Privacy Policy

1. Introduction

FirePan ("we," "us," or "our") provides AI-powered smart contract security services. This Privacy Policy explains how we collect, use, disclose, and protect your information when you use our services.

By using FirePan, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

Account Information

• Email address
• Name
• Company or organization name
• Account credentials

Code and Project Data

• Smart contract source code you submit for analysis
• Repository URLs and metadata
• Analysis results and security findings

Public Repository Data

• Publicly available code from GitHub and other public repositories
• Organization and developer contact information from public sources
• Repository metadata (stars, commits, contributors)

Usage Data

• Log files and analytics data
• Feature usage patterns
• API call records
• Device and browser information

Payment Information

• Payment details are processed by Stripe
• We do not store full credit card numbers on our servers

3. Public Repository Scanning

• We analyze public repositories to identify smart contract projects and potential security issues
• We may contact developers and organizations based on our analysis of their public repositories
• This outreach is based on publicly available information and our legitimate interest in providing security services to the blockchain community

Your Rights:

• You can opt out of receiving communications from us at any time
• We maintain a suppression list for organizations that do not wish to be contacted
• To opt out, email us at hello@firepan.io with "Opt Out" in the subject line

4. How We Use Your Information

We use the information we collect to:

• Provide security analysis and scanning services
• Generate vulnerability reports and security findings
• Send you alerts about security issues in your code
• Process payments and manage your subscription
• Send marketing communications (with your consent or based on legitimate interest)
• Improve our services through aggregate analytics
• Comply with legal obligations
• Protect against fraud and abuse

5. AI Processing and Third-Party Providers

AI Analysis

Your code is processed using artificial intelligence technologies to identify potential vulnerabilities. This processing involves third-party AI providers.

Third-Party AI Providers

We use the following AI providers to analyze code:

• DeepSeek — AI analysis services
• OpenAI — AI analysis services
• Anthropic — AI analysis services

Each provider has their own privacy policy and data handling practices. We contractually require these providers to:

• Process your code only for analysis purposes
• Not use your code to train their general-purpose models
• Maintain appropriate security measures

Our Commitment

• We do not train our own proprietary models on customer code without explicit written consent
• We do not sell your code or analysis results to third parties

6. Other Third-Party Services

We use additional third-party services to operate our platform:

Each service processes data according to their own privacy policies.

7. Data Retention

We retain your data according to the following schedule:

8. Your Rights

You have the following rights regarding your data:

• Access: Request a copy of your personal data
• Correction: Request correction of inaccurate data
• Deletion: Request deletion of your account and personal data
• Opt-out: Unsubscribe from marketing communications
• Portability: Export your security reports and analysis data
• Object: Object to processing based on legitimate interest

To exercise these rights, contact us at hello@firepan.io.

9. International Users

GDPR (European Economic Area and UK)

If you are in the EEA or UK, our legal bases for processing are:

• Contract: Processing necessary to provide services you requested
• Legitimate Interest: Business operations, security, and B2B marketing
• Consent: Marketing communications where required

Your Additional Rights:

• Right to lodge a complaint with a supervisory authority
• Right to object to direct marketing at any time
• Right to restrict processing in certain circumstances

International Data Transfers

FirePan is based in the United States. If you are accessing our services from outside the US, your data will be transferred to and processed in the US.

For transfers from the EEA/UK, we rely on:

• Standard Contractual Clauses approved by the European Commission
• Other lawful transfer mechanisms as appropriate

10. Cookies and Tracking

We use cookies and similar technologies for:

• Essential Functions: Site functionality, authentication, security
• Analytics: Understanding how users interact with our services

Where required by law, we obtain consent before placing non-essential cookies.

11. Children's Privacy

FirePan is not intended for users under 18 years of age. We do not knowingly collect personal information from children. If we learn we have collected data from a child, we will delete it promptly.

12. Security

We implement appropriate technical and organizational measures to protect your data, including:

• Encryption in transit (TLS/HTTPS)
• Secure API key management
• Access controls and authentication
• Regular security assessments

However, no system is completely secure. We cannot guarantee absolute security of your data.

13. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last Updated" date.

For material changes, we will notify you by email or through our services before the changes take effect.

14. Contact Us

For questions about this Privacy Policy or our data practices:

Email: hello@firepan.io

FirePan — Ship contracts. Not obituaries.