PRIVACY POLICY

Last updated: March 10, 2026

1. Introduction

CodeShant Technologies ("we", "us", "our") operates VibeDoctor. This Privacy Policy explains how we collect, use, and protect your information when you use our Service.

2. Information We Collect

2.1 Information You Provide

• Email address: Required for account creation, scan delivery, and communication
• App/Website URL: Provided for website scanning
• GitHub account connection: OAuth authorization for repository access (read-only)
• Payment information: Processed and stored by Stripe; we do not store card details

2.2 Information Collected Automatically

• IP address: Used for rate limiting and abuse prevention
• Usage data: Scan counts, feature usage, and interaction patterns
• Scan results: Security findings, performance scores, and code quality metrics generated during scans

2.3 GitHub Data

• We access your repositories in read-only mode via GitHub App installation
• Source code is temporarily cloned for scanning and deleted after processing
• We do not permanently store your source code
• We store scan results, metrics, and generated reports (not the code itself)

3. How We Use Your Information

• To provide and maintain the Service (scanning, monitoring, reporting)
• To send scan reports, alerts, and status emails
• To process payments and manage subscriptions
• To prevent abuse, enforce rate limits, and maintain security
• To improve the Service based on aggregated, anonymized usage patterns
• To send relevant product updates (you can unsubscribe at any time)

4. Data Sharing

We do not sell your personal data. We share data only with:

• Stripe: Payment processing
• Resend: Transactional email delivery
• GitHub: Repository access via OAuth
• Anthropic (Claude AI): Anonymized scan data for AI-powered report generation (no source code is sent)

5. Data Retention

• Scan reports: Retained for the duration of your account
• Source code: Temporarily cloned, deleted after scan completion
• Account data: Retained until account deletion
• Payment records: Retained as required by law

6. Data Security

We implement appropriate technical and organizational measures to protect your data, including:

• Encrypted connections (TLS) for all data in transit
• Encrypted storage for sensitive data at rest
• Access controls and authentication for all systems
• Regular security audits of our own infrastructure

7. Your Rights

You have the right to:

• Access: Request a copy of your data
• Deletion: Request deletion of your account and associated data
• Correction: Update inaccurate information
• Portability: Export your scan reports
• Opt-out: Unsubscribe from marketing emails at any time

To exercise any of these rights, contact 911@vibedoctor.io.

8. Cookies

We use essential cookies for authentication and session management. We do not use third-party tracking cookies or advertising cookies.

9. Children's Privacy

The Service is not intended for use by individuals under 18 years of age. We do not knowingly collect information from minors.

10. International Data Transfers

Your data may be processed in servers located outside your country of residence. We ensure appropriate safeguards are in place for international data transfers.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or prominent notice on the Service.

12. Contact Us

For privacy-related inquiries, contact us at 911@vibedoctor.io.

Operated by CodeShant Technologies(UDYAM-BR-26-0188408)