Privacy Policy

1. Introduction

Crack Thump Pty Ltd ("we," "our" or "us") operates CodeMarine, an AI code security platform that protects developers from vulnerabilities in AI-generated code. This Privacy Policy explains how we collect, use, disclose and safeguard your information when you use our website, software and services.

By using CodeMarine, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, do not use our services.

2. Information We Collect

2.1 Information You Provide

• Account Information: Name, email address, company name and payment information when you create an account or subscribe to our services.
• Contact Information: Information you provide when contacting us for support, feedback or inquiries.
• Usage Preferences: Settings and preferences you configure within CodeMarine.

2.2 Code and Security Data

• Code Analysis: Code snippets and patterns analyzed by CodeMarine for security vulnerabilities (processed locally on your machine when possible).
• Vulnerability Reports: Security findings, risk assessments and remediation suggestions.
• AI Assistant Interactions: Metadata about AI assistant usage patterns (not the actual code content).

2.3 Automatically Collected Information

• Usage Analytics: How you interact with CodeMarine, features used and performance metrics.
• Technical Information: IP address, browser type, operating system and device information.
• Log Data: Server logs, error reports and diagnostic information.

3. How We Use Your Information

We use the collected information for the following purposes:

• Service Provision: To provide, maintain and improve CodeMarine's security analysis capabilities.
• Security Analysis: To detect vulnerabilities in AI-generated code and provide security recommendations.
• Account Management: To manage your account, process payments and provide customer support.
• Communication: To send service updates, security alerts and respond to your inquiries.
• Product Improvement: To analyze usage patterns and improve our security detection algorithms.
• Legal Compliance: To comply with applicable laws and regulations.

4. Data Security and Protection

We implement industry-standard security measures to protect your information:

• Encryption: Data is encrypted in transit using TLS 1.3 and at rest using AES-256.
• Local Processing: Code analysis is performed locally on your machine whenever possible to minimize data transmission.
• Access Controls: Strict access controls and authentication mechanisms protect your data.
• Regular Audits: We conduct regular security audits and vulnerability assessments.
• Data Minimization: We collect only the minimum data necessary to provide our services.

5. Data Sharing and Disclosure

We do not sell, trade or rent your personal information. We may share information in the following limited circumstances:

• Service Providers: With trusted third-party service providers who assist in operating our services (under strict confidentiality agreements).
• Legal Requirements: When required by law, court order or government regulation.
• Business Transfers: In connection with a merger, acquisition or sale of assets (with notice to users).
• Security Threats: To protect against fraud, security threats or illegal activities.

6. Data Retention

We retain your information for as long as necessary to provide our services and comply with legal obligations:

• Account Data: Retained while your account is active and for up to 2 years after account closure.
• Code Analysis Data: Vulnerability reports retained for 1 year for security trend analysis.
• Usage Analytics: Aggregated and anonymized data may be retained indefinitely for product improvement.
• Legal Requirements: Some data may be retained longer to comply with legal obligations.

7. Your Rights and Choices

You have the following rights regarding your personal information:

• Access: Request access to your personal information we hold.
• Correction: Request correction of inaccurate or incomplete information.
• Deletion: Request deletion of your personal information (subject to legal requirements).
• Portability: Request a copy of your data in a portable format.
• Opt-out: Unsubscribe from marketing communications at any time.
• Account Closure: Delete your account and associated data through your account settings.

To exercise these rights, contact us at privacy@codemarine.ai.

8. International Data Transfers

CodeMarine is operated from Australia. If you are accessing our services from outside Australia, your information may be transferred to, stored and processed in Australia and other countries where our service providers operate. We ensure appropriate safeguards are in place for international data transfers.

9. Children's Privacy

CodeMarine is not intended for use by children under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13, we will take steps to delete such information.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last updated" date. We encourage you to review this Privacy Policy periodically for any changes.

11. Contact Information

If you have any questions about this Privacy Policy or our privacy practices, please contact us: