Privacy Policy

What we collect

• Account information — email address and organization name, collected at registration.
• API usage logs — timestamps, endpoints called, package names and versions queried, and whether results were served from cache. These are stored as usage events for billing and service monitoring.
• Package data — we analyze publicly available packages from open source registries (RubyGems, npm, PyPI). This is public data, not personal data.

What we do not collect

• We do not use cookies for analytics or tracking.
• We do not collect your source code. Manifest checks contain only package names and versions.
• We do not sell or share your personal data with third parties for advertising.

How we use your data

• To provide and improve the CodeRecon service.
• To calculate billing based on API usage.
• To communicate with you about your account or service changes.

Subprocessors

We use the following third-party services to operate CodeRecon:

• Railway — application hosting and infrastructure.
• Stripe — payment processing. Stripe handles all payment card data; we never store card numbers.

Data retention

Account data is retained while your account is active. Usage event logs are retained for billing and audit purposes. You may request deletion of your account and associated data by contacting us.

Your rights

You may request access to, correction of, or deletion of your personal data at any time by emailing support@coderecon.com.

Changes to this policy

We will notify you of material changes via email. Continued use of the service after changes take effect constitutes acceptance.

Contact

Questions? Contact us at support@coderecon.com.