Back to Recon
Legal

Privacy Policy

Last updated 16 June 2026

Recon (“Recon”, “we”, “us”) is a repository-intelligence platform operated by Yestack. We map the architecture of a repository and surface findings, risks, opportunities, and strengths with evidence engineers can trust. This policy explains what we collect, how we use and protect it, and the choices you have. It applies to the Recon web application and related services.

The short version: we access your repositories read-only, we do not keep your source code after an analysis run completes, we never sell your data, and secrets (like an API key you provide) are encrypted and never exposed to the browser.

Information we collect

  • Account information. Your email address, display name, profile photo (if provided by your sign-in provider), and which method you used to sign in (Google, GitHub, or email & password).
  • GitHub connection. When you install our GitHub App, we store the installation identifier and the connected account login. The App is granted read-only access to repository Contents and Metadata only — it cannot push, open pull requests, or modify anything.
  • Repository content (transient). To run an analysis, we make a read-only copy of the selected repository at a specific commit, analyze it, and then delete that copy as soon as the run completes. We do not retain your source code after a run.
  • Analysis outputs (Reports). The architecture map, summary, findings, risks, opportunities, strengths, and supporting evidence excerpts produced by a run. These are stored until you delete them or your account.
  • Usage & billing data. Run counts, model token/cost records, your plan, and any plan-change requests. We use this to enforce monthly limits and to review plan changes.
  • Your own AI key (optional). If you choose to bring your own Anthropic API key, it is encrypted with AES-256-GCM, stored on the server only, displayed to you only as a masked last-4, and never written to logs.
  • Security & operational logs. An audit trail of account- and security-relevant actions, and limited request metadata (such as IP address) used to prevent abuse and protect the service.

How we handle your source code

This is the core of our trust commitment, so we state it plainly:

  • Access is read-only through a GitHub App scoped to Contents (read) and Metadata (read). We never write to, push to, or open pull requests against your repositories.
  • During a run, your code is cloned to ephemeral storage, analyzed, and then permanently deleted. No source is stored after the run finishes.
  • To produce evidence-backed findings, relevant code is sent to our AI sub-processor (Anthropic) for analysis. Files that commonly contain credentials (for example .env files, private keys, and similar) are filtered out before analysis where detected.
  • Generated reports embed only the short, specific code excerpts needed as evidence — not your full repository.

How we use your information

  • To provide the service: run analyses and generate, display, and let you download your reports.
  • To enforce plan limits and review plan-change requests.
  • To secure the service, prevent abuse, debug issues, and maintain an audit trail.
  • To communicate with you about your account, security, or support requests.

We do not use your source code or reports to train machine-learning models.

AI processing

Recon uses Anthropic’s Claude API to analyze code. If you bring your own Anthropic API key, runs are billed to your Anthropic account and are subject to Anthropic’s terms. For observability, we record token and cost metadata (not your source code or secrets) with our observability provider.

Service providers (sub-processors)

We share data only with the providers that help us run Recon:

  • Google Firebase — authentication and database (account and report metadata).
  • Amazon Web Services (S3) — encrypted storage of report artifacts.
  • Anthropic — AI analysis of repository content during a run.
  • Langfuse — LLM cost/usage observability (metadata only — never source code or secrets).
  • Railway — application hosting.

We do not sell your personal information or share it with third parties for their own marketing. We may disclose information if required by law or to protect the rights, safety, and security of Recon and its users.

How we protect your data

  • Encryption in transit (HTTPS/TLS) and at rest (server-side encryption for stored artifacts).
  • Bring-your-own API keys are encrypted with AES-256-GCM and stored server-side only.
  • Secrets, tokens, and credentials are never sent to the browser; report downloads use short-lived, expiring links.
  • Strict per-user data isolation — you can only access your own projects, runs, and reports.
  • Session cookies are HTTP-only and Secure; privileged and security-relevant actions are recorded in an audit log.
  • Least-privilege access controls for our infrastructure (for example, separate read-only and write-only storage credentials).

Data retention

  • Source code: not retained — deleted when each run completes.
  • Reports & account data: kept while your account is active, until you delete them or close your account.
  • Operational/audit logs: retained for a limited period for security and reliability.

Your rights & choices

Depending on your location, you may have the right to access, correct, export, or delete your personal data, and to object to or restrict certain processing. You can disconnect GitHub and remove your API key at any time in Settings. To request account deletion (right to erasure) or a copy of your data, contact us at support@yestack.io. We will action verified requests within a reasonable time.

International data transfers

Our providers may process data in regions outside your own. Where required, we rely on appropriate safeguards for such transfers.

Children

Recon is not directed to children and is not intended for anyone under the age of 16.

Changes to this policy

We may update this policy from time to time. We will revise the “Last updated” date above and, for material changes, take reasonable steps to notify you.

Contact

Questions about this policy or your data? Email support@yestack.io. Yestack is the data controller for Recon. [Legal entity name, registered address, and EU/UK representative to be confirmed.]