Privacy Policy | IntentGuard

SECTION 01

Who We Are

This Privacy Policy describes how Intouch Prepaid (Pty) Ltd, a company registered in the Republic of South Africa, trading as IntentGuard ("we", "us", "our"), collects, uses, and protects personal data when you use the IntentGuard platform at intentguard.dev and app.intentguard.dev.

For the purposes of the General Data Protection Regulation (GDPR), Intouch Prepaid (Pty) Ltd is the data controller for personal data processed through the Service.

Contact us about privacy matters at: [email protected]

SECTION 02

Data We Collect

We collect only the data necessary to provide and improve the Service. We do not sell personal data.

Account Data

Email address (required for account creation)
Name (optional, if provided)
GitHub username and OAuth token (if GitHub authentication is used)
Organisation name (if applicable)

Usage & Product Data

Audit metadata: repository name (as provided by you), audit timestamps, finding counts, severity scores, compliance framework flags
Feature usage events: pages visited, features activated, report downloads
Trial status, subscription tier, quota usage

Payment Data

Payment information (card details, billing address, VAT number) is collected and processed by Paddle.com Market Limited acting as Merchant of Record. We do not store or have access to your full payment card details. We receive transaction confirmation, subscription status, and billing address from Paddle for account management purposes.

Technical & Log Data

IP address (collected by Cloudflare and Vercel for security and DDoS protection)
Browser type and version
Request logs (timestamp, endpoint, HTTP status — no personal content)
Error logs via Sentry (PII is scrubbed before logs are transmitted)

Waitlist Data

If you submit your email on our pre-launch waitlist, we collect your email address and the referral source. This data is used solely to notify you of product availability and onboarding.

What We Do NOT Collect

Code is not personal data — and we don't store it We do not collect, retain, or store the source code you submit for auditing. Code is processed in memory during the audit and permanently deleted upon audit completion. See Section 4 for our full code handling commitment.

SECTION 03

How We Use Your Data

Account management: Creating and managing your account, authenticating your identity, maintaining your session.
Service delivery: Processing audit requests, generating reports, storing your reports for access.
Billing & subscriptions: Managing your subscription via Paddle, processing upgrades and downgrades, sending billing-related emails.
Communications: Transactional emails (audit completions, billing events, account changes), product updates, and launch notifications where you have consented.
Security & fraud prevention: Detecting and preventing abuse, enforcing rate limits, investigating security incidents.
Product improvement: Anonymised aggregate analytics (e.g. which features are used, conversion rates) to improve the platform. We do not profile individual users for advertising.
Legal obligations: Complying with applicable laws, responding to lawful requests from authorities.

SECTION 04

Code Auditing — Our Core Commitment

Foundational Data Commitment Code submitted for auditing is processed temporarily and is never stored permanently, never used to train AI models, and is deleted immediately after audit completion. This is not a default setting — it is a foundational, non-negotiable commitment of the Service.

In detail, this means:

When you submit a repository for auditing, code is pulled from your GitHub connection and passed to our backend processing environment (Railway, EU region) for analysis.
Code chunks are segmented and passed to AI models (Anthropic Claude, Google Gemini, Mistral, Azure OpenAI) for multi-model consensus analysis. Each of these providers has a Data Processing Agreement in place with us, and none of them use submitted code to train or fine-tune their models.
Code is held in memory only for the duration of the audit. It is not written to any persistent storage, database, or object store.
Upon audit completion (whether successful or failed), all code in memory is discarded.
The audit result stored in your account contains: findings, severity scores, compliance mappings, remediation guidance, and the generated report. It does not contain any raw code.

Report Generation & Batch Processing

Batch API Disclosure After agent analysis completes, IntentGuard generates persona-specific audit reports using Anthropic's Message Batches API. Only anonymised findings — severity scores, finding summaries, and compliance flags — are submitted to this service. No source code, raw file paths, or personal data are included. Data processed via Anthropic's Batch API is retained by Anthropic for up to 30 days in accordance with their standard data retention policy. Raw source code never leaves IntentGuard's infrastructure at any stage of processing.

SECTION 05

Legal Basis for Processing (GDPR)

For users in the European Economic Area (EEA) and United Kingdom, we process personal data on the following legal bases:

Contract (Article 6(1)(b)): Processing necessary to provide the Service you have signed up for — account management, audit processing, billing, report delivery.
Legitimate interests (Article 6(1)(f)): Security monitoring, fraud prevention, error logging (with PII scrubbing), and product analytics (anonymised). We have assessed these interests and determined they do not override your rights.
Consent (Article 6(1)(a)): Analytics cookies on the marketing site (intentguard.dev). You may withdraw consent at any time via the cookie banner.
Legal obligation (Article 6(1)(c)): Compliance with applicable laws and responding to lawful regulatory requests.

SECTION 06

Data Retention

Data Category	Retention Period	Reason
Submitted code	Deleted immediately post-audit	Core commitment — no persistence
Anthropic Batch API — anonymised findings	Up to 30 days (Anthropic standard policy)	Report generation; third-party sub-processor retention
Account data (email, name, org)	Duration of account + 30 days after closure	Service delivery; post-closure data export window
Audit metadata & reports	Duration of account + 30 days	Service delivery; historical access
Billing records	7 years from transaction date	Legal obligation (tax and financial records)
Error logs (Sentry)	90 days	Debugging and service improvement
Access/request logs	30 days	Security monitoring
Waitlist emails	Until onboarded or you unsubscribe	Launch notification

Upon account closure, we will delete or anonymise your personal data within 30 days, except where longer retention is required by law (such as billing records).

SECTION 07

Sub-processors

We use the following third-party sub-processors to deliver the Service. All sub-processors are bound by data processing agreements and may only process your data as instructed by us.

Sub-processor	Purpose	Region	Data Processed
Supabase	Database & authentication	EU West	Account data, audit metadata, session tokens
Railway	Backend hosting & audit processing	EU	Code chunks during audit (temporary), API requests
Vercel	Frontend hosting	Edge / Global	Request logs only; no personal data stored
Cloudflare	DDoS protection, WAF, DNS	Global	IP addresses (security); no content inspection
Resend	Transactional email	EU	Email address, email content
Paddle	Payment processing (Merchant of Record)	US / Global	Billing data, payment card details, VAT
Sentry	Error tracking	EU	Error logs (PII scrubbed before transmission)
PostHog	Product analytics	EU	Usage events, anonymised where possible
Anthropic (Claude) — Agent Analysis	AI analysis (security, compliance, architecture agents)	US	Code chunks during audit only (real-time API); DPA in place; not used for training
Anthropic (Claude) — Report Generation	Report writing (Message Batches API)	US	Anonymised findings only — no source code, no PII; retained up to 30 days per Anthropic standard policy; DPA in place; not used for training
Google (Gemini)	AI analysis	EU (europe-west4)	Code chunks during audit only; DPA in place; not used for training
Mistral AI	AI analysis	EU	Code chunks during audit only; not used for training
Microsoft Azure OpenAI	AI analysis	Global	Code chunks during audit only; DPA in place; not used for training
GitHub	Repository access (OAuth)	US	OAuth token, repository metadata, code access during audit

We review our sub-processor list regularly. We will notify active account holders of any significant changes to sub-processors that affect how their data is handled.

SECTION 08

International Data Transfers

Some of our sub-processors are located outside the European Economic Area (EEA). Where personal data is transferred to a country that does not provide an equivalent level of data protection, we rely on one or more of the following safeguards:

Standard Contractual Clauses (SCCs) adopted by the European Commission, incorporated into our Data Processing Agreements with sub-processors.
Adequacy decisions where applicable.
Supplementary technical measures, including encryption in transit and at rest.

A copy of the relevant transfer mechanisms can be requested by emailing [email protected].

SECTION 09

Your Rights

Depending on your location, you have the following rights regarding your personal data:

Right of Access

Request a copy of the personal data we hold about you.

Right to Rectification

Ask us to correct inaccurate or incomplete personal data.

Right to Erasure

Ask us to delete your personal data (subject to legal retention requirements).

Right to Portability

Receive your data in a structured, machine-readable format.

Right to Object

Object to processing based on legitimate interests or for direct marketing.

Right to Restrict

Ask us to pause processing of your data in certain circumstances.

Right to Withdraw Consent

Where processing is based on consent (e.g. analytics cookies), withdraw at any time.

Right to Complain

Lodge a complaint with your local Data Protection Authority.

To exercise any of these rights, email [email protected] with the subject line "Privacy Rights Request". We will respond within 30 days. We may need to verify your identity before processing your request. Where we cannot confirm your identity from our existing records, we will ask you to confirm the email address registered to your account and at least one additional data point we already hold on file — we will never ask for copies of government-issued identification for routine requests.

SECTION 10

CCPA — California Residents

If you are a resident of California, you have the following rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

Right to Know: You may request disclosure of the categories and specific pieces of personal information we collect, the sources, the business purpose, and the third parties with whom we share it.
Right to Delete: You may request deletion of personal information we have collected from you, subject to certain exceptions.
Right to Correct: You may request correction of inaccurate personal information.
Right to Opt-Out of Sale: We do not sell personal information. We do not share personal information for cross-context behavioural advertising.
Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA rights.

To submit a CCPA request, email [email protected] with the subject line "CCPA Request". We will respond within 45 days.

Categories of Personal Information Collected (Past 12 Months)

Identifiers (email address, GitHub username)
Commercial information (subscription history, billing records via Paddle)
Internet or other network activity (usage events, request logs)
Inferences drawn to create a profile about features used (anonymised)

We do not collect sensitive personal information as defined under the CPRA.

SECTION 11

Cookies

Our use of cookies is deliberately minimal. We use cookies only where necessary or where you have given consent.

intentguard.dev (marketing site): Strictly necessary session cookies (no consent required), and PostHog analytics cookies (consent required via our cookie banner).
app.intentguard.dev (authenticated application): Strictly necessary session cookies only. No third-party analytics cookies are used in the authenticated app context. PostHog product events fire server-side or via first-party proxying — no consent banner is shown to authenticated users.

Our full Cookie Policy is available at intentguard.dev/cookies.

SECTION 12

Children's Privacy

The Service is not directed at, and we do not knowingly collect personal data from, individuals under the age of 18. If you are under 18, you must not use the Service. If we become aware that we have collected personal data from a person under 18 without parental consent, we will delete that data promptly. Contact us at [email protected] if you believe this has occurred.

SECTION 13

Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will:

Update the "Last updated" date at the top of this page.
Send an email notification to all active account holders at least 14 days before the changes take effect.
Where required by GDPR, obtain your consent before applying changes to how we process your data.

We encourage you to review this policy periodically. Continued use of the Service after the effective date of any changes constitutes acceptance of the updated policy.

SECTION 14

Contact & Complaints

Data Controller

Intouch Prepaid (Pty) Ltd · Trading as IntentGuard · Registered in South Africa

📧 Privacy enquiries: [email protected]

🌐 intentguard.dev

⏱ We aim to respond to all privacy requests within 30 days.

Supervisory Authority

If you are located in the European Union or EEA and believe we have not handled your personal data in compliance with GDPR, you have the right to lodge a complaint with your local Data Protection Authority. A list of EU supervisory authorities is available at edpb.europa.eu.

If you are located in South Africa, you may contact the Information Regulator: inforegulator.org.za