Logo

Privacy Policy

Introduction

Your privacy is important to us at ShipSecure. This Privacy Policy describes how we collect, use, and handle your information when you use our services. By using our service, you agree to the collection and use of information in accordance with this policy.

1. Information Collection and Use

We only collect information necessary to provide our services, specifically through GitHub authentication, permissions granted by users, and limited analytics data via PostHog.

1.1 GitHub Login

All users log in through GitHub OAuth, which enables us to identify users and securely access their profiles. The information we collect via GitHub login includes:

  • GitHub Username
  • Email Address (if provided in your GitHub profile)
  • Basic Profile Information (such as profile picture and GitHub bio)

This data is used solely to identify users, facilitate secure login, and allow access to your GitHub repositories when needed for code auditing.

1.2 GitHub App Installation

Users may optionally install our GitHub app to provide direct access to selected repositories for security and code quality audits. By installing the GitHub app, you authorize us to:

  • Access specific repositories that you choose to grant permissions for.
  • Review code solely for the purpose of providing security audits, code quality analysis, and recommendations.

Important: We only access repositories you authorize, and only for the time necessary to perform our services.

2. Use of PostHog Analytics

We utilize PostHog, an open-source analytics tool, to understand general usage patterns on our platform. This helps us improve the service and user experience. PostHog is implemented with privacy-conscious practices, such as:

  • Anonymized tracking to ensure user privacy while allowing us to monitor general usage patterns.
  • No third-party data sharing through PostHog.

All data collected via PostHog is for internal use only and is handled in compliance with privacy regulations.

3. Data Storage and Security

We take data security seriously. Your code and information provided via GitHub are stored temporarily, only for the duration of the audit process. Upon completion of the audit and delivery of the results, all copies of your code and related data are permanently deleted from our servers.

All data is stored securely and encrypted where applicable to protect against unauthorized access.

4. Data Sharing and Disclosure

We do not share, sell, or rent your personal data or code to any third parties. Information and code provided are used exclusively within our platform for the purpose of delivering the service you requested.

5. Your Rights

You have the right to:

  • Request deletion of any personal information or code submitted.
  • Withdraw permissions at any time by uninstalling the GitHub app or disconnecting your GitHub account.

6. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page, and we encourage you to review it periodically. Continued use of the service after any changes signifies your acceptance of the revised policy.

7. Contact Us

If you have any questions about this Privacy Policy or our data handling practices, please contact us at:

Email: [email protected]

Last Updated: 29.10.2024