1. Introduction
TE Code ("we", "our", or "us") operates the Production Readiness Audit System ("PRAS", "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.
By using the Service, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, do not use the Service.
2. Information We Collect
2.1 Personal Information
When you create an account, we collect:
- Email address
- Password (encrypted)
- Name (optional)
- GitHub username (if you connect your GitHub account)
- Organization/team information (for team plans)
2.2 Code and Project Data
When you use the Service to audit code:
- File paths and names from your projects
- Code snippets containing detected issues
- Analysis results and audit scores
- Repository metadata (name, URL, visibility status)
- Git commit information (hashes, messages, authors)
Important: We do not store your complete source code. Only file paths, metadata, and specific code snippets related to detected issues are retained.
2.3 Usage Data
We automatically collect information about how you use the Service:
- IP address
- Browser type and version
- Device information (type, operating system)
- Pages visited and features used
- Time and date of visits
- Time spent on pages
- API requests and command-line usage
- Error logs and diagnostic data
2.4 Cookies and Tracking Technologies
We use cookies and similar technologies to:
- Maintain your session and authentication state
- Remember your preferences
- Analyze usage patterns and improve the Service
- Provide personalized content
3. How We Use Your Information
We use the collected information for:
- Service Delivery: Providing audit analysis, storing results, and enabling dashboard features
- Account Management: Creating and managing your account, authentication, and subscription
- Communication: Sending service updates, security alerts, and support messages
- Improvement: Analyzing usage patterns to improve detection accuracy and user experience
- Support: Responding to your requests, questions, and feedback
- Security: Detecting and preventing fraud, abuse, and security incidents
- Legal Compliance: Complying with legal obligations and enforcing our Terms of Service
4. Data Sharing and Disclosure
4.1 We Do Not Sell Your Data
We do not sell, rent, or trade your personal information or code to third parties for marketing purposes.
4.2 Service Providers
We may share data with trusted service providers who assist us in operating the Service:
- Hosting: Cloud infrastructure providers (AWS, Vercel, Supabase)
- Analytics: Usage analytics and error tracking services
- Payment Processing: Payment processors for subscription billing
- Email: Email service providers for transactional emails
These providers are contractually obligated to protect your data and use it only for the purposes we specify.
4.3 Legal Requirements
We may disclose your information if required by law or in response to:
- Valid legal processes (subpoenas, court orders)
- Government requests
- Protection of our rights, property, or safety
- Protection of our users or the public
4.4 Business Transfers
If we are involved in a merger, acquisition, or sale of assets, your information may be transferred. We will provide notice before your information is transferred and becomes subject to a different privacy policy.
4.5 Public Repositories
For public/open source repositories analyzed via the CLI, audit results may be publicly visible. Private repository results are only visible to:
- The account owner
- Team members (for team plans)
- Users explicitly granted access
5. Data Security
We implement industry-standard security measures to protect your data:
- Encryption in transit (HTTPS/TLS)
- Encryption at rest for sensitive data
- Password hashing with bcrypt
- Regular security audits and updates
- Access controls and authentication
- Monitoring for suspicious activity
However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.
6. Data Retention
We retain your information for as long as necessary to provide the Service and fulfill the purposes outlined in this policy:
- Account Data: Retained while your account is active, plus 90 days after deletion
- Audit Results: Retained for the duration of your subscription, plus 30 days
- Usage Logs: Retained for 12 months
- Billing Records: Retained for 7 years for tax and accounting purposes
You can request deletion of your data at any time by contacting us or deleting your account.
7. Your Rights and Choices
You have the following rights regarding your personal information:
- Access: Request a copy of your personal data
- Correction: Update or correct inaccurate information
- Deletion: Request deletion of your data ("right to be forgotten")
- Portability: Export your data in a machine-readable format
- Opt-out: Unsubscribe from marketing emails (transactional emails cannot be opted out)
- Restriction: Request limitation of data processing
- Objection: Object to certain types of processing
To exercise these rights, contact us at privacy@te-code.com or use your account settings.
8. Children's Privacy
The Service is not intended for users under 13 years of age. We do not knowingly collect personal information from children under 13. If we discover we have collected data from a child under 13, we will delete it immediately.
9. International Data Transfers
Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws. By using the Service, you consent to the transfer of your information to our facilities and service providers.
We ensure appropriate safeguards are in place to protect your data in compliance with this Privacy Policy and applicable laws.
10. Third-Party Links
The Service may contain links to third-party websites or services (e.g., GitHub, documentation sites). We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies.
11. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by:
- Updating the "Last updated" date at the top of this page
- Sending an email to your registered email address
- Posting a prominent notice on our website or dashboard
Your continued use of the Service after changes indicates acceptance of the updated policy.
12. GDPR Compliance (for EU Users)
If you are located in the European Economic Area (EEA), you have additional rights under the General Data Protection Regulation (GDPR):
- Legal basis for processing: Consent, contract performance, legitimate interests
- Right to lodge a complaint with your local data protection authority
- Right to withdraw consent at any time
- Detailed information about data processing activities available upon request
13. CCPA Compliance (for California Users)
If you are a California resident, the California Consumer Privacy Act (CCPA) provides you with specific rights:
- Right to know what personal information is collected
- Right to know whether personal information is sold or disclosed
- Right to opt-out of the sale of personal information (we do not sell personal information)
- Right to deletion
- Right to non-discrimination for exercising your rights