Legal
Privacy Policy
Preston-Check is built around a simple principle: your code never leaves your machine. The scanner is a local command-line tool that produces local output. The SaaS layer at preston-check.com consumes only what you choose to upload, and collects only what is needed to deliver the service. This Privacy Policy explains what is collected, why, where it lives, and how to exercise your rights over it.
1. Local scanner — what stays on your machine
When you run the open-source scanner, source code, dependency manifests, environment variables, and findings are processed entirely on your local machine and written to your local filesystem. Nothing is uploaded to us. This includes intermediate AST representations, secret-detection matches, and report HTML/PDF artifacts. You can run the scanner air-gapped without any network access and it will function fully.
2. Optional telemetry
Telemetry is off by default and only activates when you pass --telemetry or set PRESTON_TELEMETRY=1. When enabled, the scanner sends a small JSON payload at the end of each run containing: scanner version, OS family (linux/macos/windows), language detected, framework count, scan duration, total findings count by severity, and a randomly-generated install ID that you can rotate at any time by deleting ~/.preston-check/install_id. Telemetry never includes file paths, code snippets, finding details, repository names, or any personally identifying information.
3. SaaS account data
When you sign in to app.preston-check.com or purchase a subscription, we store: your email address (used as the account identifier and for magic-link sign-in), your organisation name (optional, shown on report PDFs), the timestamp of your last sign-in, an SHA-256 hash of your IP address combined with a server-side secret (used for session anomaly detection; the original IP is not retrievable from the hash), your browser’s User-Agent string truncated to 200 characters, and session identifiers tied to a 30-day expiry. Subscription state (plan, status, period end, invoice history) is mirrored from Stripe so the customer portal can render without round-tripping to Stripe on every page load.
4. Audit packages and uploaded artifacts
If you generate an audit package PDF through the customer portal, the report is rendered client-side in your browser and the resulting PDF is downloaded directly to your machine; the report content does not transit our servers. If you upload a scanner-generated JSON report to the SaaS for branded PDF generation or multi-repository analytics, that JSON is stored in your account’s isolated D1 partition for the duration of your subscription and is deleted within 30 days of subscription cancellation, sooner on request.
5. Payment information
Payments are processed by Stripe, Inc. We never see your card number, CVC, or full bank account details; Stripe gives us a customer ID, the last four digits of your card (for the Customer Portal display only), the billing country and postal code (for tax compliance), and tax ID if you provided one. Stripe’s privacy policy applies to data they hold: stripe.com/privacy.
6. Email delivery
Magic-link sign-in codes are delivered via Amazon SES from the preston-check.com domain. SES processes your email address and the code body to deliver the message; SES does not retain message content beyond the delivery attempt and the standard SES bounce/complaint feedback loop. We do not send marketing email; you may receive transactional emails (sign-in codes, billing receipts via Stripe, security notifications about your account) only.
7. Hosting and edge infrastructure
The SaaS layer runs on Cloudflare Workers, Cloudflare Pages, Cloudflare D1 (SQLite), and Cloudflare KV. Cloudflare receives request metadata (IP, headers, timing) for delivery and DDoS protection; their privacy policy applies: cloudflare.com/privacypolicy. We use Cloudflare Web Analytics for aggregate, cookie-free pageview counts on the public site.
8. Cookies and similar technologies
The customer portal sets a single first-party HttpOnly session cookie (pc_session) on app.preston-check.com for 30 days, used solely to maintain your sign-in state. We do not set tracking, advertising, analytics, or third-party cookies. The public marketing site sets no cookies at all.
9. Data retention
Sign-in codes are deleted from KV within 10 minutes of issuance or immediately on use. Sessions expire after 30 days and are purged. Account records are retained for the lifetime of your subscription plus 90 days after cancellation, then deleted on request or after 12 additional months. Webhook event logs are retained for 1 year for billing reconciliation. Stripe-side data follows Stripe’s retention policies independently.
10. Your rights
You can request access to, correction of, export of, or deletion of your account data at any time by emailing privacy@preston-check.com. We respond within 30 days. Deletion of an active subscription requires cancellation first; we will not retain account data beyond what is needed to honour an active subscription. EU/UK customers have additional rights under the GDPR, California residents under the CCPA/CPRA; we honour both. You may also lodge a complaint with your local data protection authority.
11. International transfers
Cloudflare runs in regions worldwide; data may be processed at the edge nearest you. Stripe processes payments primarily in the United States. Amazon SES sends from us-east-1. Where applicable, we rely on standard contractual clauses for cross-border transfers.
12. Security
Sessions are stored only as random 64-character hex tokens, never as JWTs containing claims; revoking access is a single-row delete. License files are signed with Ed25519 and verified offline. Stripe webhook signatures are HMAC-SHA256 verified before any state mutation. We follow least-privilege for cloud credentials (e.g., the SES IAM user is scoped to ses:SendEmail on a single domain identity).
13. Children
The Service is intended for businesses and professionals; we do not knowingly collect data from anyone under 18.
14. Changes
If we make material changes to this Policy we will email subscribers at least 30 days before the changes take effect. The current version is always available at /privacy.html.
15. Contact
Privacy questions or rights requests: privacy@preston-check.com.