top of page

Privacy Policy for Our Customers

We understand the importance of protecting intellectual property (IP) as a trusted partner to our customers. With access to your version control and project management environments, we prioritize robust security measures and transparent data practices. Importantly, to further protect your IP, we do not use Big Tech AI solutions. Instead, we leverage open-source Large Language Models (LLMs) hosted exclusively in our private data center in Ashburn, VA, and we do not use customer data to train these models. This approach ensures your data remains fully controlled, secure, and free from third-party data mining risks.

 

  1. Robust Security Practices

    Our commitment to IP security starts with implementing strong access controls, encryption standards, and secure storage practices. Here’s how we protect your intellectual property:

    • Access Controls: Our servers and databases are rigorously password-protected and stored in physically secure locations accessible only to authorized personnel. This minimizes the risk of unauthorized access, whether physical or remote.

    • Encrypted Network Communications: Data transfers between our servers, version control, and project management systems are secured using SSL/TLS encryption, preventing unauthorized data interception. Additionally, communications within our internal systems (analytics software, databases, and web applications) are encrypted, adding a further layer of IP security during internal data exchanges.
       

  2. Data Retention and Storage Transparency

    To deliver reliable insights, we retain certain historical data, such as the state of repositories, full commit histories, and file versions. This allows us to provide robust tracking of development activity, code copying, and workflow analysis. We understand that permanent data retention raises concerns, and we are committed to full transparency in our data storage practices.

    Specifically, we store:

    • Repository and Version Control History: We retain the state of customer repositories and version control histories, which allows us to offer detailed reporting, including historical data from deleted branches.

    • API Keys and Credentials: Access credentials for version control and project management systems are stored securely on our servers, although they are not encrypted. While access is restricted, we are also working to add further security protections.

    • LLM Inputs and Outputs: To support quality analytics, we cache and log LLM interactions, such as file diffs, commit messages, and developer summaries, which are retained securely across multiple storage locations.
       

  3. Exclusively Using Open-Source AI Models to Protect Your Data

    To avoid third-party data mining risks, we do not rely on Big Tech AI solutions. Instead, we use open-source LLMs hosted exclusively in our private data center in Ashburn, VA. This ensures complete control over data access and eliminates exposure to third-party data-sharing risks. By using self-hosted, open-source AI, we guarantee that customer data remains confidential and safe from external exploitation.
     

  4. No Training on Customer Data

    A critical part of our IP protection approach is our policy not to train our AI models on customer data. This policy ensures that:

    • Your IP Remains Exclusive: Your data is used strictly for analysis and is not included in any model updates, so your IP is safeguarded from reuse or redistribution risks.

    • Privacy and Confidentiality Are Reinforced: By not using your data for training, we prevent any unintended data retention within the model’s structure, further minimizing risks of IP exposure.

    • Your Competitive Advantage Is Protected: Not training models on customer data ensures that proprietary processes and insights remain confidential, protecting your competitive advantage and eliminating potential IP leakage.
       

  5. Addressing Specific Security Risks

    We are addressing specific IP management risks, such as API key protection and network traffic encryption. Key risk factors we are actively mitigating include:

    • Server Access Security: Servers containing sensitive data are being strengthened with enhanced protections, including evaluating encryption options and exploring secure data access methods to minimize exposure.

    • Unencrypted LLM Network Traffic: Certain LLM-related communications currently use a REST API without SSL/TLS encryption, which we are working to secure to protect sensitive data further during analytics processes.

 

Conclusion

 

As your trusted partner, we are dedicated to protecting the intellectual property you entrust to us. Through strong security measures, transparent practices, and a commitment to continuous improvement, we ensure the safe handling of data accessed through your version control and project management environments. By exclusively using open-source AI in our private data center and refraining from training our models on customer data, we provide additional protection, shielding your IP from external mining risks and ensuring confidentiality.

bottom of page