Privacy Policy

This Privacy Policy describes how erabot.ai (“we,” “us,” or “our”) collects, uses, stores, and protects your personal data when you use our AI code cost analysis and optimization platform (the “Service”). This policy applies to all users worldwide, including users in the European Economic Area (EEA), United Kingdom, and other jurisdictions with data protection laws.

We are committed to protecting your privacy and handling your data transparently. Please read this policy carefully before using the Service.

Operated by: Rohan Shah (trading as erabot.ai)

Contact: privacy@erabot.ai

1. Information We Collect

1.1 Account Data

When you create an erabot.ai account, we collect:

• Email address -- used for authentication, account recovery, and service communications
• Name -- used for account identification and report personalization
• Password -- stored as an Argon2 hash; we never store plaintext passwords
• Authentication tokens -- JWT tokens stored in HTTP-only secure cookies

1.2 Code Analysis Data

When you submit code for analysis, we process:

• Source code -- submitted via paste, file upload, or GitHub repository connection
• File metadata -- file names, line counts, programming languages detected
• Scan results -- LLM API call patterns detected, token usage estimates, cost calculations, optimization recommendations

Important: Your raw source code is deleted immediately after the scan completes. See Section 3 for full details.

1.3 Usage Data

We automatically collect:

• Scan history -- timestamps, scan types, number of files scanned
• Feature usage -- which report formats you generate, features accessed
• Session data -- login timestamps, session duration, pages visited
• Device information -- browser type, operating system, screen resolution

1.4 Payment Data

If you subscribe to a paid plan:

• Payment processing -- handled entirely by Stripe. We do not store, process, or have access to your credit card numbers, CVV, or full card details.
• Billing metadata -- we store your Stripe customer ID, subscription plan, billing cycle, and payment status

1.5 GitHub Data (Optional)

If you connect your GitHub account:

• Repository metadata -- repository names, file structures, language statistics
• Source code -- fetched via GitHub API for analysis only, subject to the same immediate deletion policy
• GitHub authorization token -- encrypted at rest using Fernet symmetric encryption

2. How We Use Your Information

We use the information we collect for the following purposes:

• Providing the Service -- analyzing your code for AI API cost optimization, generating scan reports, producing code diffs and recommendations
• Generating reports -- creating PDF reports, Markdown files, and auto-fix diffs based on your scan results
• Account management -- authenticating your identity, managing your subscription, processing payments via Stripe
• Service improvement -- analyzing aggregate usage patterns to improve scan accuracy, report quality, and user experience
• Communications -- sending account-related emails (password resets, subscription changes, security alerts). We do not send marketing emails without explicit opt-in consent.
• Security -- detecting and preventing unauthorized access, abuse, and fraudulent activity

We do not sell, rent, or trade your personal data to third parties. We do not use your submitted code for training AI models.

2a. We Do Not Train On Your Code

erabot.ai does not train any machine learning models on customer code or scan data. Your source code is used solely to generate the audit report that you receive. We do not build, fine-tune, evaluate, benchmark, or otherwise improve any of our own models using your code. This includes proprietary models, derivative models, and research prototypes. No exception is made for free-tier users, paid-tier users, or trial users.

We also do not retain copies of your code for any internal research, product improvement, or dataset curation purpose. See Section 3 for the full retention policy.

3. Code Analysis Data

This section describes exactly how your source code is handled. This is the most important section of this policy for developers considering whether to trust erabot.ai with their code.

3.1 Code Processing Pipeline

When you submit code for analysis:

1. Your code is received by our backend service hosted on Fly.io
2. The code scanner detects LLM API call patterns, token usage, and cost-relevant code paths
3. Detected code segments are sent to Google Gemini API for AI-powered analysis (with secrets redacted)
4. The audit engine generates findings, cost estimates, and optimization recommendations
5. Reports are generated (PDF, Markdown, auto-fix diffs) based on the findings
6. Your raw source code is deleted immediately after the scan completes

3.2 What Is Retained After a Scan

After your scan completes and raw code is deleted, we retain only:

• Scan metadata -- timestamp, file count, languages detected, scan duration
• Findings -- specific issues found, cost estimates, savings projections
• Generated reports -- PDF reports, Markdown reports, and code diff patches
• Aggregate statistics -- total estimated cost, potential savings percentage, number of issues found

3.3 What Is NOT Retained

• Raw source code -- deleted immediately after scan. Zero retention period.
• ChromaDB vectors -- any vector embeddings derived from your code during the scan are deleted when the scan completes
• Temporary files -- any intermediate processing files are deleted immediately

3.4 Secrets Redaction

Before any code is sent to the Google Gemini API for analysis, we perform a pre-scan secrets detection pass. Detected secrets (API keys, passwords, tokens, credentials) are redacted from the payload before it is transmitted to Google.

4. API Key Handling

4.1 Your erabot.ai API Keys

• API keys are stored using Fernet symmetric encryption at rest in our database
• Keys are never stored in plaintext
• Keys are decrypted only at the point of use and immediately discarded from memory
• Keys are never logged at any verbosity level
• Keys are never sent to third-party services

4.2 Your Third-Party API Keys

• These keys are encrypted with the same Fernet symmetric encryption at rest
• Keys are decrypted only when needed for API calls on your behalf
• Keys are never logged, cached in plaintext, or shared with any third party
• You can delete your stored API keys at any time from your account settings

5. Data Retention

Scan inputs (source code and uploaded files) are deleted within 30 days of scan completion — in practice, raw source code is deleted immediately after the scan finishes (zero retention period), which is stricter than the 30-day upper bound. The 30-day commitment is the worst-case retention guarantee for any intermediate processing artifacts. Scan results (findings, metrics, reports) are retained for the lifetime of your account so you can view historical scans.

6. Your Rights Under GDPR

If you are located in the European Economic Area (EEA) or the United Kingdom, you have the following rights under the General Data Protection Regulation (GDPR) and UK GDPR:

6.1 Right to Access (Article 15)

You have the right to request a copy of all personal data we hold about you.

6.2 Right to Rectification (Article 16)

You have the right to request correction of inaccurate personal data.

6.3 Right to Erasure (“Right to Be Forgotten”) (Article 17)

You have the right to request deletion of your personal data. You can delete individual scan results from your dashboard or delete your entire account.

Delete all your data: You can delete every scan, finding, and account record at any time. Visit your account settings and click “Delete all my data,” or send a request to privacy@erabot.ai. The backend endpoint is DELETE /api/account/data, which cascades through all of your scan history, findings, subscription tier records, and account data. Your user row itself is soft-deleted (email replaced with a non-routable placeholder, and a deletion timestamp is recorded) to preserve Stripe billing audit trails, as required by financial record-keeping regulations.

6.4 Right to Data Portability (Article 20)

You have the right to receive your personal data in a structured, commonly used, machine-readable format.

6.5 Right to Restriction of Processing (Article 18)

You have the right to request that we restrict processing of your personal data in certain circumstances.

6.6 Right to Object (Article 21)

You have the right to object to processing of your personal data for certain purposes.

6.7 Subject Access Request (SAR)

To exercise any of these rights, submit a Subject Access Request to:

Email: privacy@erabot.ai
Subject line: “Subject Access Request -- [Your Right]”

We will respond to your request within 30 days, as required by GDPR.

6.8 Data Protection Officer (DPO)

Our Data Protection Officer can be contacted at: privacy@erabot.ai

6.9 Right to Lodge a Complaint

You have the right to lodge a complaint with your local supervisory authority. For UK residents, this is the Information Commissioner's Office (ICO).

7. Legal Basis for Processing (GDPR)

8. International Data Transfers

Your data may be transferred to and processed in countries outside your country of residence:

8.1 Google Gemini API (United States)

Code segments (with secrets redacted) are sent to Google's Gemini API for AI-powered analysis. Google acts as a data processor under the Google Cloud Platform Data Processing Addendum (GCP DPA). Standard Contractual Clauses (SCCs) apply for international transfers.

Google does not train on Gemini API data. Google processes scan inputs exclusively to generate Erabot's audit results and does not use paid Gemini API data to train or improve its own models. See Google's Gemini API data governance policy for the full contractual commitment from Google.

8.2 Fly.io (Global)

Our application is hosted on Fly.io infrastructure under a Data Processing Agreement.

8.3 Stripe (United States)

Payment data is processed by Stripe, Inc. Stripe maintains Standard Contractual Clauses for international transfers.

9. Third-Party Services

Full subprocessor list: Google Cloud (Gemini API), Fly.io, Stripe, Resend, Sentry, PostHog, and GitHub (optional integration only). All subprocessors operate under Data Processing Agreements and, where data is transferred outside the EEA/UK, under Standard Contractual Clauses (SCCs). For a downloadable list of subprocessors with data center locations, see our Data Processing Agreement (DPA) template.

We do not use advertising networks, tracking pixels, or third-party analytics that would share your data with advertisers.

10. Data Security

• Encryption at rest -- API keys encrypted with Fernet; database via PostgreSQL TLS
• Encryption in transit -- All connections require TLS 1.2+; HSTS enforced
• Authentication -- JWT in HTTP-only secure cookies; Argon2 password hashing
• Secret detection -- Pre-scan secrets redaction before external API calls
• Logging -- Structured logging excluding sensitive data

11. Children's Privacy

erabot.ai is not directed at children under the age of 16. We do not knowingly collect personal data from children under 16.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Material changes will be communicated with at least 30 days' notice via email or prominent website notice.

13. Contact Us

Email: privacy@erabot.ai

Data Protection Officer: privacy@erabot.ai

Enterprise customers can download our standard Data Processing Agreement (DPA) template. Custom DPA terms can be negotiated through legal@erabot.ai.

14. Jurisdiction-Specific Provisions

14.1 California Residents (CCPA)

California residents have additional rights under the CCPA, including the Right to Know, Right to Delete, and Right to Opt-Out of Sale. We do not sell your personal information.

14.2 UK Residents

For UK residents, references to “GDPR” include the UK GDPR under the Data Protection Act 2018. Your supervisory authority is the Information Commissioner's Office (ICO).