Privacy Policy

Last updated: April 16, 2026

Quick Summary: We don't collect your source code. We only track session metadata (problem name, language, difficulty, time spent) to help you track your development progress. Your privacy is our priority.

1. Information We Collect

1.1 Account Information

When you create a Preecode account, we collect: email address, username, password (hashed and encrypted), and optional profile information like name and profile picture. This information is used to authenticate you and personalize your experience.

1.2 Coding Session Data (Metadata Only)

When you use the VS Code extension to solve problems, we capture metadata ONLY:

  • Problem/question name and ID
  • Programming language used
  • Difficulty level (Easy/Medium/Hard)
  • Time spent on the problem
  • Submission status (passed/failed/time limit exceeded)
  • Session start and end times

⚠️ IMPORTANT: We NEVER collect, access, store, or transmit your actual source code. Your code remains entirely on your machine.

1.3 Device and Technical Information

We automatically collect information about your device, operating system, VS Code version, and extension version to improve compatibility and diagnose issues.

1.4 Third-Party Authentication

If you use Google OAuth to sign in, we receive your email and basic profile information from Google. We don't have access to your Google password or other Google account data.

2. How We Use Your Information

  • Service Delivery: To track your coding sessions, generate analytics dashboards, and provide AI code review suggestions
  • Analytics & Insights: To analyze aggregated, anonymized patterns in coding behavior to improve the service
  • AI Improvement: To train and improve our AI code review models using your session metadata (never your source code)
  • Communication: To send you important updates, security alerts, and feature announcements
  • Support: To provide customer support and resolve technical issues
  • Compliance: To comply with legal obligations and enforce our Terms of Service
  • Research: To conduct research on developer productivity and learning patterns (anonymized)

3. Data Sharing & Third Parties

3.1 We Do NOT Sell Your Data

Preecode does not sell, rent, or trade your personal information to third parties for their marketing purposes. We respect your privacy.

3.2 Third-Party Service Providers

We use trusted third-party services to operate Preecode. These providers have signed Data Processing Agreements and are only permitted to process data as needed to provide the service:

  • MongoDB (Data Storage): Stores your session data and account information (US-based, SOC 2 certified)
  • Google (Authentication & OAuth): Handles secure login via Google accounts
  • OpenRouter (AI Services): Processes your session metadata to generate code reviews and suggestions
  • Cloudinary (Media Storage): Stores profile pictures and generated certificates

3.3 Legal Requirements

We may disclose your information if required by law (subpoena, court order), to protect legal rights, or to prevent harm to others. We will attempt to provide you with notice of such requests when legally permitted.

4. Data Security & Protection

We implement industry-standard security measures to protect your data:

  • Encryption at Rest: All sensitive data is encrypted using AES-256 encryption
  • Encryption in Transit: All data transmitted between your device and our servers uses TLS 1.2 or higher (HTTPS)
  • Secure Authentication: Passwords are hashed using industry-standard algorithms (bcrypt)
  • Access Controls: Only authorized employees with legitimate need can access user data
  • Multi-Factor Authentication: Available for additional account security
  • Regular Security Audits: We conduct periodic security audits and penetration testing
  • Incident Response: We have procedures in place to detect and respond to security breaches

5. Data Retention & Deletion

5.1 Retention Periods

  • Active Account Data: Retained while your account is active
  • Session Metadata: Retained for 24 months to provide historical analytics
  • AI Training Data: Anonymized metadata retained indefinitely for model improvement
  • Account Information: Deleted within 30 days of account deletion request
  • Backup Data: Retained for up to 90 days for disaster recovery purposes

5.2 Data Deletion

You can request deletion of your account and associated data at any time from your account settings. We will delete your personal data within 30 days, except where we're legally required to retain it (e.g., tax records).

5.3 Data Export

You can request a copy of your data in a portable format (JSON) from your account settings. We will provide this within 30 days of your request.

6. Your Privacy Rights

6.1 General Rights (All Users)

  • Right to access: Request a copy of your personal data
  • Right to correction: Update or correct inaccurate information
  • Right to deletion: Request deletion of your data ("right to be forgotten")
  • Right to data portability: Export your data in a standard format
  • Right to object: Object to certain types of data processing

6.2 EU/EEA Users (GDPR Rights)

If you're in the EU/EEA, you have additional rights under the General Data Protection Regulation (GDPR):

  • Right to restrict processing of your data
  • Right to withdraw consent at any time
  • Right to lodge a complaint with your local data protection authority
  • Right to be informed about data breaches (within 72 hours)

6.3 California Users (CCPA Rights)

If you're a California resident, you have rights under the California Consumer Privacy Act (CCPA):

  • Right to know: What personal information we collect and how it's used
  • Right to delete: Request deletion of your personal information
  • Right to opt-out: Opt-out of any data sales (we don't sell, but you can request opt-out)
  • Right to non-discrimination: We won't discriminate against you for exercising these rights
  • Right to correct: Request correction of inaccurate personal information

6.4 How to Exercise Your Rights

To exercise any of these rights, contact us at preecodeai@gmail.com with your request. We will respond within 30 days (45 days for CCPA requests).

7. Cookies & Tracking

7.1 Cookies We Use

  • Authentication Cookies: Store your session token securely (HttpOnly, Secure, SameSite flags)
  • Preference Cookies: Remember your theme preference (light/dark mode)
  • Analytics Cookies: Analyze usage patterns to improve the service (optional, can be disabled)

7.2 Third-Party Tracking

We do not use third-party tracking services, ads networks, or analytics providers (like Google Analytics). Your usage data remains within Preecode's systems only.

7.3 Cookie Controls

You can control cookies in your browser settings. Disabling cookies may affect your ability to use certain features of Preecode.

8. Children's Privacy

Preecode is not intended for users under 13 years old. We do not knowingly collect personal information from children under 13. If we become aware that a child under 13 has provided us with personal information, we will delete such information and terminate the child's account immediately. If you believe we have collected information from a child under 13, please contact us at preecodeai@gmail.com.

9. International Data Transfers

Preecode operates servers in the United States. If you're located outside the US, your data will be transferred to and processed in the US. By using Preecode, you consent to this transfer. We rely on Standard Contractual Clauses (SCC) and other legal mechanisms approved by data protection authorities to ensure your data is adequately protected.

10. Policy Updates & Changes

We may update this Privacy Policy from time to time. We will notify you of material changes by email or by posting a prominent notice on our website. Your continued use of Preecode after changes become effective means you accept the updated policy. We recommend reviewing this policy periodically to stay informed about how we protect your privacy.

11. Contact & Data Protection Officer

If you have questions about this Privacy Policy or how we handle your data, please contact us:

Email: preecodeai@gmail.com

Company: Preecode

Purpose: Developer Analytics Platform

For privacy inquiries, requests under GDPR/CCPA, or data subject access requests, please email us with your request. We will respond within 30 days.

Last Updated: April 16, 2026
Effective Date: April 16, 2026
Version: 1.0