← flounder

Privacy Policy

Last updated: April 2026

What We Collect

When you use flounder, we collect the following information:

  • Your email address, via GitHub OAuth
  • Your GitHub username
  • Your GitHub access token, stored in our database and used only to read your repository during the audit
  • Your product description and intake answers
  • Your audit report content
  • Stripe payment information, processed by Stripe directly. We never see your card number.

How We Use It

  • To run the code audit. Your GitHub token is used once to fetch your repository files. The token is stored but not reused unless you request a new report.
  • To generate and deliver your Launch Readiness Report
  • To process your payment via Stripe
  • To email you your report if you provide an email address

GitHub Access

flounder requests the repo scope to read your codebase. We read file contents to perform the audit. We do not write to your repository, create branches, open issues, or take any action beyond reading. Your token is stored in our database and used only when you initiate an audit. The repo scope grants read access to your repositories. flounder only reads the specific repository you provide and takes no other action.

Anthropic

Your code is sent to Anthropic's Claude API to generate the audit and report. This is how the product works. Anthropic's privacy policy governs their handling of this data. We do not share your code with any other third parties beyond those listed here.

Data Retention

Your report and audit data are stored indefinitely so you can access them. You can request deletion by emailing us at hello@getflounder.com.

Third Parties

We use the following third-party services:

  • Stripe — payment processing
  • Anthropic — AI analysis. Your code is sent to Anthropic's API to generate the audit and report.
  • Supabase — database and authentication
  • Vercel — hosting

We do not sell your data.

Your Rights (GDPR)

If you are located in the European Economic Area, you have rights regarding your personal data under GDPR, including the right to access, correct, or delete your data. Contact hello@getflounder.com to exercise these rights.

Contact

Questions about this policy? Email us at hello@getflounder.com.