Privacy & Security

At CodeKnack, protecting your code and organizational data is our highest priority. We follow industry best practices to ensure data privacy, platform security, and responsible AI usage.

Data Handling & Review Scope

Minimal Data Access:
CodeKnack only accesses the code, metadata, and pull request information required to perform code reviews.

No Long-Term Storage:
We do not permanently store your source code. All analysis happens transiently, and data is discarded shortly after the review is complete.

Scoped Repository Access:
We request only the permissions necessary to read pull requests and post comments. CodeKnack does not push code or alter repositories in any way.

No Private Code Used for Training:  
We do not use your private code for model training or fine-tuning unless explicitly authorized.

Compliance & Certifications

CodeKnack adheres to security and privacy frameworks recognized across the industry. Our platform is compliant or aligned with the following:

- SOC 2 Type II (in progress)
- ISO 27001 Certified
- VAPT Certified

You can request a copy of our latest audit reports, security whitepaper, or data protection policies by contacting our support team.

Responsible AI Use

No Model Training on Customer Code:
CodeKnack does not use customer repositories to train or fine-tune our AI models.

Private by Default:
All reviews happen within your Git platform (e.g., GitHub, GitLab). AI feedback is delivered as comments or summaries.

Human-in-the-Loop Optionality:
Our system supports hybrid workflows where human reviewers remain in full control of the final review and merge decisions.