intended for users under 13. If you're under 13, please don't use our service. If we discover we've collected data from a child, we'll delete it promptly.

8. International Users

GitGuard is operated from the United States. If you're using it from outside the US, your data may be transferred to and processed in the US. By using GitGuard, you consent to this transfer.

9. Changes to This Policy

We may update this policy occasionally. We'll notify you of significant changes via email or a prominent notice on the site. The "Last updated" date at the top will always reflect the latest version.

10. Contact Us

Questions about privacy? Contact us at hello@gitguard.net. We're happy to clarify anything or discuss your concerns.