Privacy Policy

Last updated: April 2026

This policy describes how Agent Breach collects and uses personal data when you use our website, create an account, or run security scans. It should be read alongside our Terms of Service and Cookie Policy.

We process identifiers (such as email), account metadata, security logs, and scan-related technical data needed to operate the platform. Optional analytics and advertising technologies load only when permitted through your cookie preferences.

Hosted Repository Scanning

When you enable hosted PR scanning, Agent Breach processes repository data required for security analysis, including source files, dependency manifests/lockfiles, workflow files, and pull request metadata.

Scan execution is limited to authorized repositories and pull request commit context (head/base) to provide targeted analysis of the requested change set.

Retention and Deletion

Hosted scan workspaces are designed to be temporary and are deleted after verification and reporting steps, including failure paths and periodic stale workspace cleanup.

Agent Breach retains scan findings, policy outcomes, and limited audit metadata for product functionality, support, and security/compliance evidence according to service retention controls.

Consent and Legal Basis

Hosted repository scanning requires explicit customer consent in the integrations flow and may require re-consent when processing terms materially change.

For support or data requests, contact the Agent Breach support channel listed on the Support page.

Account and communications

We use your email to authenticate you, send operational notices (such as scan completion or billing receipts), and—where allowed—product updates. You can control marketing communications through unsubscribe links where applicable.

If you subscribe to our optional security email updates on the Blog page, we store your email address only to send those digests and an unsubscribe link is included in every message. You may opt out at any time using that link.

International transfers and subprocessors

Agent Breach infrastructure may process data in regions required to deliver the service reliably. We rely on contractual and technical safeguards consistent with our role as a processor for customer-directed scanning workloads and as a controller for account relationship data.

Your choices

You may request access, correction, or deletion of certain personal data subject to legal retention requirements. Visit Support for the fastest routing of privacy-related requests.