AbyssGuard

Privacy Policy

AbyssGuard Privacy Policy

Last updated: May 23, 2026

Source is temporary

AbyssGuard reads source only to build a scan report. Source files are not kept as report data.

Findings are normalized

Reports keep findings, file paths, line numbers, confidence, scores, and suggested fixes.

Tokens stay short-lived

GitHub OAuth tokens are stored only in encrypted HttpOnly cookies for private scan sessions.

What AbyssGuard does

AbyssGuard scans web app repositories and creates plain-English reports about security, data safety, reliability, code health, and test confidence. The product is for software risk review and is not a penetration test, legal certification, or compliance audit.

Information we collect

We may collect your email address, repository URL, app status, checkout plan, payment-provider identifiers, normalized scan metadata, and normalized report findings. Findings may include file paths, line numbers, issue titles, severity, confidence, evidence summaries, suggested fixes, and AI repair prompts.

Source code handling

Source code is processed temporarily during a scan. AbyssGuard is designed to store normalized report metadata and findings, not full source files, GitHub tokens, ZIP files, or raw scanner output. Raw scanner output may be used temporarily for debugging and normalization, then deleted.

GitHub access

Private GitHub scans require OAuth access so AbyssGuard can list repositories and read selected source files for the scan request. The GitHub token is stored in a short-lived encrypted HttpOnly cookie. It is not stored in reports, logs, or the database.

Payments

Payments are handled by Paddle. AbyssGuard receives payment and subscription events from Paddle webhooks to unlock paid reports and subscription access. AbyssGuard does not store full payment card details.

How we use information

We use collected information to create reports, show scan history, unlock paid access, provide support, improve scanner quality, and prevent duplicate payment processing. We do not sell source code or report data.

Data deletion

You can request deletion of account, scan, and report metadata by contacting hello@abyssguard.com. Some payment records may need to be kept where required for tax, accounting, dispute, or fraud-prevention purposes.

Contact

Questions about privacy or data deletion can be sent to hello@abyssguard.com. Replace this contact address before live approval if the final support mailbox changes.