PrblTerms of Service →

Legal

Privacy Policy

Effective date: June 10, 2026

Wright Software Solutions ("we," "us," "our") operates Prbl ("the service"). This Privacy Policy explains what data we collect, how we use it, and your rights. By using Prbl, you agree to this policy.

1. What We Collect

Account data (via GitHub OAuth)

  • GitHub user ID, username, and display name
  • Email address (if public on your GitHub profile)
  • Profile avatar URL

We do not receive or store your GitHub password.

Scan data

  • Repository name and URL
  • Scan findings: file path, line number, rule ID, severity, and description
  • Scan timestamps

We clone your repository temporarily to run the scan. Source code is not stored after the scan completes — only the findings metadata listed above.

Billing data

Payments are processed by Stripe. We store your Stripe customer ID to manage your subscription. We never see or store your full card number — Stripe handles all payment data under their own PCI-compliant infrastructure.

Usage data

We collect basic usage logs (scan requests, API calls) for debugging, security monitoring, and enforcing plan limits. We do not sell or share usage data with third parties for advertising purposes.

2. How We Use Your Data

  • To provide and operate the service
  • To authenticate you and manage your account
  • To process payments and manage your subscription
  • To send transactional emails (scan results, billing receipts, security alerts)
  • To improve scanner accuracy and reduce false positives
  • To enforce plan limits and prevent abuse
  • To comply with legal obligations

We do not use your code or scan results to train AI models or for any purpose other than providing the service to you.

3. Third-Party Services

We use the following third-party services to operate Prbl:

GitHubOAuth authentication and repository accessPrivacy →
SupabaseDatabase and data storagePrivacy →
StripePayment processingPrivacy →
Hetzner CloudInfrastructure and scanner computePrivacy →

4. Data Retention

We retain your account data and scan results for as long as your account is active. If you delete your account, all associated data is permanently deleted within 30 days. Billing records may be retained longer where required by law.

5. Data Security

All data is transmitted over HTTPS. Your scan results are stored in Supabase with Row Level Security enabled — only you can read your own data. We use server-side sessions; no sensitive credentials are stored in the browser. Stripe API keys and database credentials are never exposed to the client.

Despite these measures, no system is perfectly secure. If you discover a security vulnerability in Prbl, please disclose it responsibly to security@prbl.dev.

6. Your Rights

Depending on your location, you may have the right to:

  • Access — request a copy of the data we hold about you
  • Correction — ask us to correct inaccurate data
  • Deletion — delete your account and data via Settings, or by emailing us
  • Portability — request your scan results in a machine-readable format
  • Objection — object to certain types of processing

To exercise any of these rights, email privacy@prbl.dev.

7. Cookies

Prbl uses a single session cookie to keep you logged in. We do not use third-party tracking cookies or advertising cookies. We do not use Google Analytics or similar tracking services.

8. Children

Prbl is not directed at children under 18. We do not knowingly collect data from anyone under 18. If you believe a minor has created an account, contact us and we will delete it.

9. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via email or a notice in the dashboard. The effective date at the top of this page reflects when the policy was last updated.

10. Contact

Questions or requests about your privacy? Email us at privacy@prbl.dev.