Privacy Policy

Last updated: March 1, 2026

Overview

audited.xyz ("we", "us", "our") provides AI-powered security audits for software projects. This policy explains what data we collect, how we use it, and your rights.

Data We Collect

  • Account data — wallet address or GitHub username used to authenticate.
  • Code submitted for audit — source files, GitHub repository URLs, or ZIP archives you upload. Used solely to generate your audit report.
  • Audit reports and findings — the generated report and structured findings associated with your account.
  • Payment data — credit purchases via Stripe (card details handled entirely by Stripe; we store only transaction metadata) or USDC transaction hashes for on-chain payments.
  • Usage data — pages visited, API requests, audit creation events. Collected via PostHog for product analytics.
  • Error data — stack traces and error events collected via Sentry to diagnose bugs.

How We Use Your Data

  • To generate your security audit report using the Anthropic Claude API.
  • To operate your account, process payments, and send notifications.
  • To improve the platform through aggregate, anonymized usage analytics.
  • To diagnose and fix errors.

We do not sell your data or use your submitted code to train AI models.

Public Audits

If you mark an audit as public, its report and findings become visible to anyone, including via the API. You can unpublish an audit at any time from the audit settings page.

Third-Party Services

  • Anthropic — your code is sent to the Claude API to generate the audit report.
  • Stripe — processes credit card payments. Subject to Stripe's Privacy Policy.
  • PostHog — product analytics (self-hosted).
  • Sentry — error monitoring.
  • Railway — cloud infrastructure hosting.

Data Retention

Audit reports and findings are retained as long as your account is active. You may delete an audit at any time. To request deletion of your account and all associated data, contact us at the address below.

Security

All data is transmitted over HTTPS. Access to production systems is restricted. Audit code submissions are stored encrypted at rest.

Contact

Questions about this policy? Contact us or email [email protected].