Privacy Policy

Last updated: 2026-03-10. This policy describes how we collect, use, and protect your information when you use Codalysis.

Overview

We process data to provide codebase analysis features such as repository ingestion, chat history, and AI-generated security reports. We use your data only to deliver and improve the service.

Data we process

Account data: When you sign in with GitHub, we receive your profile information (name, email, avatar, and GitHub user ID) from GitHub. We use this to identify your account and to associate your chats and reports with you.

Repository data: We store repository identifiers (e.g. owner/repo) that you choose to analyze. Code is processed for embeddings and summarization; how long we retain it depends on our infrastructure (e.g. vector index and any caches).

Chat and reports: If Supabase is configured, we store your chat conversations and AI-generated security reports in our database so you can access them across sessions. You can export or delete this data at any time from Settings.

How we use your data

  • To provide and operate the service (analysis, chat, security reports).
  • To authenticate you and link your usage to your account.
  • To improve our product (e.g. aggregated, non-personal analytics).

Subprocessors and storage

We use third-party services that may process or store your data: authentication (GitHub), AI and embeddings (OpenAI), vector search (Pinecone), hosting (e.g. Vercel), and optionally database and storage (Supabase). Each provider has its own privacy and data processing terms. We do not sell your personal data.

Your rights

You can export your stored data (chats, AI reports) and request deletion of your account data via the Settings page. For other requests (access, correction, portability, or complaints), contact us using the details in the Imprint. If you are in the EEA/UK, you also have the right to lodge a complaint with a supervisory authority.

Changes

We may update this policy from time to time. The “Last updated” date at the top will change when we do. Continued use of the service after changes constitutes acceptance of the updated policy.

This is a template privacy policy. Replace or extend it with your legal counsel to match your exact practices (e.g. retention periods, cookie use, international transfers).