Privacy Policy
Last updated 2026-06-25
1. Who we are
Opviva provides security scanning, monitoring, and automated fixes for applications you connect. This policy explains what we collect and how we use it. Questions: support@opviva.com.
2. What we collect
Account data (your email, and a name/avatar if you sign in with Google or GitHub); the domains, repositories, and apps you connect; scan results and findings; test-account sessions you provide for authenticated scans; and basic usage/billing records. We collect only what's needed to run the service.
3. Sign in with Google / GitHub
If you sign in with Google or GitHub, we receive your verified email address (and basic profile) solely to create or locate your account. We do not post on your behalf or access your contacts. GitHub repository access for fixes is handled separately through the GitHub App you explicitly install, with least-privilege permissions.
4. How we use your data
To authenticate you, run the scans and fixes you request, send security alerts and service emails, prevent abuse, and bill paid plans. We do not sell your personal data or use it for advertising.
5. Your code & credentials
Source code is processed to perform scans and propose fixes and is not retained beyond what's needed to deliver the service. Secrets and test-account credentials are encrypted at rest and never logged. Active scanning only runs against domains you have verified you own.
6. Sharing & subprocessors
We share data only with infrastructure subprocessors that run the service (hosting, database, email delivery, payment processing, and the AI models used to analyze and fix issues), each under their own data-protection terms. We disclose data if required by law.
7. Retention & deletion
We keep account and findings data while your account is active. You can delete your account from the Account page, which removes your personal data and associated findings, subject to records we must retain for legal or billing reasons.
8. Security
We use encryption in transit and at rest, least-privilege access, and the same hardening we hold customers to. No system is perfectly secure, but we work to protect your data and disclose incidents where required.
9. Your rights
You may access, correct, export, or delete your personal data. Email support@opviva.com and we'll help. Depending on your region, you may have additional rights under GDPR or similar laws.
10. Changes
We may update this policy; material changes will be communicated. Continued use after an update means you accept the revised policy.
Questions about your data? Contact support.
