1. Introduction
ThinkingSDK, Inc. ("we", "us", "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered debugging and software repair services.
By using ThinkingSDK's services, you agree to the collection and use of information in accordance with this policy.
2. Information We Collect
Account Information
When you create an account, we collect:
- Name and email address
- Company or organization name
- Billing information and payment details
- API keys and authentication credentials
Runtime and Exception Data
When you use our service, we automatically collect:
- Exception messages and stack traces
- Function calls and execution context
- Local variable values and states
- Runtime performance metrics
- Database queries and HTTP requests
- System information (OS, Python version, dependencies)
Source Code
To provide debugging insights and generate fixes, we may access:
- Relevant portions of your source code
- File paths and line numbers
- Function signatures and imports
- Code context surrounding exceptions
Usage Data
We automatically collect information about how you interact with our service:
- API usage patterns and request logs
- Dashboard interactions and feature usage
- IP addresses and user agent strings
- Session durations and timestamps
3. How We Use Your Information
We use the collected information for the following purposes:
Service Delivery
- Analyze runtime exceptions and identify root causes
- Generate AI-powered code fixes and recommendations
- Validate fixes and suggest deployment strategies
- Provide real-time debugging insights through our dashboard
Service Improvement
- Improve AI model accuracy and fix quality
- Develop new features and capabilities
- Analyze usage patterns to optimize performance
- Train machine learning models (with anonymized data)
Communication
- Send service notifications and alerts
- Respond to your inquiries and support requests
- Provide product updates and feature announcements
- Send billing and payment confirmations
Security and Compliance
- Monitor for unauthorized access and abuse
- Enforce our Terms of Service
- Comply with legal obligations
- Detect and prevent fraud
4. Data Storage and Security
Storage Location
Your data is stored on secure servers in the United States. We use industry-standard cloud infrastructure providers with SOC 2 Type II certification.
Security Measures
We implement comprehensive security measures to protect your data:
- Encryption in transit (TLS 1.3) and at rest (AES-256)
- API key authentication with bcrypt hashing
- Regular security audits and penetration testing
- Access controls and role-based permissions
- Automated threat detection and monitoring
- Secure backup procedures and disaster recovery
Data Retention
We retain your data for as long as your account is active or as needed to provide services. Specifically:
- Runtime events and exceptions: 90 days by default
- AI-generated insights and analyses: 1 year
- Account information: Duration of account plus 30 days
- Billing records: 7 years (legal requirement)
5. Data Sharing and Disclosure
Third-Party Services
We use the following third-party services that may process your data:
- OpenAI/Anthropic: AI models for code analysis (anonymized context only)
- Cloud Hosting Providers: Infrastructure and storage
- Payment Processors: Billing and subscription management
- Analytics Services: Product usage and performance monitoring
Legal Requirements
We may disclose your information if required by law or in response to:
- Court orders or subpoenas
- Government investigations
- Legal proceedings
- Requests from law enforcement
Business Transfers
If ThinkingSDK is involved in a merger, acquisition, or sale of assets, your information may be transferred. We will provide notice before your data is transferred and becomes subject to a different privacy policy.
What We DO NOT Do
We will never:
- Sell your personal information or source code to third parties
- Use your code to train models accessible to other customers
- Share your exception data with competitors
- Publicly disclose your vulnerabilities or bugs
6. Cookies and Tracking Technologies
We use cookies and similar technologies to:
- Maintain user sessions and authentication
- Remember your preferences and settings
- Analyze service usage and performance
- Provide personalized experiences
You can control cookie settings through your browser. Note that disabling cookies may affect service functionality.
7. Your Privacy Rights
Access and Portability
You have the right to:
- Access all personal data we hold about you
- Export your data in a machine-readable format
- Request copies of exception data and insights
Correction and Deletion
You can:
- Update your account information at any time
- Request deletion of specific exception events
- Request complete account deletion (30-day process)
Opt-Out Rights
You may opt out of:
- Marketing emails (service emails still required)
- Analytics and usage tracking
- AI model training using your data
Exercising Your Rights
To exercise any of these rights, contact us at privacy@thinkingsdk.ai. We will respond within 30 days.
8. International Data Transfers
If you are accessing our services from outside the United States, please be aware that your data may be transferred to, stored, and processed in the United States where our servers are located.
We ensure adequate protection through:
- Standard Contractual Clauses (SCCs)
- Data Processing Agreements (DPAs) with third-party vendors
- Compliance with GDPR, CCPA, and other privacy regulations
9. Children's Privacy
Our services are not intended for children under 13 years of age. We do not knowingly collect personal information from children. If you believe we have collected data from a child, contact us immediately at privacy@thinkingsdk.ai.
10. California Privacy Rights (CCPA)
California residents have additional rights under the California Consumer Privacy Act:
- Right to know what personal information is collected
- Right to know if personal information is sold or disclosed
- Right to opt-out of the sale of personal information
- Right to deletion of personal information
- Right to non-discrimination for exercising CCPA rights
Note: ThinkingSDK does not sell personal information as defined by CCPA.
11. European Privacy Rights (GDPR)
If you are in the European Economic Area (EEA), you have rights under the General Data Protection Regulation:
- Right to access your personal data
- Right to rectification of inaccurate data
- Right to erasure ("right to be forgotten")
- Right to restrict processing
- Right to data portability
- Right to object to processing
- Right to withdraw consent
To exercise these rights, contact our Data Protection Officer at dpo@thinkingsdk.ai.
12. Data Breach Notification
In the event of a data breach that affects your personal information, we will:
- Notify affected users within 72 hours of discovery
- Describe the nature and scope of the breach
- Explain the steps we are taking to address it
- Provide recommendations to protect your account
- Report to relevant authorities as required by law
13. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last Updated" date.
For material changes, we will notify you via:
- Email to your registered address
- Prominent notice on our website
- In-product notification
Your continued use of the service after changes constitutes acceptance of the updated policy.
14. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
Email: privacy@thinkingsdk.ai
General Inquiries: contact@thinkingsdk.ai
Data Protection Officer: dpo@thinkingsdk.ai
Mailing Address:
ThinkingSDK, Inc.
Privacy Department
[Address to be added]
Delaware, United States