Legal

Privacy Policy

Last updated: October 24, 2023

Introduction

At Zento, we are committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you use our AI-powered code review and automated testing platform. Our tagline is simple: Ship faster. Break nothing. We believe that to ship without breaking, you need to trust the tools you use.

This policy applies to the Zento website, the Zento CLI, and all integrations with third-party CI/CD providers (GitHub Actions, GitLab CI, etc.). By accessing or using Zento, you agree to the collection and use of information in accordance with this policy.

Data We Collect

We collect three primary categories of data to operate and improve our service:

Account Data

When you sign up, we collect your name, email address, organization name, and the plan you select. We also collect your billing information (name on card, last four digits) to process payments via Stripe. This data is used solely to manage your subscription and provide account access.

Code Snippets

To perform AI-driven code review and test generation, we process code diffs, pull request files, and test files you submit via our CLI or integrations. This includes repository metadata (branch names, commit hashes) to track changes over time. We do not store your entire repository history, only the specific changes requested for analysis.

Usage Telemetry

We collect anonymous telemetry data regarding how you use the platform, such as the number of reviews processed, average cycle time, error rates, and performance metrics. This helps us identify bugs and improve the reliability of our AI models.

How We Use Your Data

Your data is used strictly for the following purposes:

  • Service Delivery: To analyze code, generate tests, and provide real-time feedback within your CI pipeline.
  • Model Improvement: To train and fine-tune our proprietary AI models on anonymized patterns of code review and bug detection. We do not use your specific code to train models that are sold to third parties.
  • Security: To detect anomalies, prevent abuse, and protect the integrity of the platform for all users.
  • Legal Compliance: To comply with applicable laws and regulations, including responding to valid legal requests.

Data Sharing and Third Parties

We do not sell your personal data. We may share your data only in the following circumstances:

  • Service Providers: We use cloud infrastructure providers (AWS, Google Cloud) to host our services. These providers have access to your data only to perform necessary tasks and are contractually prohibited from using it for their own purposes.
  • Payment Processors: We use Stripe to process payments. They receive only the minimum information necessary to complete the transaction.
  • Legal Obligations: We may disclose data if required to do so by law or in response to a valid legal request.

Data Retention and Deletion

We retain your data for as long as your account is active and for the period necessary to fulfill the purposes outlined in this policy.

Account Data

We retain your account information for 30 days after account deletion to allow for potential recovery or legal holds, after which it is permanently purged.

Code Data

Code snippets and analysis results are retained for 90 days. After this period, they are automatically deleted from our processing queues and storage systems.

Telemetry

Anonymous usage logs are retained for 30 days for debugging and analytics purposes.

Your Rights (GDPR & CCPA)

Depending on your location, you may have certain rights regarding your personal data under the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

  • Access: You have the right to request a copy of the personal data we hold about you.
  • Rectification: You have the right to request correction of inaccurate or incomplete data.
  • Erasure: You have the right to request the deletion of your data, subject to certain exceptions.
  • Data Portability: You have the right to receive your data in a structured, machine-readable format.
  • Objection: You have the right to object to the processing of your data.

To exercise these rights, please contact our Data Protection Officer using the details provided at the bottom of this page.

Cookie Policy

We use cookies and similar tracking technologies to enhance your experience, analyze usage trends, and ensure security.

  • Essential Cookies: These are required for the website to function properly (e.g., authentication, session management).
  • Analytics Cookies: These allow us to count visits and traffic sources so we can measure and improve the performance of our site.
  • Marketing Cookies: These are used to track visitors across websites to display relevant advertisements.

You can control and manage cookies through your browser settings. Disabling cookies may affect the functionality of the site.

Contact the Data Protection Officer

If you have any questions about this Privacy Policy or wish to exercise your data protection rights, please contact our Data Protection Officer:

Email: privacy@zento.ai

Address: 123 Innovation Drive, Suite 400, San Francisco, CA 94107, USA