Privacy Policy
Last updated: July 4, 2026
This Privacy Policy explains how Aegis Loop (“we”, “us”) collects, uses, and protects information when you use our website and Service.
Information we collect
- Account data — GitHub username, avatar, and OAuth or PAT-derived tokens stored in an encrypted session cookie.
- Scan data — repository names, branches, findings, and scan timestamps needed to show results and history.
- Usage data — basic logs (IP address, user agent, request paths) for security and reliability.
- Contact messages — information you send via our contact form or email.
How we use information
We use collected data to authenticate you, run security scans, display findings, improve the Service, respond to support requests, and comply with legal obligations. We do not sell your personal information.
Code and repository content
Repository code is cloned temporarily for scanning and is not retained as a full copy after the scan completes, except for derived findings (file paths, snippets, rule matches) stored with your scan results.
Third parties
We integrate with GitHub for authentication and scanning, and may use OSV and LLM providers when you enable AI autofix. Each third party has its own privacy practices.
Retention
Session cookies expire after seven days of inactivity. Scan history may be cleared when the Service hibernates on free-tier infrastructure. You may sign out to end your session at any time.
Your rights
Depending on your location, you may have rights to access, correct, or delete personal data. Contact hello@aegisloop.dev to make a request.
Security
We use HTTPS, signed HTTP-only cookies, and industry-standard practices to protect data in transit and at rest. No method of transmission over the Internet is 100% secure.
Changes
We may update this Policy from time to time. The “Last updated” date at the top reflects the latest revision.
Contact
Privacy inquiries: hello@aegisloop.dev