← Back to DefendDevs

Privacy Policy

1. Overview

DefendDevs ("we," "our," "the Service") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains what information we collect, how we use it, and your rights regarding that information.

2. Information We Collect

Account Information: When you create an account, we collect your name, email address, and password (stored as a secure hash — we never store your actual password).

Payment Information: Payment processing is handled entirely by Stripe. We do not store your credit card number, CVV, or full billing details on our servers. We retain only a reference to your Stripe customer ID for managing your account.

Code Submissions: When you submit code for scanning, we temporarily store the submitted code to perform the analysis. Code submissions are automatically deleted from our servers within 30 days. We do not read, review, or access your submitted code for any purpose other than performing the security scan you requested.

Scan Results: We store the results of your scans (vulnerability findings, scores, AI analysis, and generated reports) in your account so you can access them later. These results do not contain your full source code.

Usage Data: We collect basic usage information including scan counts, languages scanned, and feature usage to improve the Service. We do not track your browsing activity outside of the Service.

3. How We Use Your Information

We use your information to:

• Provide the security scanning service you requested
• Process payments and manage your account
• Generate scan reports and maintain your scan history
• Send transactional emails related to your account (password resets, purchase confirmations)
• Improve the accuracy and quality of our scanning service

4. How We Protect Your Code

We understand that your source code is sensitive intellectual property. We implement the following protections:

• No training: Your submitted code is never used to train any machine learning models or algorithms
• No sharing: Your code is never shared with, sold to, or disclosed to any third parties
• Auto-deletion: Submitted code is automatically purged from our servers within 30 days
• Encryption: All data is encrypted in transit using TLS encryption
• Access controls: Only you can access your scan results. Our team does not access your code or results unless required for technical support at your request
• Isolated processing: Code analysis is performed in isolated environments and is not accessible to other users

5. Third-Party Services

We use the following third-party services:

• Stripe: For payment processing. Stripe's privacy policy governs the handling of your payment data. See stripe.com/privacy
• Cloudflare: For DNS, CDN, and DDoS protection. Cloudflare may process your IP address and request metadata. See cloudflare.com/privacypolicy

We do not use any advertising networks, analytics trackers, or social media pixels.

6. Cookies

The Service uses minimal cookies:

• Authentication token: Stored in your browser's local storage to keep you logged in. This is not a tracking cookie and is only used for session management.
• Cloudflare cookies: Cloudflare may set cookies for security and performance purposes.

We do not use cookies for advertising, tracking, or analytics purposes.

7. Data Retention

• Account data: Retained until you delete your account
• Submitted code: Automatically deleted within 30 days of submission
• Scan results: Retained until you delete your account
• Payment records: Retained as required by law for tax and accounting purposes

8. Your Rights

You have the right to:

• Access: Request a copy of the personal data we hold about you
• Correction: Update or correct your account information
• Deletion: Request deletion of your account and all associated data
• Portability: Request your scan results in a machine-readable format (JSON)
• Objection: Object to our processing of your personal data

To exercise any of these rights, contact us at support@interdimensionaltechnology.com.

9. International Data Transfers

The Service is hosted in the United States. If you are accessing the Service from outside the United States, your data will be transferred to and processed in the United States. By using the Service, you consent to this transfer.

10. Children's Privacy

The Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children.

11. Security Incidents

In the event of a data breach that affects your personal information, we will notify affected users within 72 hours of becoming aware of the breach, as required by applicable law.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page with a new "Last updated" date.

13. Contact

For questions about this Privacy Policy or your data, contact us at support@interdimensionaltechnology.com.