Privacy Policy

Last updated: January 14, 2026

CursorGuard ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our security scanning service.

Information We Collect

Account Information

When you create an account, we collect:

  • Email address
  • Name (optional)
  • Company name (optional)
  • GitHub account information (via OAuth)

Repository Data

When you connect repositories for scanning, we temporarily access:

  • Repository names and metadata
  • Source code files (for security scanning only)
  • Git commit history (limited to scan context)

Important: We do not store your source code permanently. Code is processed in isolated containers and deleted immediately after scanning is complete.

Usage Information

We automatically collect:

  • Scan history and results
  • Feature usage patterns
  • Device and browser information
  • IP address and general location

How We Use Your Information

We use collected information to:

  • Provide and improve our security scanning services
  • Process your subscription and payments
  • Send service-related notifications
  • Respond to your inquiries and support requests
  • Analyze usage patterns to improve our product
  • Detect and prevent fraud or abuse

Data Security

We implement industry-standard security measures including:

  • Encryption in transit (TLS 1.3) and at rest
  • Isolated Docker containers for code scanning
  • Row-level security on all database tables
  • Regular security audits and penetration testing
  • Access controls and authentication requirements

Data Retention

  • Source code: Deleted immediately after scan completion
  • Scan results: Retained for the duration of your subscription
  • Account data: Retained until you delete your account
  • Usage logs: Retained for 90 days

Third-Party Services

We use the following third-party services:

  • GitHub: Repository access and authentication
  • Stripe: Payment processing
  • Supabase: Database and authentication infrastructure
  • Anthropic (Claude): AI-powered security analysis

Each provider has their own privacy policy governing their use of data.

Your Rights

You have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Delete your account and associated data
  • Export your data
  • Opt out of marketing communications
  • Revoke GitHub access at any time

Cookies

We use essential cookies for:

  • Authentication and session management
  • Security (CSRF protection)

We do not use tracking cookies or third-party advertising cookies.

Children's Privacy

CursorGuard is not intended for users under 16 years of age. We do not knowingly collect information from children.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or through our service.

Contact Us

If you have questions about this Privacy Policy or our data practices, contact us at:

Email: privacy@cursorguard.com
Address: CursorGuard, Inc.

Back to Home