Privacy Policy
Last updated: 2026-07-05. This is a starting template — review with legal counsel before launch.
What we collect
Account details from the provider you sign in with (GitHub or Google), including your email address. The source you submit for scanning — a GitHub repo reference or an uploaded ZIP. Product usage data (scans run, features used).
How we handle your code
We read the code you submit; we never execute it. Uploaded ZIPs are stored only as long as needed to run a scan and are deleted afterward. Before any code is sent to an AI model for narrative or fix-prompt generation, secrets are redacted. You are responsible for the code you submit and confirm you have the right to share it with us for scanning.
How we use your information
To run scans, show you results, operate your account, process payments, keep the service secure, and understand and improve how it is used. This includes internal analytics: we measure product usage and business metrics — for example the number of scans run, sign-ups, and active or paying accounts — to operate, monitor, and improve the service. We do not sell your personal information.
Aggregated & de-identified data
We also produce aggregated and de-identified statistics — counts and totals that do not identify you, such as the number of sign-ups, scans run, active users, or paying customers. We use these for internal reporting, analytics, and to operate and improve the service. Because this information cannot reasonably be used to identify a person, we may use and retain it without the restrictions that apply to personal information.
Communications
We send transactional and service emails tied to your account — sign-in and security notices, scan results, billing receipts, and important changes to the service. These are part of providing the service and can't be turned off while your account is open. We may also occasionally send product updates, tips, or offers; you can opt out of those at any time using the unsubscribe link in the email or by emailing us. We never sell your email address or share it for anyone else's marketing.
Service providers
We rely on Supabase (auth, database, storage), Cloudflare (hosting, network), an AI provider for narrative generation, and Stripe for billing. Each processes data only to provide its service.
Cookies
We use a small number of first-party cookies that are strictly necessary or functional: a session cookie (via Supabase) that keeps you signed in, and a short-lived referral cookie (vc_ref) set only if you arrive through an affiliate link — it records the referral code for attribution and is cleared once you sign up. We do not use advertising or cross-site tracking cookies, and we set no Google Analytics, Meta, or other third-party tracking cookies; our product analytics run server-side and place no cookie in your browser. Because we use only essential and functional cookies, no cookie-consent banner is legally required; we still show a brief cookie notice for transparency. You can block cookies in your browser settings, but blocking the session cookie will stop you from staying signed in.
Children's privacy
V1be Check is a developer tool and is not directed to children. You must be at least 13 years old — and old enough to form a binding contract, and meet the minimum age of digital consent in your country — to create an account. We do not knowingly collect personal information from anyone under 13. If you believe a child has given us their information, email us at privacy@mail.signalpointsystems.com and we will delete it.
Your rights & contact
You can download a copy of your data or permanently delete your account at any time from Settings → Account in your dashboard. You can also request access or deletion by emailing privacy@mail.signalpointsystems.com. We do not sell your personal information.