Privacy Policy
Your privacy is fundamental to how we build CodeInScore. This policy explains what data we collect, how we use it, and the controls you have over your information.
1. Information We Collect
Account Information
When you create a CodeInScore account, we collect your name, email address, username, and authentication credentials. If you connect via GitHub, GitLab, or Bitbucket, we access your public profile data and repository metadata as authorized by you.
Code & Repository Data
Our platform analyzes publicly available code repositories, commit histories, pull request contributions, and code review activities. We process this data to generate developer signal scores and capability assessments. We do not store raw source code — only derived metrics and anonymized patterns.
Usage Data
We automatically collect device type, browser information, IP address, pages viewed, interaction timestamps, and feature usage patterns to improve our services and user experience.
Recruiter Data
If you use our recruiter platform, we collect company information, job posting details, candidate search queries, and messaging content exchanged through our platform.
2. How We Use Your Information
Core Services
We use collected data to generate developer capability scores, provide career roadmap recommendations, match developers with relevant job opportunities, and enable recruiter-developer communication through our messaging system.
Platform Improvement
Aggregated and anonymized data helps us improve our scoring algorithms, enhance AI-powered features, develop new product capabilities, and maintain platform security.
Communications
We may send you service-related notifications, security alerts, feature updates, and — with your consent — marketing communications. You can opt out of marketing emails at any time.
3. Data Sharing & Third Parties
Developer Profiles
Your public CodeInScore profile — including capability scores, skill assessments, and contribution metrics — is visible to recruiters and other users on the platform. You control what additional information appears on your public profile through your privacy settings.
Service Providers
We share data with trusted third-party providers for hosting (AWS), analytics (Plausible Analytics), email delivery (Postmark), and payment processing (Stripe). These providers are contractually obligated to protect your data.
Legal Requirements
We may disclose information when required by law, subpoena, or regulatory request, or to protect the rights, safety, and property of CodeInScore, our users, or the public.
No Data Sales
We do not sell your personal information to advertisers or data brokers. Period.
4. Data Security
Encryption
All data is encrypted in transit (TLS 1.3) and at rest (AES-256). API keys and authentication tokens are hashed using industry-standard algorithms.
Infrastructure
Our infrastructure is hosted on SOC 2 Type II certified cloud providers with automated threat detection, regular penetration testing, and 24/7 security monitoring.
Access Controls
Internal access to user data is restricted on a need-to-know basis, with multi-factor authentication, audit logging, and regular access reviews.
5. Your Rights & Choices
Access & Portability
You can request a copy of all personal data we hold about you in a machine-readable format. Use the "Export My Data" feature in your profile settings or contact us directly.
Correction & Deletion
You may update your account information at any time through your profile settings. To request full account deletion — including all derived scores and associated data — contact privacy@codeinscore.com or use the account deletion option in settings.
Opt-Out Controls
You can disconnect repository integrations, hide your profile from recruiter searches, disable specific data collection features, and manage notification preferences — all from your account settings.
6. Data Retention
Active Accounts
We retain your data for as long as your account is active. Derived metrics and scores are refreshed periodically and older versions are purged after 12 months.
Deleted Accounts
Upon account deletion, we remove all personal data within 30 days. Some anonymized, aggregated data may be retained for statistical and research purposes, but it cannot be linked back to you.
Legal Holds
We may retain certain data longer if required by law, ongoing legal proceedings, or legitimate business interests (e.g., fraud prevention).
7. Policy Updates
Notification of Changes
We will notify you of material changes to this policy via email and an in-app banner at least 30 days before the changes take effect. Continued use of the platform after changes constitutes acceptance of the revised policy.
Questions about your data?
Reach out to our privacy team at privacy@codeinscore.com