Privacy Policy
Last Updated: July 8, 2026
Welcome to CtrlCode, operated by irsSMEX. This Privacy Policy describes how we collect, use, and handle your information when you use our security scanning services.
1. What Data We Collect
- Account Information: Account email, GitHub username, and repository metadata.
- Scan Data: Selected code files authorized for scanning and the resulting security scan findings.
- Billing Data: Billing status and plan information (actual payment details are handled securely by Paddle).
2. How We Use Data
We use the data we collect solely to provide, maintain, and improve the CtrlCode service. This includes:
- Authentication and account management.
- Performing AI-driven repository security scans.
- Displaying scan results securely in your dashboard.
- Processing billing and sending account notifications.
- Providing product support.
3. GitHub Data Authorization
CtrlCode requires read access to repositories that you explicitly authorize. We read your code strictly to perform automated security scans. We do not write to your repositories, and we do not store your source code permanently beyond the duration of the scan process.
4. Payment Data
All payment processing is handled securely by our Merchant of Record, Paddle. CtrlCode does not collect or store your credit card numbers or raw financial data.
5. Security
We prioritize the security of your data. All GitHub tokens are securely encrypted and handled server-side. Scan results are private and visible only to the authenticated user who initiated the scan.
6. Contact
If you have any questions or concerns regarding this Privacy Policy, please contact us at: irssmex@gmail.com.