Privacy

Last updated: 2026-04-29 — placeholder. Final policy ships with v1.0 launch and will be reviewed by counsel.

What we collect

• Account email + name (Clerk auth, EU)
• Scan input (repo URL, branch name, commit SHA, diff metadata)
• Detection output (DOM analysis only — no PII from scanned sites)
• Anonymous product analytics via self-hosted PostHog (analytics.clamper.ai, hosted in EU)

What we don’t collect

• End-user PII from sites you scan
• Source code outside the lines flagged by detection rules
• Third-party trackers or ad networks
• Repository contents beyond the changed-file scope of the gate run

Where it lives

All scan data, baseline storage, audit chain, and product analytics in the EU (eu-north-1 / Hetzner FSN1). Default retention is per the tier you are on; Enterprise tier supports self-hosted infrastructure on customer-controlled storage.

Sub-processors

• Cloudflare (CDN + DDoS protection for clamper.ai & app.clamper.ai)
• Hetzner (compute + database hosting, Falkenstein DE)
• Clerk (authentication, EU region)
• Stripe (payments, EU region)
• PostHog (self-hosted on Hetzner; not a third-party processor in the data-protection sense)

Questions: privacy@clamper.ai.