Privacy

Security measures

We take your code seriously:

• Encryption at rest - sensitive data is encrypted using industry-standard encryption (AES-128-CBC with HMAC)
• Encryption in transit - all connections use TLS/SSL
• Access controls - your data is isolated per-account, accessible only with your API key
• Audit logging - all access to your data is logged for security
• No shared storage - each customer's code is stored in a separate collection

What we collect

• Email address - account management and transactional emails
• Code snippets - chunks of your codebase for semantic search (not full files)
• Usage statistics - request counts, tokens saved (no query content logged)
• IP addresses - hashed for security monitoring, not stored raw

Third parties

We work with one service provider:

• Lemon Squeezy - payment processing. They're our Merchant of Record and handle all payment data securely.

That's it. No analytics. No trackers. No ad networks.

We never train on your code

Your code is never used to train our models or improve our service for other customers.

If you purchase the Custom PyckLM Tuning add-on, we create a private model using your codebase patterns. This model is exclusively yours - isolated from all other customers.

Your rights

You have full control over your data:

• Right to access - export all your data via API: GET /account/export
• Right to deletion - delete everything instantly via API: DELETE /account
• Right to portability - your exported data is in standard JSON format

Data retention

• Active subscription - data kept while you're a customer
• After cancellation - data deleted within 30 days
• Immediate deletion - available anytime via dashboard or API
• Backups - purged within 90 days of deletion request

We don't sell your data

Ever. To anyone. Period.

Security contact

Found a security issue? Email security@pyckle.co

General questions? Email hello@pyckle.co