Privacy Policy

Data Collection

VibeCode Audit collects minimal data necessary to provide our security scanning service:

• URLs submitted for scanning
• Optional email addresses for scan result notifications
• Technical scan data (HTTP headers, response codes, detected patterns)

Data Usage

We use collected data to:

• Perform security scans and generate reports
• Send scan results to provided email addresses
• Improve our scanning algorithms and detection capabilities
• Monitor service performance and reliability

Data Encryption

All data is encrypted in transit using TLS 1.3. Scan results are encrypted at rest using industry-standard AES-256 encryption. Data is stored securely on Railway infrastructure with automatic backups.

Data Retention

Scan reports are retained for 30 days for retrieval purposes, then automatically deleted. Email addresses provided for notifications are not stored beyond report delivery unless you create an account.

Third-Party Services

We use the following third-party services:

• Railway - Hosting and infrastructure
• Upstash Redis - Encrypted data storage
• Vercel - Web hosting
• Groq - AI-powered security analysis

These services process data on our behalf under strict data processing agreements.

Cookies

We use minimal essential cookies for service functionality. No tracking or advertising cookies are used.

GDPR & CCPA Compliance

We comply with GDPR and CCPA regulations. You have the right to:

• Request access to your data
• Request deletion of your data
• Opt-out of data collection
• Data portability

Contact us at privacy@vibecodeaudit.app for data requests.

Updates

This privacy policy may be updated periodically. Last updated: December 14, 2024.

Contact

For privacy-related questions: privacy@vibecodeaudit.app