CodeDashboard

Privacy Policy

Last updated: February 19, 2026

1. Information We Collect

Account information: When you create an account, we collect your email address, name, and (if you sign up via GitHub OAuth) your GitHub username and profile information.

GitHub data: When you analyze a repository, we fetch the repository’s file structure and contents via the GitHub API. If you connect your GitHub account for private repo access, we store an encrypted OAuth token (AES-256-GCM).

Usage data: We collect basic usage information such as pages visited, analyses performed, and subscription activity to improve the Service and troubleshoot issues.

2. How We Use Your Information

We use the information we collect to: (a) provide and maintain the Service; (b) process payments and manage subscriptions; (c) generate AI-powered analysis dashboards from your repositories; (d) send account-related notifications; and (e) monitor and improve the Service’s performance and reliability.

3. Code Privacy

We never store your source code. Your code is processed entirely in-memory and is never written to any database or persistent storage. This is enforced by four layers:

  • Prompt engineering — The AI is instructed to describe code behavior, never reproduce source code.
  • Output sanitization — A dedicated sanitizer strips any code patterns from the AI’s output before storage.
  • Schema validation — Zod schemas enforce maximum string lengths and structural constraints on all stored data.
  • In-memory processing — Code lives only in the serverless function’s memory and is discarded when the function completes.

4. Data Sharing

We do not sell your personal information. We share data only with the following third-party services necessary to operate CodeDashboard:

  • Stripe — Payment processing. Stripe receives your payment details directly; we never see your card number.
  • Supabase — Database and authentication hosting. Dashboard data and account information are stored in Supabase with row-level security.
  • Sentry — Error monitoring. Sentry receives anonymized error reports to help us identify and fix bugs.
  • Anthropic (Claude API) — AI analysis. Repository contents are sent to the Claude API for analysis and are subject to Anthropic’s data policies.

5. Cookies

We use essential cookies to maintain your authentication session and remember your preferences (such as theme). We do not use third-party tracking or advertising cookies.

6. Data Retention

Account information is retained for as long as your account is active. Dashboard data is retained until you delete the dashboard or your account. Analysis job records are retained for 30 days after completion. When you delete your account, all associated data (dashboards, sections, analysis jobs, and profile information) is permanently removed.

7. Your Rights

You have the right to: (a) access your personal data stored in the Service; (b) request correction of inaccurate data; (c) delete your account and all associated data; (d) export your dashboard data; and (e) withdraw consent for data processing by deleting your account. To exercise these rights, contact us at support@codedashboard.dev.

8. Children’s Privacy

The Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided us with personal information, please contact us and we will promptly delete it.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting a notice on the Service or sending an email. The “Last updated” date at the top of this page reflects the most recent revision.

10. Contact

If you have questions about this Privacy Policy or how we handle your data, contact us at support@codedashboard.dev.