We believe in full transparency. Below is everything you need to know about how we handle your data and how we operate.
Last updated: April 2026
We collect your email address when you sign up, and the code files you upload during a security scan. We also collect basic usage data (scan count, plan tier) to manage your account.
Your email is used solely to manage your account and send essential product notifications. Your uploaded code files are processed in memory during the scan and are NOT permanently stored on our servers after the scan completes.
We use Supabase for authentication and database storage, and Google Gemini AI for security analysis. Your scan data may be processed by these services under their respective privacy policies. We do not sell your data to any third party.
Your account data (email, scan history, plan details) is retained for as long as your account is active. You may request deletion of your account and all associated data at any time by contacting us.
We use essential cookies to maintain your login session. We do not use advertising or tracking cookies.
You have the right to access, correct, or delete your personal data. To exercise these rights, contact us at support@codesafe.co.in.
Last updated: April 2026
By accessing or using CodeSafe ("the Service"), you agree to be bound by these Terms of Service. If you do not agree, please do not use the Service.
CodeSafe is an AI-powered security scanning tool that analyses code for potential vulnerabilities. The Service provides informational reports and is intended to assist developers and founders in identifying common security risks.
You agree to use the Service only for lawful purposes and only on code that you own or have explicit permission to scan. You must not use the Service to analyse code obtained illegally or without authorisation.
CodeSafe provides security analysis on a best-effort basis using AI. We do NOT guarantee that our scans will detect every vulnerability in your code. The Service is provided 'as is' without warranty of any kind. A clean scan report does NOT certify your application as secure.
To the fullest extent permitted by law, CodeSafe shall not be liable for any damages arising from the use or inability to use the Service, including any security breaches that may occur even after a scan. Your use of the Service is at your own risk.
Paid plans (Plus, Pro) are billed monthly. Scan credits are consumed when a scan is successfully initiated. All payments are processed securely through our payment provider. Prices are displayed in USD and are subject to change with 30 days' notice.
All purchases are final. We do not provide refunds for scan credits that have been used or for partial subscription periods. You may cancel your subscription at any time, and access will continue until the end of the current billing cycle.
We reserve the right to suspend or terminate accounts that violate these Terms or that are used fraudulently. You may close your account at any time.
We may update these Terms from time to time. We will notify users of significant changes via email. Continued use of the Service following notice of changes constitutes acceptance of the updated Terms.
These Terms are governed by and construed in accordance with the laws of India. Any disputes shall be subject to the exclusive jurisdiction of the courts of India.
Last updated: April 2026
Security is our core product. We hold ourselves to the same standard we help others achieve. We continuously review our own infrastructure and processes to ensure your data is safe.
All data transmitted between your browser and our servers is encrypted using TLS 1.3. We enforce HTTPS on all endpoints.
Your account data is stored in Supabase with AES-256 encryption at rest. Row-Level Security (RLS) policies ensure users can only access their own data.
Uploaded code files are processed in memory and are not written to permanent storage. They are transmitted to the AI provider over an encrypted connection and are not used to train AI models.
We use Supabase Auth which implements industry-standard JWT-based sessions. Passwords are never stored in plain text.
If you discover a security vulnerability in CodeSafe, please report it responsibly to support@codesafe.co.in. We commit to investigating all legitimate reports and responding within 72 hours.
If you have any questions about these policies or want to request deletion of your data, we are here to help.
support@codesafe.co.in