Legal
Privacy Policy
Last updated: July 8, 2026
What CapitalGuard collects
CapitalGuard collects account details, license purchase data, repository metadata, scan intake answers, redacted finding data, affiliate attribution, analytics events, and support communications needed to provide the service.
Customer code and secrets
CapitalGuard is designed to avoid displaying raw secrets. Secret-like values are redacted in reports. Uploaded repositories are deleted after scan completion unless monitoring is enabled by the customer.
Model training
CapitalGuard does not train models on customer code. Any AI-assisted analysis must follow the customer data handling rules defined in the service agreement and scan scope.
Service providers
The launch stack is prepared for Stripe payments, Supabase/Postgres, email delivery, analytics, GitHub App authorization, isolated workers, and PDF generation. Production providers should be listed here before launch.
Contact
Privacy and security questions can be sent to security@capitalguard.io.