CodeSlick Logo

Privacy Policy

Last Updated: November 4, 2025

1. Introduction

CodeSlick ("we", "our", or "us") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, and protect your information in compliance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

2. Data Controller

CodeSlick is the data controller for personal data collected through our Service.

  • Contact: codeslick@codeslick.dev
  • Website: https://codeslick.dev

3. Information We Collect

3.1 Account Information

When you sign in with GitHub, we collect:

  • GitHub username and user ID
  • Email address
  • Profile picture
  • Organization memberships

3.2 Code Analysis Data

When you analyze code, we temporarily process:

  • Source code (analyzed in memory, not permanently stored)
  • Repository names and file paths
  • Pull request metadata
  • Analysis results and security findings

3.3 Usage Data

We automatically collect:

  • IP address and location (country/city level)
  • Browser type and version
  • Pages visited and features used
  • Date and time of access
  • Number of analyses performed

3.4 Payment Information

Payment processing is handled by Stripe. We do not store credit card numbers. Stripe collects and processes payment information according to their Privacy Policy.

4. How We Use Your Information

We use your personal data for the following purposes:

  • Service Delivery: To provide code analysis and security reports
  • Account Management: To create and manage your account
  • Billing: To process payments and manage subscriptions
  • Communication: To send service updates and respond to inquiries
  • Analytics: To improve our Service and user experience
  • Security: To protect against fraud and unauthorized access
  • Compliance: To comply with legal obligations

5. Legal Basis for Processing (GDPR)

We process your personal data based on:

  • Contract Performance: To provide the Service you subscribed to
  • Legitimate Interests: To improve our Service and prevent fraud
  • Legal Obligation: To comply with tax and legal requirements
  • Consent: For marketing communications (where required)

6. Data Sharing and Disclosure

We share your data only in the following circumstances:

6.1 Service Providers

  • Stripe: Payment processing
  • Vercel: Hosting and infrastructure
  • PostHog: Analytics (EU servers)
  • Neon: Database hosting (EU region)

6.2 Legal Requirements

We may disclose your data if required by law, court order, or governmental regulation.

6.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your data may be transferred. We will notify you before your data is transferred and becomes subject to a different privacy policy.

7. Data Retention

  • Source Code: Analyzed in memory only, not stored permanently
  • Analysis Results: Retained for 30 days (shareable reports)
  • Account Data: Retained while your account is active
  • Usage Analytics: Retained for 90 days
  • Billing Records: Retained for 7 years (legal requirement)

8. Data Security

We implement industry-standard security measures to protect your data:

  • Encryption in transit (TLS/HTTPS)
  • Encryption at rest for databases
  • Secure authentication via GitHub OAuth
  • Regular security audits and updates
  • Access controls and logging
  • Isolated analysis environments

9. Your Rights (GDPR)

Under GDPR, you have the following rights:

  • Right to Access: Request a copy of your personal data
  • Right to Rectification: Correct inaccurate data
  • Right to Erasure: Request deletion of your data
  • Right to Restriction: Limit how we process your data
  • Right to Portability: Receive your data in a portable format
  • Right to Object: Object to processing based on legitimate interests
  • Right to Withdraw Consent: Withdraw consent at any time

To exercise these rights, email us at: codeslick@codeslick.dev

10. Cookies and Tracking

We use cookies and similar technologies for:

  • Essential Cookies: Required for authentication and security
  • Analytics Cookies: PostHog analytics (EU servers)
  • Session Management: To maintain your logged-in state

You can control cookies through your browser settings, but disabling essential cookies may affect Service functionality.

11. International Data Transfers

Your data is primarily stored in EU data centers (Neon Postgres - EU Central, PostHog - EU). Some service providers (Vercel, GitHub) may process data in the United States under Standard Contractual Clauses (SCCs) approved by the European Commission.

12. Children's Privacy

CodeSlick is not intended for users under 18 years old. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us immediately.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or a prominent notice on our Service. The "Last Updated" date will be revised accordingly.

14. Supervisory Authority

If you are located in the EU/EEA, you have the right to lodge a complaint with your national data protection authority if you believe we have not complied with GDPR.

15. Contact Us

For questions about this Privacy Policy or to exercise your rights:

  • Email: codeslick@codeslick.dev
  • Website: https://codeslick.dev
← Back to Home