1. Introduction
0xLabs ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our GitHub security monitoring service ("Service").
Please read this Privacy Policy carefully. By using the Service, you consent to the practices described in this policy.
2. Information We Collect
2.1 Information You Provide
We may collect the following information that you provide directly:
- Account Information: Name, email address, company name
- GitHub Organization Information: Organization names, repository names
- Payment Information: Billing details (processed securely by third-party payment processors)
- Communication Data: Messages you send to us via email or social media
2.2 Information We Collect Automatically
When you use our Service, we may automatically collect:
- Usage Data: Pages visited, features used, scan history
- Device Information: Browser type, operating system, IP address
- Scan Results: Metadata about detected secrets (type, location, severity) - NOT the actual secret values
2.3 Important: What We Do NOT Collect
We do NOT store:
- Actual secret values, API keys, or credentials
- Your source code content
- Private repository contents beyond what's necessary for scanning
3. How We Use Your Information
We use the information we collect to:
- Provide and maintain the Service
- Send you alerts about detected security issues
- Process payments and manage subscriptions
- Communicate with you about the Service
- Improve and optimize the Service
- Comply with legal obligations
- Protect against fraudulent or unauthorized activity
4. Information Sharing
We do NOT sell your personal information. We may share your information only in the following circumstances:
- Service Providers: With trusted third parties who assist us in operating the Service (e.g., payment processors, hosting providers)
- Legal Requirements: When required by law or to respond to legal process
- Business Transfers: In connection with a merger, acquisition, or sale of assets
- With Your Consent: When you explicitly authorize us to share information
5. Data Security
We implement appropriate technical and organizational measures to protect your information, including:
- Encryption of data in transit and at rest
- Regular security assessments
- Access controls and authentication
- Secure infrastructure and hosting
However, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security.
6. Data Retention
We retain your information for as long as your account is active or as needed to provide the Service. We may retain certain information as required by law or for legitimate business purposes.
Upon account deletion, we will delete or anonymize your personal information within 30 days, except where retention is required by law.
7. Your Rights
Depending on your location, you may have the following rights:
- Access: Request a copy of your personal information
- Correction: Request correction of inaccurate information
- Deletion: Request deletion of your personal information
- Portability: Request a portable copy of your data
- Objection: Object to certain processing of your information
To exercise these rights, please contact us at titifel01@gmail.com.
8. Cookies and Tracking
We may use cookies and similar tracking technologies to:
- Remember your preferences
- Analyze how the Service is used
- Improve user experience
You can control cookies through your browser settings. Disabling cookies may affect Service functionality.
9. Third-Party Links
The Service may contain links to third-party websites. We are not responsible for the privacy practices of these websites. We encourage you to review their privacy policies.
10. Children's Privacy
The Service is not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If we learn that we have collected information from a child, we will delete it promptly.
11. International Data Transfers
Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place to protect your information in accordance with this Privacy Policy.
12. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of any material changes by updating the "Last updated" date and, where appropriate, notifying you by email.
13. Contact Us
If you have questions about this Privacy Policy or our privacy practices, please contact us: