Privacy Policy

FixVion ("we", "us", "our", or "Company") operates the FixVion Fixvion platform and related services (collectively, the "Service"). This Privacy Policy describes how we collect, use, process, and protect your personal information and code when you use our Service.

By using our Service, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with our policies and practices, please do not use our Service.

This Privacy Policy should be read together with our Terms of Service, which govern your use of the Service.

We collect several types of information from and about users of our Service:

2.1. Information You Provide Directly:

• Account Information: Name, email address, username, password, and profile information when you create an account
• Code and Projects: Code files, code snippets, project files, and related metadata that you upload for analysis
• Payment Information: Billing address, payment method details (processed securely through third-party payment processors), and transaction history
• Communication Data: Messages, feedback, support requests, and other communications you send to us
• Survey and Feedback: Responses to surveys, feedback forms, and user research questionnaires

2.2. Information Collected Automatically:

• Usage Data: Information about how you access and use the Service, including timestamps, features used, and actions taken
• Device Information: Device type, operating system, browser type, IP address, and device identifiers
• Log Data: Server logs, error logs, and diagnostic information
• Cookies and Tracking Technologies: Information collected through cookies, web beacons, and similar tracking technologies (see Section 8 for details)

2.3. Information from Third Parties:

• Authentication Services: If you sign in using third-party authentication (e.g., GitHub, Google), we may receive profile information from those services
• Payment Processors: Transaction and payment information from our payment processing partners
• Analytics Providers: Aggregated usage and performance data from analytics services

We use the information we collect for the following purposes:

3.1. Service Provision:

• Provide, operate, maintain, and improve the Service
• Process and analyze your code uploads
• Generate code analysis reports, recommendations, and insights
• Authenticate your identity and manage your account
• Process payments and manage subscriptions

3.2. Communication:

• Send you service-related notifications, updates, and alerts
• Respond to your inquiries, comments, and support requests
• Send you important notices about changes to our Service or policies
• Provide customer support and technical assistance

3.3. Service Improvement:

• Analyze usage patterns and trends to improve our Service
• Develop new features and functionality
• Conduct research and analytics to enhance code analysis algorithms
• Test and optimize the performance of our Service

3.4. Security and Compliance:

• Detect, prevent, and address security threats and fraudulent activity
• Enforce our Terms of Service and other policies
• Comply with legal obligations and respond to legal requests
• Protect the rights, property, and safety of FixVion, our users, and others

3.5. Marketing (with your consent):

• Send you promotional communications about new features, products, or services (you can opt-out at any time)
• Personalize content and advertisements
• Conduct marketing research and surveys

We understand that your code is valuable and confidential. We are committed to protecting your code with the highest standards of security and privacy:

4.1. Code Ownership and Rights:

• You retain all ownership rights to your code
• We do not claim any ownership or intellectual property rights to your code
• We will not use your code for any purpose other than providing the analysis services you request

4.2. Code Protection Measures:

• Encryption: All code uploads are encrypted in transit using TLS/SSL and encrypted at rest using industry-standard encryption algorithms
• Access Controls: Strict access controls ensure only authorized personnel can access code, and only for service provision purposes
• Isolation: Your code is stored in isolated, secure environments separate from other users' code
• No Sharing: We never share, sell, or disclose your code to third parties except as necessary to provide the Service or as required by law
• No Training: We do not use your code to train AI models or improve our algorithms without your explicit consent

4.3. Code Retention and Deletion:

• You can delete your code at any time through your account dashboard
• We retain code only as long as necessary to provide the Service or as required by law
• When you delete code, it is permanently removed from our systems within 30 days
• Backup copies may be retained for up to 90 days for disaster recovery purposes

4.4. Enterprise and Compliance:

• Enterprise customers may have additional security and compliance features
• We can provide data processing agreements (DPAs) for enterprise customers
• We comply with industry standards including SOC 2, ISO 27001, and GDPR

We do not sell your personal information or code. We may share your information only in the following circumstances:

5.1. Service Providers:

• We may share information with trusted third-party service providers who assist us in operating the Service, such as:
  • Cloud hosting and infrastructure providers
  • Payment processing services
  • Email and communication services
  • Analytics and monitoring tools
• These service providers are contractually obligated to protect your information and use it only for the purposes we specify

5.2. Legal Requirements:

• We may disclose information if required by law, court order, or government regulation
• We may disclose information to respond to legal process, enforce our Terms, or protect rights and safety
• We will notify you of such disclosures when legally permitted

5.3. Business Transfers:

• In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity
• We will notify you of any such change in ownership or control of your information

5.4. With Your Consent:

• We may share information with your explicit consent or at your direction
• You can withdraw your consent at any time

We implement comprehensive security measures to protect your information and code:

6.1. Technical Safeguards:

• Encryption: End-to-end encryption for data in transit (TLS 1.3) and at rest (AES-256)
• Access Controls: Multi-factor authentication, role-based access controls, and least-privilege principles
• Network Security: Firewalls, intrusion detection systems, and DDoS protection
• Secure Infrastructure: Hosted on secure, compliant cloud infrastructure with regular security audits

6.2. Organizational Safeguards:

• Regular security training for all employees
• Strict confidentiality agreements for all personnel
• Regular security assessments and penetration testing
• Incident response procedures and breach notification protocols

6.3. Compliance and Certifications:

• SOC 2 Type II compliance
• ISO 27001 information security management
• GDPR compliance for European users
• Regular third-party security audits

6.4. Security Limitations:

While we implement industry-standard security measures, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security, but we are committed to protecting your information using commercially reasonable means.

We retain your information for different periods depending on the type of data and purpose:

7.1. Account Information:

• Retained for as long as your account is active
• After account deletion, we may retain certain information for up to 90 days for security and legal compliance purposes

7.2. Code and Analysis Data:

• Retained until you delete it or close your account
• Permanently deleted within 30 days of deletion request
• Backup copies may be retained for up to 90 days for disaster recovery

7.3. Payment Information:

• Retained as required by law for tax and accounting purposes (typically 7 years)
• Payment card details are not stored by us; they are processed by secure third-party payment processors

7.4. Logs and Analytics:

• Server logs and analytics data are retained for up to 12 months
• Aggregated, anonymized data may be retained longer for service improvement purposes

7.5. Legal Requirements:

We may retain information longer if required by law, court order, or to resolve disputes, enforce agreements, or protect our rights.

Depending on your location, you may have certain rights regarding your personal information. We respect and facilitate the exercise of these rights:

8.1. Access and Portability:

• Request access to your personal information we hold
• Receive a copy of your data in a structured, machine-readable format
• Export your account data and code through your account dashboard

8.2. Correction and Update:

• Update and correct inaccurate or incomplete information
• Modify your account settings and preferences

8.3. Deletion:

• Request deletion of your personal information and code
• Delete your account and all associated data
• Note: Some information may be retained as required by law or for legitimate business purposes

8.4. Objection and Restriction:

• Object to processing of your information for certain purposes
• Request restriction of processing in certain circumstances
• Opt-out of marketing communications (you can also unsubscribe via email links)

8.5. Withdrawal of Consent:

• Withdraw consent for processing where consent is the legal basis
• Note: Withdrawal may affect your ability to use certain features of the Service

8.6. How to Exercise Your Rights:

• Use your account dashboard to access, update, or delete your information
• Contact us at privacy@fixvion.com or through our contact form
• We will respond to your request within 30 days (or as required by applicable law)
• We may verify your identity before processing certain requests

8.7. Right to Lodge a Complaint:

If you are located in the European Economic Area (EEA) or other jurisdictions with data protection authorities, you have the right to lodge a complaint with your local data protection authority if you believe we have violated your privacy rights.

We use cookies, web beacons, pixels, and similar tracking technologies (collectively, "Tracking Technologies") to collect and store information about your use of our Service. This section explains what these technologies are, how we use them, and your choices regarding their use.

9.1. What Are Cookies and Tracking Technologies:

• Cookies: Small text files stored on your device when you visit a website. They help websites remember your preferences and improve your browsing experience
• Web Beacons: Small invisible images embedded in web pages or emails that track when content is viewed
• Pixels: Code snippets that track user interactions and conversions
• Local Storage: Browser storage mechanisms that store data locally on your device
• Session Storage: Temporary storage that persists only during your browser session

9.2. Types of Cookies We Use:

• Essential Cookies (Strictly Necessary): These cookies are required for the Service to function properly and cannot be disabled. They include:
  • Authentication cookies that keep you logged in
  • Security cookies that protect against fraud and unauthorized access
  • Session cookies that maintain your session state
  • Load balancing cookies that distribute traffic across servers
• Functional Cookies: These cookies enhance functionality and personalization:
  • Remember your language preferences and regional settings
  • Store your UI preferences (theme, layout, display options)
  • Remember your analysis history and saved projects
  • Maintain your dashboard preferences and customizations
• Analytics Cookies (Performance): These cookies help us understand how users interact with our Service:
  • Track page views, user flows, and navigation patterns
  • Measure feature usage and identify popular functionality
  • Monitor performance metrics and identify technical issues
  • Analyze error rates and improve service reliability
• Marketing Cookies (Advertising): These cookies are used to deliver relevant content and advertisements (only with your consent):
  • Track campaign effectiveness and conversion rates
  • Deliver personalized advertisements based on your interests
  • Measure the effectiveness of marketing campaigns
  • Enable retargeting and remarketing efforts

9.3. Cookie Duration:

• Session Cookies: Temporary cookies that expire when you close your browser. They are essential for maintaining your session while using the Service
• Persistent Cookies: Cookies that remain on your device for a set period (ranging from days to years) or until you delete them. They remember your preferences across sessions
• First-Party Cookies: Cookies set directly by FixVion on our domain
• Third-Party Cookies: Cookies set by third-party services integrated into our Service (e.g., analytics providers)

9.4. Third-Party Tracking Services:

We may use third-party services that employ their own tracking technologies:

• Analytics Services: We use analytics providers to understand usage patterns, improve performance, and enhance user experience. These services may collect information about your device, browser, IP address, and how you interact with our Service
• Error Tracking: We use error monitoring services to identify and fix technical issues, which may collect error logs and diagnostic information
• Performance Monitoring: Services that help us monitor and optimize the performance of our Service
• Content Delivery Networks (CDNs): Services that deliver content efficiently, which may use cookies to optimize delivery

These third-party services have their own privacy policies and data practices. We encourage you to review their privacy policies to understand how they collect and use information.

9.5. How to Manage Cookies and Tracking:

You have several options to control or limit how cookies and tracking technologies are used:

• Cookie Consent Banner: When you first visit our Service, you can accept or reject non-essential cookies through our cookie consent banner. You can change your preferences at any time through your account settings
• Browser Settings: Most browsers allow you to control cookies through their settings. You can:
  • Block all cookies or only third-party cookies
  • Delete existing cookies
  • Set your browser to notify you before accepting cookies
  • Configure your browser to delete cookies when you close it
• Browser Extensions: You can install browser extensions that block tracking cookies and technologies
• Do Not Track (DNT): Some browsers offer a "Do Not Track" feature that signals websites not to track you. While we respect DNT signals, our Service may still use essential cookies required for functionality
• Opt-Out Tools: You can use industry opt-out tools provided by advertising networks and analytics providers to opt out of certain tracking

9.6. Impact of Disabling Cookies:

• Disabling essential cookies will prevent you from using certain features of the Service, including logging in, maintaining your session, and accessing secure areas
• Disabling functional cookies may result in a less personalized experience, and you may need to re-enter preferences each time you visit
• Disabling analytics cookies will not affect the functionality of the Service but will prevent us from understanding how to improve it
• Disabling marketing cookies will not affect core functionality but may result in less relevant advertisements

9.7. Mobile Device Tracking:

When you access our Service on mobile devices, we may use similar tracking technologies, including:

• Mobile device identifiers (such as device IDs and advertising IDs)
• Location data (with your permission)
• Mobile analytics tools

You can control mobile tracking through your device settings, including location services and advertising preferences.

9.8. Updates to Our Cookie Practices:

We may update our use of cookies and tracking technologies from time to time. We will notify you of significant changes through our Service or by other means. We encourage you to review this section periodically to stay informed about our tracking practices.

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that differ from those in your country.

10.1. Transfer Mechanisms:

• We use appropriate safeguards to protect your information during international transfers
• For transfers from the EEA, we rely on Standard Contractual Clauses (SCCs) and other approved transfer mechanisms
• We ensure that third-party service providers maintain adequate data protection standards

10.2. Your Rights:

Regardless of where your information is processed, we apply the same privacy protections described in this Privacy Policy and comply with applicable data protection laws.

Our Service is not intended for individuals under the age of 13 (or the minimum age in your jurisdiction). We do not knowingly collect personal information from children under 13.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately. If we become aware that we have collected personal information from a child under 13 without parental consent, we will take steps to delete that information promptly.

If you are between 13 and 18 years old (or the age of majority in your jurisdiction), you must have your parent's or guardian's permission to use our Service.

Our Service may contain links to third-party websites, services, or applications that are not owned or controlled by FixVion. This Privacy Policy does not apply to third-party services.

12.1. Third-Party Services We Use:

• Payment Processors: For processing payments (e.g., Stripe, PayPal)
• Cloud Infrastructure: For hosting and infrastructure services
• Analytics Services: For understanding usage patterns and improving the Service
• Communication Tools: For customer support and notifications

12.2. Your Responsibility:

• We encourage you to review the privacy policies of third-party services you interact with
• We are not responsible for the privacy practices or content of third-party services
• Your interactions with third-party services are subject to their terms and privacy policies

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

• Right to Know: Request disclosure of the categories and specific pieces of personal information we collect, use, and disclose
• Right to Delete: Request deletion of your personal information (subject to certain exceptions)
• Right to Opt-Out: Opt-out of the sale of personal information (we do not sell personal information)
• Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights

To exercise your California privacy rights, please contact us using the information provided in Section 15.

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make changes, we will:

• Update the "Last Updated" date at the top of this Privacy Policy
• Notify you of material changes via email or through the Service
• Post the updated Privacy Policy on our website
• For significant changes, we may provide additional notice or obtain your consent where required by law

Your continued use of the Service after changes become effective constitutes your acceptance of the updated Privacy Policy. If you do not agree to the changes, you should stop using the Service and may delete your account.

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.