Privacy Policy

Last updated: February 1, 2026

1. Introduction

Jishu Labs (“we,” “us,” or “our”) operates the Jumbi platform at jumbi.jishulabs.com. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered code risk assessment service. We are committed to protecting your privacy and handling your data with transparency.

2. Information We Collect

Account Information

When you create an account, we collect your name, email address, and password (stored in hashed form). If you sign up using GitHub OAuth, we receive your GitHub username and email from GitHub's API.

Code Submissions

When you submit code for assessment, we process the code in memory to generate your risk report. Code is not permanently stored on our servers after the assessment completes. Only the assessment results (risk scores, identified issues, and recommendations) are retained.

Usage Data

We automatically collect information about how you interact with Jumbi, including pages visited, features used, assessment frequency, browser type, operating system, and IP address. This data helps us improve the platform.

3. How We Use Your Information

  • To provide and maintain the Jumbi code risk assessment service
  • To generate risk reports and remediation recommendations
  • To send important service notifications and updates
  • To improve our risk detection algorithms and platform features
  • To respond to customer support requests
  • To detect and prevent fraud or abuse of our service

4. Code Privacy

We take the privacy of your code seriously. Here is our commitment:

  • Code is analyzed in memory and discarded after assessment completion
  • We do not use your code to train machine learning models
  • All data transmission is encrypted with TLS 1.3
  • Enterprise customers can opt for fully self-hosted deployments
  • We never share your code with third parties

5. Data Retention

Assessment results (risk scores, issues, recommendations) are retained for the duration of your account. You can export or delete your data at any time from the Settings page. When you delete your account, all associated data is permanently removed within 30 days.

6. Third-Party Services

Jumbi integrates with the following third-party services: Supabase (authentication and database), GitHub (OAuth and repository access), and Vercel/Netlify (hosting). Each of these services has their own privacy policies governing their handling of your data.

7. Your Rights

You have the right to:

  • Access and export all of your personal data
  • Request correction of inaccurate data
  • Request deletion of your account and data
  • Opt out of non-essential communications
  • Lodge a complaint with a data protection authority

8. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us at privacy@jishulabs.com or visit our Contact page.