Privacy Policy

ConfigLint (“we,” “our,” “us”) is committed to transparency in how we collect, store, and use data. This Privacy Policy explains what information we collect, how we use it, and how it may be shared with trusted partners such as OpenAI.

1. Information We Collect

• Account Information: Email address, authentication identifiers, organization name, and preferences.
• Billing Data: Stripe customer and subscription IDs for payment processing. We never store full credit card numbers.
• Usage Data: Configuration files, prompts, audit results, and system logs generated through your interaction with ConfigLint.
• AI Training Data: Non-Enterprise accounts may have anonymized interaction data retained to improve ConfigLint’s models and partner AI systems (such as OpenAI). Sensitive network or personal data is automatically scrubbed where technically feasible.

2. How We Use Information

• Provide and maintain the Service.
• Authenticate users and manage sessions.
• Process billing and subscription operations through Stripe.
• Improve performance, accuracy, and AI-driven recommendations.
• Train and refine our internal models and OpenAI-hosted inference systems to enhance ConfigLint’s overall quality and feature set.

3. Data Sharing & Processing

We share data only with trusted processors essential to our operations:

• OpenAI: Used for natural-language analysis and AI inference. Data from non-Enterprise accounts may be used by OpenAI to improve its models. Enterprise clients are opted out of this sharing by default.
• Stripe: Handles secure payment processing and invoicing.
• Infrastructure & Analytics Providers: For hosting, monitoring, and aggregate usage metrics. These services do not have access to identifiable configuration data.

ConfigLint does not sell or rent personal information. All transfers occur under data-processing agreements compliant with GDPR and CCPA requirements.

4. Data Retention

Account, configuration, and interaction data are retained for as long as the account remains active. Aggregated or anonymized data used for model training may be retained indefinitely to support AI performance improvements. You may request deletion of your identifiable account data at any time by emailing support@configlint.io.

5. Enterprise Privacy Controls

Enterprise-tier environments are isolated from any external model-training pipelines. All prompt and configuration data remain within dedicated, encrypted environments and are excluded from third-party AI training use.

6. Security

We use encryption in transit (HTTPS/TLS), limited access controls, and monitoring to protect data integrity. While we take commercially reasonable measures to secure the Service, no system is completely immune to risk.

7. Your Rights & Choices

• Request access, correction, or deletion of your personal data.
• Request exclusion from AI training datasets.
• Opt out of marketing or product emails.

To exercise these rights, contact support@configlint.io.

8. International Data Transfers

ConfigLint operates primarily in the United States. By using the Service, you consent to processing and storage of your information in the U.S. or other jurisdictions where we or our partners operate.

9. Updates to This Policy

We may update this Privacy Policy periodically. Any significant changes will be communicated via email or through the Service interface. Continued use of the Service after updates constitutes acceptance of the revised Policy.

10. Contact

For privacy inquiries, please contact us:

📧 support@configlint.io

Last updated: 2025-12-06