Privacy Policy

Overview

This policy explains how vibe'nscan collects, uses, stores, and shares personal data when you browse the website, create an account, run scans, connect GitHub repositories, purchase credits, or participate in referral and cashback programs.

The data controller for the service is gradient3 tech OÜ, Tartu mnt 67/1-13b, Kesklinna, 10115 Tallinn, Harjumaa, Estonia.

Data We Collect

• Account data such as your email address, account identifiers, and authentication metadata.
• Billing data such as purchased credit packs, invoice details, VAT fields, and payment status records.
• Operational data required to run scans, display reports, manage settings, and troubleshoot service issues.
• GitHub installation and repository metadata needed to perform read-only repository audits that you request.
• Optional analytics and attribution data when you consent to analytics cookies.
• Referral and cashback data, including referral codes, social handles, and submitted public post URLs.

How We Use Data

• To provide, secure, and operate the product you requested.
• To process purchases, issue invoices, manage credits, and verify cashback claims.
• To perform repository and URL audits, generate reports, and show scan history in your account.
• To measure campaign performance and improve product quality where consented.
• To detect abuse, fraud, suspicious usage, and policy violations.
• To comply with legal obligations including accounting, tax, and dispute handling.

Legal Bases

• Contract performance when we provide the account, scans, reports, and billing features you request.
• Legitimate interests for service security, abuse prevention, debugging, and internal product improvement.
• Consent for optional analytics and attribution cookies.
• Legal obligation for accounting, invoicing, tax, and compliance records.

Processors and Service Providers

We use specialist processors to operate the service, including hosting, database, authentication, billing, email, analytics, repository integration, queueing, and AI inference providers. These processors only receive the data needed to perform their role for us.

Retention and Sharing

We retain personal data only as long as needed for service delivery, security monitoring, legal obligations, and dispute resolution. Account, billing, and invoice records may be retained for statutory accounting and tax periods. Optional analytics data is subject to your consent settings.

Your Rights

Depending on your jurisdiction, you may have rights to access, correct, delete, restrict, or export your data, and to object to specific processing activities. You may also withdraw analytics consent at any time through the cookie controls.

GitHub and Scan Data

When you connect a GitHub repository, vibe'nscan requests the minimum repository access needed to perform a read-only audit. We use repository data to analyze application quality, produce reports, and maintain scan history. We do not request write access to your source code for standard audits.

Contact

For privacy requests, contact privacy@vibenscan.com. For general support, contact support@vibenscan.com.