Privacy & Data
We take data privacy seriously. Here's how we protect your information and handle the data we collect.
Data Encryption
All data encrypted in transit (TLS 1.3) and at rest (AES-256).
Access Controls
Strict role-based access. Only you can see your projects and analytics.
Data Retention
Configurable retention periods. Delete your data anytime.
Secure Infrastructure
Hosted on SOC 2 compliant infrastructure.
What Data We Collect#
We only collect data necessary to provide our service:
| Data Type | Purpose | Retention |
|---|---|---|
| Account information | Authentication & billing | Until account deleted |
| Audit submissions | Smart contract analysis | Until account deleted |
| Audit findings | Security reports and history | 90 days (configurable) |
| Scan events | Real-time status tracking | 30 days |
| Payment data | Billing (via Stripe) | Per Stripe policy |
Source code privacy
Your smart contract source code is encrypted in transit and at rest. We do not share your code with third parties or use it for training.
Data Protection#
Encryption#
- In transit — All connections use TLS 1.3
- At rest — AES-256 encryption for stored data
- API keys — Hashed and never stored in plain text
Access Controls#
- Role-based access control (RBAC) for all operations
- API authentication required for all endpoints
- Project data only accessible by the owner
- Admin access logged and audited
Your data, your control
You can export or delete your data at any time from your dashboard settings.
Compliance#
We maintain compliance with industry standards:
- GDPR — EU data protection compliance
- CCPA — California privacy rights
Your Rights#
Under applicable privacy laws, you have the right to:
- Access all data we have about you
- Request correction of inaccurate data
- Request deletion of your data
- Export your data in portable format
- Withdraw consent at any time
Contact Us#
Have questions about privacy or data handling?
- Email us at privacy@audit.new
- We respond within 48 hours on business days