Privacy Policy

Last revised on July 6, 2018
For prior versions of our Privacy Policy: 2018-07 2018-06 2018-04

Your privacy is very important to us. At DeepScan we have a few fundamental principles:

• We don’t ask you for personal information unless we truly need it.
• We don’t share your personal information with anyone except to comply with the law, develop our products, or protect our rights.
• We don’t store personal information on our servers unless required for the on-going operation of one of our services.

The Gist

DeepScan will collect certain non-personally identifiable information about you as you use our sites. We may use this data to better understand our users. We can also publish this data, but the data will be about a large group of users, not individuals. We may also collect certain personal information about you and your use of the Service (as defined herein) which may be published and used in the aggregate as set forth in this Privacy Policy.

We will also ask you to provide personal information, but you'll always be able to opt out. If you give us personal information, we won't do anything evil with it.

We can also use cookies, but you can choose not to store these.

That's the basic idea, but you must read through the entire Privacy Policy below and agree with all the details before you use any of our sites.

Reuse

This document is based upon the Automattic Privacy Policy and is licensed under Creative Commons Attribution Share-Alike License 2.5. Basically, this means you can use it verbatim or edited, but you must release new versions under the same license and you have to credit Automattic somewhere (like this!). Automattic is not connected with and does not sponsor or endorse DeepScan or its use of the work.

DeepScan makes available services include our web sites (https://deepscan.io (the "Site")), our blog, our API, and any other software, sites, and services offered by DeepScan in connection to any of those (taken together, the "Service"). It is DeepScan's policy to respect your privacy regarding any information we may collect while operating our Site.

What Kind of Information We Collect

To serve users better and understand users' needs and interests, we collect the following types of information below through your use of the Service.

Personal Information: We save information that identifies you. It includes your GitHub email and account. We may use your Personal Information

• to respond to your inquiries, provide services, or complete transactions you have requested.
• to send you information regarding the Service, changes to our policies, and/or other administrative information.

Non-Personal Information: Information that does not identify you or any other individual. It includes session and usage data, log data and aggregate information collected during your use.

We collect the personal information from GitHub when you sign in to GitHub and approve access of DeepScan application.

Sharing Information

We do not sell our users' private personal information.

We share information about you in the limited circumstances spelled out below and with appropriate safeguards on your privacy:

• Subsidiaries, Employees, and Independent Contractors: We may disclose information about you to our subsidiaries, our employees, and individuals who are our independent contractors that need to know the information in order to help us provide our Services or to process the information on our behalf. We require our subsidiaries, employees, and independent contractors to follow this Privacy Policy for personal information that we share with them.
• Third Party Vendors: We may share information about you with third party vendors who need to know information about you in order to provide their services to us, or to provide their services to you or your site. This group includes vendors that help us provide our Services to you (like payment providers that process your credit and debit card information, fraud prevention services that allow us to analyze fraudulent payment transactions, postal and email delivery services that help us stay in touch with you, customer chat and email support services that help us communicate with you, registrars, registries, and data escrow services that allow us to provide domain registration services), those that assist us with our marketing efforts (e.g. by providing tools for identifying a specific marketing target group or improving our marketing campaigns), those that help us understand and enhance our Services (like analytics providers), who may need information about you in order to, for example, provide technical or other support services to you. We require vendors to agree to privacy commitments in order to share information with them.
• Legal Requests: We may disclose information about you in response to a subpoena, court order, or other governmental request.
• Business Transfers: If DeepScan, or substantially all of its assets, were acquired, or in the unlikely event that DeepScan goes out of business or enters bankruptcy, user information would be one of the assets that is transferred or acquired by a third party. You acknowledge that such transfers may occur, and that any acquirer of DeepScan may continue to use your personal information as set forth in this policy.
• With Your Consent: We may share and disclose information with your consent or at your direction.
• Aggregated or De-Identified Information: We may share information that has been aggregated or reasonably de-identified, so that the information could not reasonably be used to identify you. For instance, we may publish aggregate statistics about the use of our Services and we may share a hashed version of your email address to facilitate customized ad campaigns on other platforms.
• Published Support Requests: And if you send us a request (for example, via a support email or one of our feedback mechanisms), we reserve the right to publish that request in order to help us clarify or respond to your request or to help us support other users.

Visitors

Like most website operators, DeepScan collects non-personally-identifying information of the sort that web browsers and servers typically make available, such as the browser type, language preference, referring site, and the date and time of each visitor request. DeepScan's purpose in collecting non-personally identifying information is to better understand how DeepScan's visitors use its website. From time to time, DeepScan may release non-personally-identifying information in the aggregate, e.g., by publishing a report on trends in the usage of its website.

DeepScan also collects potentially personally-identifying information like Internet Protocol (IP) addresses. DeepScan does not use such information to identify its visitors, however, and does not disclose such information, other than under the same circumstances that it uses and discloses personally-identifying information, as described below.

Additionally, as part of our normal analysis, DeepScan collects information with regards to GitHub repositories from those who login. This includes email address, source code (immediately deleted from our servers right after the analysis), pull requests and webhooks.

Gathering of Personally-Identifying Information

Certain visitors to DeepScan's websites choose to interact with DeepScan in ways that require DeepScan to gather personally-identifying information. The amount and type of information that DeepScan gathers depends on the nature of the interaction. DeepScan collects such information only insofar as is necessary or appropriate to fulfill the purpose of the visitor's interaction with DeepScan. DeepScan does not disclose personally-identifying information other than as described below. And visitors can always refuse to supply personally-identifying information, with the caveat that it may prevent them from engaging in certain website-related activities.

Retention of Collected Information

The Service shall immediately delete users' information when users delete their account. The Service may retain the information below while a user is registered with the Service:

• GitHub email address and account
• Aggregated database statistics for code issues

Aggregated Statistics

To understand our users, DeepScan may collect statistics about the behavior of visitors to its websites. DeepScan may display this information publicly or provide it to others. However, DeepScan does not disclose personally-identifying information other than as described below.

Cookies

A cookie is a string of information that a website stores on a visitor's computer, and that the visitor's browser provides to the Service each time the visitor returns. DeepScan uses cookies to help DeepScan identify and track visitors, their usage of DeepScan Service, and their Service access preferences. DeepScan visitors who do not wish to have cookies placed on their computers should set their browsers to refuse cookies before using DeepScan's websites, with the drawback that certain features of DeepScan's websites may not function properly without the aid of cookies.

Data Storage

DeepScan may use third party vendors and hosting partners to provide the necessary hardware, software, networking, storage, and related technology required to run the Service. You understand that although you retain full rights to your data, it may be stored on third party storage and transmitted through third party networks.

Security

While no online service is 100% secure, we work very hard to protect information about you against unauthorized access, use, alteration, or destruction, and take reasonable measures to do so, such as monitoring our Services for potential vulnerabilities and attacks.

The Service is constantly striving to ensure security. Please see here.

User's Rights

In accordance with the Service's retention policy, users can immediately delete their information by deleting their account from the Service. This information will not be accessed or used for any other purpose.

Or users can request to access their personal information provided to the Service at any time. Once a request to access, edit or delete personal information is made to the Data Protection Officer by e-mail, the officer will confirm the requester's identity and take appropriate action.

Data Protection Officer

The Service appoints the following officers to protect personal information and handles complaints relating to personal information.

Chief Privacy Officer

- Name: Park Hunyong
- Title: Executive Director
- Division: Management Support Team
- Contact: +82 70 7125 5114

Data Protection Officer

- Name: Kim Kangho
- Title: Product Manager
- Division: Development Platform Group
- Contact: support@deepscan.io

Privacy Policy Changes

Although most changes are likely to be minor, DeepScan may change its Privacy Policy from time to time, and in DeepScan's sole discretion. DeepScan encourages visitors to frequently check this page for any changes to its Privacy Policy.