Privacy Policy

1. Introduction

Code Guardian Studio ("we", "our", "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

2. Information We Collect

2.1 Account Information

• Email address (for license delivery and support)
• Payment information (processed by Paddle.com, our payment processor)
• Company name (for Enterprise customers)

2.2 Technical Information

• Machine ID (hashed hostname + platform for seat tracking)
• License verification requests (timestamp, status)
• CLI usage data (feature usage, error logs - if opted in)
• IP address and browser information (for web analytics)

2.3 Code Data

Code Guardian Studio analyzes your code locally on your machine. We do NOT:

• Upload your source code to our servers
• Store your code in our databases
• Share your code with third parties
• Train AI models on your code

Exception: When using AI-assisted features (e.g., latent chain mode, agents), code snippets may be sent to Anthropic's Claude API for analysis. This is governed by Anthropic's Privacy Policy.

3. How We Use Your Information

We use your information to:

• Provide and maintain the Service
• Process payments and deliver license keys
• Verify license validity and enforce seat limits
• Provide customer support
• Send transactional emails (license keys, renewal reminders)
• Improve the Service and develop new features
• Prevent fraud and abuse
• Comply with legal obligations

4. Information Sharing

We share your information with:

4.1 Service Providers

• Paddle.com (payment processing, VAT/tax compliance) - Paddle Privacy Policy
• Anthropic (AI code analysis via Claude API) - Anthropic Privacy Policy
• Vercel (hosting and infrastructure) - Vercel Privacy Policy

4.2 Legal Requirements

We may disclose your information if required by law or to:

• Comply with legal processes (subpoenas, court orders)
• Enforce our Terms of Service
• Protect our rights, property, or safety
• Prevent fraud or illegal activity

5. Data Retention

• Account data: Retained while your subscription is active + 90 days after cancellation
• License keys: Retained indefinitely for audit purposes
• Payment data: Managed by Paddle (we do not store credit card information)
• Usage logs: 12 months for analytics and debugging

6. Data Security

We implement appropriate security measures including:

• Encrypted data transmission (HTTPS/TLS)
• Encrypted storage for sensitive data (license keys, machine IDs)
• Regular security audits and updates
• Access controls and authentication
• Webhook signature verification for payment events

However, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security.

7. Your Rights (GDPR)

If you are in the European Economic Area (EEA), you have the right to:

• Access: Request a copy of your personal data
• Rectification: Correct inaccurate or incomplete data
• Erasure: Request deletion of your data ("right to be forgotten")
• Restriction: Limit how we use your data
• Portability: Receive your data in a structured format
• Objection: Object to data processing for certain purposes
• Withdraw consent: Opt out of optional data collection

To exercise these rights, contact us at privacy@codeguardian.studio

8. Cookies and Tracking

We use minimal cookies and tracking:

• Essential cookies: For authentication and session management
• Analytics: Basic usage statistics (page views, feature usage) - anonymized
• No third-party advertising cookies

9. Children's Privacy

Code Guardian Studio is not intended for users under 13 years of age. We do not knowingly collect personal information from children. If you believe we have collected data from a child, please contact us immediately.

10. International Data Transfers

Your data may be transferred to and processed in countries outside your jurisdiction (e.g., United States for hosting, UK for payment processing via Paddle). We ensure appropriate safeguards are in place, including:

• Standard Contractual Clauses (SCCs) for EU data transfers
• Compliance with GDPR and local privacy laws
• Data processing agreements with service providers

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via:

• Email notification to registered users
• Prominent notice on our website
• Updated "Last updated" date at the top of this page

Continued use of the Service after changes constitutes acceptance of the updated policy.

12. Contact Us

For privacy-related questions or concerns:

• Email: privacy@codeguardian.studio
• Support: hello@codeguardian.studio
• GitHub Issues: Report a privacy concern

Summary: We respect your privacy. Your code stays on your machine. We only collect what's necessary for licensing, payments, and support. We don't sell your data. You have control over your information.