Privacy Policy

1. Introduction & Deployment Model

Code Comprehend LLC ("Code Comprehend," "we," "us," or "our") provides Enterprise SaaS software that runs entirely in your infrastructure. This Privacy Policy explains how we collect and use information related to licensing, platform updates, and support services.

This Privacy Policy addresses data collected for licensing, software updates, and support services. Source code and analysis results remain within private infrastructure and are not accessible to Code Comprehend.

2. Information We Collect

2.1 Account Information

When you register for an account, we collect:

• Name and email address
• Company name and role
• Billing and payment information (processed securely through third-party payment processors)
• Contact preferences and communication settings

2.2 Source Code and Analysis Data (Not Collected)

2.3 Usage Information

We automatically collect certain information about your use of the Service:

• Log data (IP address, browser type, access times, pages viewed)
• Device information (operating system, device identifiers)
• Service usage metrics (features used, analysis frequency)
• Performance data and error logs

3. How We Use Your Information

We use collected information for the following purposes:

• Service Delivery: To provide, maintain, and improve our code analysis and modernization services
• Analysis Processing: To analyze your source code and generate comprehensive documentation and insights
• Account Management: To create and manage your account, process payments, and provide customer support
• Communication: To send service updates, security alerts, and respond to your inquiries
• Service Improvement: To understand usage patterns and improve our platform (using aggregated, anonymized data only)
• Security: To detect, prevent, and address technical issues, fraud, and security incidents
• Legal Compliance: To comply with applicable laws, regulations, and legal processes

4. Private Deployment Model

5. Data Retention

Data retention varies based on data type and location:

• Source Code & Analysis Results (Private Infrastructure): Organizations determine retention policies, backup schedules, and deletion timelines based on compliance requirements.
• Account & Licensing Information: Retained while license is active and for 12 months after termination for legal and accounting purposes.
• Billing Records: Retained for 7 years to comply with financial regulations.
• Support Communications: Retained for 3 years to maintain support history and improve service quality.

6. Data Sharing and Disclosure

For account, billing, and support data we collect, we do not sell, rent, or trade this information. Limited sharing occurs only in the following circumstances:

• Service Providers: Payment processors and licensing infrastructure (limited to account and billing data).
• Legal Requirements: When required by law, regulation, or governmental request.
• Business Transfers: In connection with merger or acquisition (with advance notice).
• Customer Consent: When explicitly authorized by customer.

7. Data Security

We implement industry-standard security measures to protect your information:

• Encryption in transit (TLS 1.3) and at rest (AES-256)
• Regular security audits and penetration testing
• Access controls and multi-factor authentication
• Automated vulnerability scanning and patch management
• Employee security training and background checks
• Incident response and disaster recovery procedures

However, no method of transmission over the Internet is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

8. Your Privacy Rights

Depending on your location, you may have the following rights:

• Access: Request a copy of the personal information we hold about you
• Correction: Request correction of inaccurate or incomplete information
• Deletion: Request deletion of your personal information (subject to legal retention requirements)
• Portability: Request transfer of your data to another service provider
• Objection: Object to certain types of processing of your information
• Restriction: Request restriction of processing under certain circumstances
• Opt-Out: Unsubscribe from marketing communications at any time

To exercise these rights, contact us at privacy@codecomprehend.ai. We will respond within 30 days.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place, including:

• Standard contractual clauses approved by regulatory authorities
• Adherence to recognized privacy frameworks (e.g., EU-U.S. Data Privacy Framework)
• Data residency options for enterprise customers

10. Cookies and Tracking Technologies

We use cookies and similar technologies to:

• Maintain your login session
• Remember your preferences
• Analyze usage patterns and improve our Service
• Provide security features

You can control cookies through your browser settings. However, disabling certain cookies may limit Service functionality.

11. Children's Privacy

Our Service is not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

12. Changes to This Privacy Policy

We may update this Privacy Policy periodically. We will notify you of material changes by:

• Email notification to your registered address
• Prominent notice on our Service
• Updating the "Last Updated" date at the top of this policy

Your continued use of the Service after changes become effective constitutes acceptance of the updated policy.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy, please contact us: