Privacy Policy

Last updated: 18 June 2026

This policy explains what Facet (“Facet”, “we”, “us”) collects when you use the hosted service at this website, why, and the choices you have. Facet’s core promise shapes everything below: we never store your source code.

1. The headline: we do not store your source code

When you profile a file, its contents are processed transiently to produce measurements and are not retained by Facet after the analysis completes. We do not keep a copy of your source code, and we do not use your source code to train any model.

We do retain derived measurements about your code, not the code itself. To be precise, these are:

per-indicator findings (a present/absent/not-applicable status for each quality indicator we check);
the line numbers a finding occurs on;
a short, one-clause natural-language note describing each finding;
a one-way content hash of the analysed code (so re-profiling unchanged code is free; the hash cannot be reversed into your code);
the resulting per-dimension levels and the inferred tradeoff-profile.

These derived signals describe your code; they are not a copy of it. We pre-scan submitted code for obvious secrets and refuse it before analysis if any are detected, but this scan is best-effort and not a guarantee. As a second layer, any one-clause notes generated by the model are also passed through a secret-scrub before they are stored, so anything matching a secret pattern is replaced with [redacted]in our records. See “Your responsibilities” below.

2. Account & usage data we collect

Account: your email address, handled by our authentication provider (Supabase) when you sign in with GitHub, Google, or an email link.
Usage / quota: counts of profiles run per period, to enforce free-tier limits.
The derived measurements described in section 1, scoped to your account.
Beta feedback you choose to give: when you rate a report (for example whether a level reads too high or too low) or leave a comment, we store that rating, any comment, and a snapshot of the report it refers to (the language, inferred profile, and dimension levels, never the source code). This is how we calibrate the instrument during the beta.
Optional profile (opt-in): if you choose, a few coarse details about you (your role, experience band, domain, and team context) so we can see which kinds of people find Facet’s read fair or unfair. This is strictly opt-in, every field is optional, you can change or remove it, and it is never linked to your code.
Product-update email (opt-in): if you tick the box to hear about launch and new features, we store your email address, the fact and time of that consent, and where you opted in. We email such updates only to addresses that opted in, only occasionally, and every message has an unsubscribe. This list is not linked to your code, and you can withdraw at any time (by unsubscribing or contacting us). We do not yet use a third-party email-sending provider; if we adopt one, we will list it as a sub-processor below before sending.
Operational metadata: standard request logs and aggregate analytics (page views via Vercel Analytics, which does not use tracking cookies).

3. Third-party processing of submitted code (the honest disclosure)

Facet analyses your code by sending it, over an encrypted connection, to third-party large language model providers, routed via OpenRouter. Depending on the dimension being measured, the provider may be one of several model vendors (for example Google, DeepSeek, Alibaba/Qwen, or z.ai). The model returns findings; deterministic code on our side does the scoring.

We select providers and configure requests to minimise any retention of submitted content, and our intent is that submitted code is used only to perform your analysis and not retained or used for training by these providers. However, each provider operates under its own terms and privacy policy, and we cannot warrant their retention or training behaviour on their behalf. You consent to this third-party processing at the point of each profile (the consent checkbox), and you should not submit code you are not permitted to share with such providers. If your code must never leave your security boundary, a self-hosted tier is on our roadmap; contact us.

4. Sub-processors

We rely on the following processors. We will keep this list current.

Supabase: authentication and database (your account, usage, and derived measurements).
Render: hosting for our API.
Vercel: hosting for this web app and privacy-friendly page analytics.
OpenRouter and the downstream model providers it routes to: transient analysis of submitted code (section 3).
Langfuse: observability of our model calls. Langfuse receives only metadata (token and character counts, latency, the model used, and an opaque account identifier so we can monitor usage and prevent abuse); it does not receive your code or the analysis text.

5. Where your data is processed & international transfers

Your account and derived measurements are stored in our database (Supabase) in the Tokyo, Japan region (AWS ap-northeast-1). Our API host (Render) processes requests in its configured region, and our web host (Vercel) serves the site from a global edge network. If you are located outside Japan, your information is processed there, and where required such transfers rely on appropriate safeguards (such as the relevant standard contractual clauses).

6. Why we are allowed to process this (lawful bases)

To provide the service (performance of our contract with you): account, profiling, reports, quota.
Your consent: sending your code to third-party model providers for analysis (section 3).
Opt-in: any use of de-identified, aggregated measurement signals to improve our benchmarks is opt-in, disclosed, and never includes your raw code (section 8).

7. Retention & deletion

Your account and the derived measurements linked to it are retained while your account is active. You can request deletion of your account at any time. On account deletion we remove your identifiable account data; de-identified measurement signals (no longer linked to you) may be retained for benchmarking and product improvement. Submitted source code is, as stated, not retained in the first place.

8. Aggregate / benchmark data

We may build aggregate benchmarks from measurement signals. Any such use is opt-in, uses de-identified data, and never includes your raw source code. We use “de-identified” rather than “anonymised” deliberately: until identifiers are irreversibly removed, the data is treated as pseudonymous and protected accordingly.

9. Your rights

Depending on where you live, you have rights over your personal information, including under the Australian Privacy Act (Australian Privacy Principles), the EU/UK GDPR, and the California CCPA/CPRA. These generally include the right to access, correct, delete, export, and object to processing of your data, and to withdraw consent. To exercise any of them, contact us (section 12). We do not sell your personal information.

10. Security & breach notification

We protect data in transit and at rest, enforce per-account row-level isolation in our database, and authenticate every request. No system is perfectly secure. If a data breach likely to result in serious harm occurs, we will notify affected users and the relevant authorities as required by applicable law (including the Australian Notifiable Data Breaches scheme and GDPR breach-notification rules).

11. Your responsibilities

Our secret-scrub is a safety net, not a guarantee. Do not submit code containing live secrets, credentials, personal information about others, or data you are contractually or legally barred from sending to third-party processors. You are responsible for ensuring you have the right to submit the code you profile.

12. Cookies

We use a session cookie / local storage strictly to keep you signed in (via Supabase auth). Vercel Analytics measures page views without tracking cookies. We do not use advertising cookies.

13. Children

Facet is not directed to children. You must be at least 16 to use it.

14. Changes & contact

We will post any material changes here and update the date above. For privacy questions or to exercise your rights, contact us at kareem.soliman@firasa.com.au.