Privacy Policy
Effective Date: April 5, 2026 · Last Updated: May 4, 2026
1. Introduction
This Privacy Policy explains how AgentNoah (“the Service”), operated by AgentNoah (“we”, “us”, “our”), collects, uses, and protects your information. We are committed to transparency — especially regarding how your code is handled.
By using AgentNoah, you consent to the practices described in this Privacy Policy.
2. Information We Collect
2.1 Account Information (via GitHub OAuth)
When you sign in with GitHub, we receive and store:
- GitHub user ID
- GitHub username
- Display name
- Email address (primary verified email from your GitHub account)
- Avatar URL
- GitHub access token (encrypted, used solely to access repositories you authorize)
2.2 Audit Data
When you run an audit, we store:
- Audit findings: Vulnerability descriptions, severity ratings, confidence scores, file paths, line numbers, and suggested fixes
- Audit metadata: Timestamp, duration, status (completed/failed), repository name, commit SHA, audit type (full / quick / discovery / red-team)
- Workspace metadata (workspace_memory): Detected tech stack (languages, frameworks, databases, cloud), business context (app name, summary, stage), critical paths, data-sensitivity declarations, severity rules, focus areas, audit plan (investigation targets, bug-class priors, out-of-scope), coding-style fingerprints, and any business context notes you provide. Generated by the BYOL Discovery scan run inside YOUR IDE LLM at first repo connect; updated on subsequent discovery re-runs.
- Red Team Brief output: If you run the Red Team Brief feature, the kill-chain narrative + fix-priority markdown produced by your IDE LLM is stored against the audit ID.
- Embedding vectors: Numerical-array embeddings of finding descriptions (NOT the source code) generated via the Google Gemini Embedding API for similarity search and cross-audit memory.
2.3 Subscription & Billing Data
- Subscription plan and status
- Paddle customer ID (we do NOT store credit card numbers, CVVs, or full card details — Paddle handles all payment data)
- Billing history (plan changes, invoices)
2.4 Usage Data
- Number of audits run
- Feature usage patterns (which pages visited, which actions taken)
- Error logs for debugging
2.5 Cookies
We use the following cookies:
- Session cookie (
an_session): Encrypted, HttpOnly. Contains your user ID, plan, and API key. Expires after 7 days. - OAuth state cookie (
oauth_state): HttpOnly. Used for CSRF protection during GitHub login. Expires after 10 minutes and is cleared after use. - Paddle checkout cookies: When you proceed to checkout, Paddle's embedded billing flow may set its own cookies for fraud prevention and session continuity. These are set by Paddle, governed by their privacy policy, and only appear during the checkout flow. Paddle Privacy Policy
We do NOT use third-party tracking cookies (no Google Analytics, no Meta Pixel, no advertising networks).
3. Information We Do NOT Collect
This is the most important section:
- We do NOT store your source code.Most operations (audit, fix-via-IDE, build, discovery, red-team) run inside YOUR IDE LLM via the BYOL MCP — AgentNoah's servers never see your full source code during these BYOL operations. When the daemon needs to fetch source from GitHub at audit time (to render the prompt for the IDE LLM, or to apply a REPLACE auto-fix), the file contents are processed in memory and discarded after the operation completes. No source code is persisted to our database or file system.
- We do NOT sell your data. Not to advertisers, data brokers, or anyone else.
- We do NOT use your code to train AI models. The bulk of AI inference happens in your IDE's LLM session under your IDE provider's terms. Server-side AI usage is limited to (a) the Google Gemini Embedding API for similarity search (vectors only, not source) and (b) Anthropic Claude Sonnet 4.6 for opt-in REPLACE autonomous-fix (specific triggering commit only). Both providers state their API terms forbid using API inputs as training data.
4. How We Use Your Information
| Data | Purpose |
|---|---|
| GitHub profile | Authentication, display in dashboard |
| GitHub access token | Fetch repository contents for audits (read-only access to authorized repos) |
| Email address | Account recovery, billing receipts, critical service notifications |
| Audit findings | Display in your dashboard, generate patterns/metrics |
| Workspace metadata | Improve audit accuracy for your specific tech stack |
| Subscription data | Manage your plan, enforce usage limits |
| Usage data | Improve the Service, debug issues |
5. Third-Party Services
5.1 AI Providers (Code Analysis)
Most code analysis runs in YOUR IDE LLM, not on our servers. AgentNoah is a v14 BYOL MCP-first product: when you connect Claude Code, Cursor, VS Code Copilot, or any MCP-capable IDE, audit/fix/build/discovery/red-team operations execute inside that IDE's LLM session using your existing AI subscription. AgentNoah's servers never see your full source code during these BYOL operations.
Two narrow server-side AI integrations remain:
- Google Gemini Embedding API— used for similarity search and cross-audit memory. We send only embedding vectors of finding descriptions (numerical arrays, not human-readable text) and finding fingerprint metadata (severity, file path, title). We do NOT send full source-code files to the embedding API. Cost ~$0.0075/audit. Google AI Terms
- Anthropic (Claude Sonnet 4.6) — used onlywhen REPLACE autonomous-fix mode is explicitly enabled per-repo (paid $3/fix add-on, opt-in, off by default). Source code for the specific commit that triggered the fix is sent to Anthropic to generate the fix patch. Disabled by default; toggle per-repo from Settings → Connected Repositories. Anthropic Privacy Policy
Both providers state in their API terms that they do NOT use API inputs to train their models. The bulk of code analysis happens in your IDE's LLM session under your IDE provider's terms, not ours.
5.2 Infrastructure
- Google Cloud Platform (GCP)— Hosts our entire backend stack: Cloud Run (daemon API + dashboard frontend), Cloud SQL (PostgreSQL with pgvector), Secret Manager (API keys + GitHub tokens at rest). Data stored in
asia-southeast1(Singapore) region. - Cloudflare— DNS, edge proxy / Worker, DDoS protection, WAF, and Bot Fight Mode for
agentnoah.dev. All inbound traffic to our backend routes through Cloudflare. We also use Cloudflare Web Analytics (cookieless, see Section 7b). Cloudflare Privacy Policy - Resend— Transactional email service for billing receipts, security notifications (e.g., key rotation confirmation, REPLACE-cap warnings), and audit-completion summaries. Receives only your email address and the message content. Resend Privacy Policy
5.3 Payments
Paddle processes all payments as our Merchant of Record. Paddle is PCI DSS Level 1 certified and handles all tax, invoicing, and compliance. We never see or store your full card details. See Paddle Privacy Policy.
5.4 Authentication
GitHub — OAuth provider. We request read:user, user:email, and repo scopes.
6. Data Retention
| Data | Retention |
|---|---|
| Account information | Until you delete your account |
| Audit findings | Until you delete your account |
| Workspace metadata | Until you delete your account |
| Source code | Not retained— processed in memory, discarded after audit |
| Billing records | As required by Philippine tax law (up to 10 years for financial records) |
| Analytics events | 18 months |
| Server logs | 30 days |
7. Data Security
We implement the following security measures:
- All data in transit is encrypted via TLS 1.2+
- Session tokens are encrypted with AES-256-GCM
- GitHub access tokens are stored encrypted at rest
- Database credentials are managed via GCP Secret Manager
- OAuth login is protected against CSRF attacks via cryptographic state parameter
- Paddle webhooks are verified via HMAC signature validation
- API keys are scoped per user and can be rotated
7b. Analytics & Tracking
Product analytics:
- We log product usage events (audit triggers, finding actions, plan changes, feature usage) in our database for analytics purposes.
- Events include: user ID, event type, timestamp, and event-specific metadata (e.g., plan name, audit duration). They do NOT include your source code.
- Analytics events are retained for 18 months, then archived or deleted.
Anonymous page view tracking:
- We use Cloudflare Web Analytics on our public pages (landing page, terms, privacy policy).
- Cloudflare Web Analytics does not use cookies, does not collect personal data, and does not track users across sites. It only counts page views and referrers anonymously.
- No third-party tracking pixels (Google Analytics, Meta Pixel, etc.) are used anywhere on this site.
8. Your Rights
8.1 Access & Export
You can view all your audit findings, patterns, and account data through the AgentNoah dashboard at any time.
8.2 Delete Your Account
You can permanently delete your account and all associated data from Settings > Delete Account in the dashboard. This immediately and irreversibly deletes:
- Your user profile and account
- All audit findings and history
- All workspace data
- Your subscription (canceled, no further charges)
8.3 Revoke GitHub Access
You can revoke AgentNoah's access to your GitHub repositories at any time via GitHub > Settings > Applications > Authorized OAuth Apps. This prevents future audits but does not delete your AgentNoah account or existing findings.
8.4 Data Portability
Contact us at agentnoah.dev@gmail.com to request an export of your data.
9. Philippine Data Privacy Act (RA 10173)
AgentNoah complies with the Philippine Data Privacy Act of 2012 (Republic Act No. 10173) and its Implementing Rules and Regulations:
- Lawful basis: We process your data based on your consent (given when you create an account) and contractual necessity (to provide the Service).
- Data Protection Contact: AgentNoah — agentnoah.dev@gmail.com
- NPC complaints: If you believe your data privacy rights have been violated, you may file a complaint with the National Privacy Commission (NPC) at privacy.gov.ph.
10. International Users
AgentNoah is operated from the Philippines with infrastructure in Singapore (GCP asia-southeast1). If you access the Service from outside the Philippines, your data may be transferred to and processed in the Philippines and Singapore. By using the Service, you consent to this transfer.
For users in the European Economic Area (EEA), we process your data on two GDPR Article 6 lawful bases: (a) contractual necessity (Article 6.1.b) — most processing is necessary to provide the audit/build/discovery services you signed up for; (b) consent (Article 6.1.a) for any optional features you explicitly enable (e.g., the REPLACE autonomous-fix add-on). You have the right to withdraw consent for optional features at any time by toggling them off, and the right to delete your account at any time which terminates all processing.
11. Children's Privacy
AgentNoah is not intended for users under 18 years of age. We do not knowingly collect information from children. If we discover that a child under 18 has created an account, we will delete it.
12. Changes to This Policy
We may update this Privacy Policy from time to time. Material changes will be communicated via the email associated with your GitHub account. The “Last Updated” date at the top reflects the most recent revision.
13. Contact
For privacy questions, data requests, or concerns:
- Email: agentnoah.dev@gmail.com
- GitHub: github.com/guevae2
- NPC (Philippines): privacy.gov.ph
This Privacy Policy was last updated on May 4, 2026.