# Security at bugstack Your code stays yours. Every fix runs through your CI before anything ships. ## What we access bugstack fetches only the files related to the error: the erroring file from the stack trace, its imports (up to two levels deep), type definitions, and corresponding test files. We never clone your full repository. ## Auto-merge guardrails - Max 3 files changed per fix - Max 30 lines changed per fix - No new dependencies - Syntax + scope validated - CI gates every fix - Confidence thresholds per project ## What we store and for how long **Error data** (stack traces, error messages, request context) is retained indefinitely. Duplicate errors within a 24-hour window are collapsed into a single record with an occurrence count. Deleting a project cascades to all associated error and fix data. **Source code files are never stored.** Files are fetched from GitHub via API during fix generation and exist only in memory for the duration of the AI call. What we persist: the code snippet at the error location, the AI-generated fix, the diff, and the fix explanation. Full repository files are never written to disk or database. **File tree metadata** (paths and types only, no contents) is stored per project to enable scoped context building. **Request context** is redacted before storage. Header values, query parameter values, and request body values are replaced with `[REDACTED]` — only key names are visible. **Infrastructure:** PostgreSQL on Neon (AWS, US region). Application hosted on Render (Oregon). No multi-region replication. ## Code & AI model providers **LLM provider:** Anthropic Claude exclusively. No OpenAI or other model providers. **What we send to the model:** error type, message, stack trace (first 15 lines), the primary source file, up to 10 related files (imports, 2 levels deep), type definitions, test files, and framework context. Request context values are redacted — only key names are included. **Model training:** Your code is never used to train or fine-tune models. Anthropic's API has a zero-retention policy — prompts and completions are not stored or used for training per [Anthropic's data usage policy](https://www.anthropic.com/policies/privacy). ## Encryption **At rest:** Sensitive fields (GitHub access tokens, refresh tokens, project API keys) are encrypted with AES-256-GCM — authenticated encryption with random 12-byte IVs and 16-byte auth tags. Error data is stored with Neon's default storage encryption. **In transit:** TLS 1.2+ enforced on all connections. TLS is terminated at Render's reverse proxy with automatic certificate provisioning. Database connections use `sslmode=require`. ## Authentication bugstack uses GitHub OAuth for authentication. We request only the minimum permissions needed: repository read/write access for the repos you explicitly select. bugstack never accesses repos you haven't authorized. Production infrastructure (Render, Neon, GitHub org) is single-operator — no shared credentials or team access. ## Compliance **SOC 2:** Not currently pursued. Our infrastructure providers (Neon, Render, Anthropic) maintain their own SOC 2 certifications. **GDPR:** bugstack can process EU user data — both Neon and Render offer EU regions. No formal Data Processing Agreement (DPA) is available at this time. If you have GDPR-specific requirements, [contact us](mailto:support@bugstack.ai). **Data deletion:** Deleting a project removes all associated error data, fixes, and metadata. Account deletion is available on request. ## Technical details For a deep dive into exactly what data the SDK transmits, see [Data and Privacy](/docs/privacy). For architecture details on the capture-to-PR pipeline, see [How bugstack Works](/docs/how-it-works). ## Reporting a vulnerability Found a security issue? Email [security@bugstack.ai](mailto:security@bugstack.ai). We take every report seriously and will respond within 48 hours. ## Never Look Back. Stop triaging. Start shipping. [Start Your Free Trial](https://dashboard.bugstack.ai/login) or 14-day free trial Setup in minutes Full feature access Cancel anytime