Data Privacy Practices at CodeRabbit
Last updated June 7, 2024
At CodeRabbit, data privacy and security are top priorities. This guide outlines the key data privacy practices implemented to protect user information and ensure compliance with industry standards.
Step-by-Step Guide
1. Data Collection and Usage
a. Minimal Data Collection
- Necessary Information Only: CodeRabbit collects only the necessary data required to provide its services, such as user account details and repository information.
- Ephemeral Data Storage: Data collected during code reviews is stored temporarily and deleted once the review is completed.
b. Purpose of Data Usage
- Service Improvement: Data is used to enhance the quality of code reviews and improve AI accuracy over time.
- User Interaction: Data is utilized to facilitate user interactions with the platform, such as providing feedback and generating reports.
2. Data Storage and Security
a. Secure Data Storage
- Encrypted Storage: All data is stored in encrypted formats to prevent unauthorized access.
- Isolation: Data is isolated by organization to ensure that one organization's data is not accessible by another.
b. Compliance with Standards
- GDPR Compliance: CodeRabbit adheres to the General Data Protection Regulation (GDPR) to protect the privacy of users in the European Union.
- SOC2 Type II: Compliance with SOC2 Type II standards ensures that CodeRabbit maintains stringent security measures for data protection.
3. Data Retention and Deletion
a. Retention Policies
- Temporary Storage: Code reviewed data is stored only for the duration of the review process and is deleted immediately after.
- No Long-term Storage: CodeRabbit does not retain user code or data beyond the necessary period required for providing the service.
b. User Control
- Opt-out Options: Users can opt out of data storage features without affecting their access to CodeRabbit services. This may limit some personalization features.
- Data Deletion Requests: Users can request the deletion of their data at any time by contacting CodeRabbit support.
4. Data Privacy Measures
a. Access Controls
- Role-based Access: Access to data within CodeRabbit is restricted based on user roles to ensure that only authorized personnel can access sensitive information.
- Audit Logs: Comprehensive audit logs track access and changes to data, ensuring transparency and accountability.
b. Regular Security Audits
- Internal Audits: Regular internal security audits are conducted to identify and mitigate potential vulnerabilities.
- External Reviews: Periodic external security reviews and assessments are performed to ensure compliance with industry standards.
5. Transparency and User Rights
a. Transparent Practices
- Privacy Policy: CodeRabbit provides a clear and comprehensive privacy policy detailing how user data is collected, used, and protected.
- User Notifications: Users are informed about any changes to data privacy practices or policies.
b. User Rights
- Data Access: Users have the right to access the data that CodeRabbit holds about them.
- Correction Requests: Users can request corrections to any inaccuracies in their data.
Conclusion
CodeRabbit is committed to maintaining the highest standards of data privacy and security. By implementing robust data protection measures, adhering to industry standards, and ensuring user control over data, CodeRabbit ensures that user information is safeguarded at all times. For more detailed information, visit the CodeRabbit Privacy Policy or contact support for assistance. --- This guide provides a clear overview of CodeRabbit's data privacy practices, ensuring users understand how their data is protected and managed.