Privacy Policy

Account Information

When you create an account, we collect your name, email address, and company information (optional).

Usage Data

We collect information about how you use InfraLint, including:

• Number of scans performed
• Scan results and security findings (stored encrypted)
• CI/CD integration usage
• Feature usage and interactions

Technical Information

We automatically collect certain technical information, including:

• IP address and browser type
• Device and operating system
• Cookies and similar tracking technologies

We use the information we collect to:

• Provide and maintain InfraLint services
• Improve and optimize our security scanning algorithms
• Send you important updates and security notifications
• Provide customer support and respond to your requests
• Detect and prevent fraud, abuse, and security incidents
• Comply with legal obligations

We never use your infrastructure code or scan results for marketing purposes or sell them to third parties.

We implement industry-standard security measures to protect your data:

• Encryption: All data encrypted in transit (TLS 1.3) and at rest (AES-256)
• Access Controls: Strict role-based access control (RBAC)
• Infrastructure: Hosted on SOC 2 Type II compliant infrastructure
• Monitoring: 24/7 security monitoring and incident response
• Regular Audits: Quarterly security audits and penetration testing

We only share your information in the following limited circumstances:

• Service Providers: With trusted third-party service providers who help us operate InfraLint (e.g., hosting, analytics)
• Legal Requirements: When required by law or to protect our legal rights
• Business Transfers: In connection with a merger, acquisition, or sale of assets
• With Your Consent: When you explicitly authorize us to share your information

We never sell your personal information to advertisers or data brokers.

You have the following rights regarding your personal data:

• Access: Request a copy of your personal data
• Correction: Update or correct inaccurate information
• Deletion: Request deletion of your account and data
• Export: Download your data in a portable format
• Opt-out: Unsubscribe from marketing communications

To exercise these rights, contact us at privacy@infralint.io

We retain your data only as long as necessary to provide our services and comply with legal obligations:

• Account Data: Retained while your account is active
• Scan Results: Retained for 90 days unless you delete them earlier
• Logs: Security and audit logs retained for 1 year

When you delete your account, we permanently delete all associated data within 30 days.

We use cookies and similar technologies to:

• Keep you logged in
• Remember your preferences
• Analyze site usage and performance

You can control cookies through your browser settings. Disabling cookies may affect site functionality.

InfraLint operates globally. Your data may be transferred to and processed in countries outside your residence. We ensure appropriate safeguards are in place to protect your data in compliance with applicable data protection laws.

InfraLint is not intended for users under 16 years of age. We do not knowingly collect personal information from children. If you believe we have inadvertently collected information from a child, please contact us immediately.

We may update this Privacy Policy from time to time. We will notify you of significant changes by email or through a prominent notice on our website. Your continued use of InfraLint after changes indicates your acceptance of the updated policy.