Privacy Policy

Iris ("we", "our", or "us") is a VS Code extension and accompanying web service built by David Jaja. This Privacy Policy explains what information we collect, why we collect it, how we use it, and your rights regarding your data.

By using Iris — including the VS Code extension, this website, or your account dashboard — you agree to the practices described in this policy. If you do not agree, please discontinue use of the service.

Account information: When you sign in, Clerk (our authentication provider) collects your name, email address, and profile picture from your Google account. We sync this information to our backend database to create and maintain your Iris account.

Payment information: When you upgrade to Pro, Paystack processes your payment. We receive confirmation of payment and your subscription status, but we never see or store your card number, bank details, or other raw payment credentials — these stay with Paystack.

License and subscription data: We store your subscription plan (Free or Pro), license key, and activation status on our servers.

Product-use events: We may store limited usage events such as extension activation, workspace or folder scans, feature-gate hits, and related lifecycle actions so we can operate licensing, account surfaces, admin support, and notification features. These events are product telemetry, but they do not include your source code or file contents.

Technical data: Our infrastructure may log standard server-side information such as request timestamps and error traces for debugging purposes. We do not log IP addresses for marketing or tracking.

Iris analyses your source code entirely on your local machine. No source code, file contents, or project data is ever transmitted to our servers.

The extension reads files in your workspace to compute health scores, complexity metrics, TypeScript quality scores, and code smell detections. All of this processing happens locally, offline, and privately.

The extension does make limited network calls for account and product operation, including license validation, sign-in flows, config sync, and bounded product-use event logging. These payloads are for account, billing, and lifecycle features and do not include your source code or project contents.

To provide the service: your name, email, and account status are used to authenticate you, display your account information, and manage your subscription.

To process payments: your subscription details are passed to Paystack to initiate and confirm billing.

To manage your license: your Clerk user ID is used to validate extension activation and gate Pro features.

To communicate with you: we may send transactional and operational emails needed for account security, billing, and service operation, plus optional product updates or tips when those categories are enabled in your notification preferences. We do not sell your data or send unrelated marketing blasts.

Clerk (clerk.com): handles authentication. Clerk may collect device and session information as part of their fraud-prevention and session-management features. See clerk.com/privacy.

Paystack (paystack.com): handles payment processing. Paystack is PCI-DSS compliant. See paystack.com/privacy.

We do not sell, rent, or share your personal information with any other third parties for advertising or marketing purposes.

Your account data is stored on our backend servers hosted in a secured environment. We retain your data for as long as your account is active.

If you delete your account, we will delete your personal data (name, email, avatar URL) from our database within 30 days. Anonymised billing records may be retained for legal and accounting purposes.

You may request access to, correction of, or deletion of your personal data at any time by contacting us at the email below.

If you are in the EU or UK, you have rights under the GDPR including the right to data portability and the right to lodge a complaint with your local supervisory authority.

If you are in California, you have rights under the CCPA including the right to know what personal information is collected and the right to opt out of sale (we do not sell personal information).

This website uses cookies set by Clerk to maintain your authentication session. These are strictly necessary cookies and cannot be disabled without breaking sign-in functionality.

We do not use advertising cookies, tracking pixels, or third-party analytics scripts that fingerprint individual users. Separately, Iris may store first-party product-use events needed for licensing, support, lifecycle, and notification features.

Iris is not directed at children under 13. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.

We may update this Privacy Policy from time to time. When we do, we will update the 'Last updated' date at the top of this page. Continued use of Iris after changes constitutes acceptance of the updated policy.

If you have questions or requests regarding this Privacy Policy or your personal data, please contact us at: hello@iriscode.co