Skip to content
Opviva.

Privacy Policy

Last updated 2026-06-25

1. Who we are

Opviva provides security scanning, monitoring, and automated fixes for applications you connect. This policy explains what we collect and how we use it. Questions: support@opviva.com.

2. What we collect

Account data (your email, and a name/avatar if you sign in with Google or GitHub); the domains, repositories, and apps you connect; scan results and findings; test-account sessions you provide for authenticated scans; and basic usage/billing records. We collect only what's needed to run the service.

3. Sign in with Google / GitHub

If you sign in with Google or GitHub, we receive your verified email address (and basic profile) solely to create or locate your account. We do not post on your behalf or access your contacts. GitHub repository access for fixes is handled separately through the GitHub App you explicitly install, with least-privilege permissions.

4. How we use your data

To authenticate you, run the scans and fixes you request, send security alerts and service emails, prevent abuse, and bill paid plans. We do not sell your personal data or use it for advertising.

5. Your code & credentials

Source code is processed to perform scans and propose fixes and is not retained beyond what's needed to deliver the service. Secrets and test-account credentials are encrypted at rest and never logged. Active scanning only runs against domains you have verified you own.

6. Sharing & subprocessors

We share data only with infrastructure subprocessors that run the service (hosting, database, email delivery, payment processing, and the AI models used to analyze and fix issues), each under their own data-protection terms. We disclose data if required by law.

7. Retention & deletion

We keep account and findings data while your account is active. You can delete your account from the Account page, which removes your personal data and associated findings, subject to records we must retain for legal or billing reasons.

8. Security

We use encryption in transit and at rest, least-privilege access, and the same hardening we hold customers to. No system is perfectly secure, but we work to protect your data and disclose incidents where required.

9. Your rights

You may access, correct, export, or delete your personal data. Email support@opviva.com and we'll help. Depending on your region, you may have additional rights under GDPR or similar laws.

10. Changes

We may update this policy; material changes will be communicated. Continued use after an update means you accept the revised policy.

Questions about your data? Contact support.