Your code never leaves
your control.
Anchoria reads your codebase to build a structural model — it does not store raw source code. Here's exactly what we access, what we keep, and how we protect it.
File paths, import statements, function signatures, and call relationships. We parse structure — not logic, strings, or secrets.
No. We build a structural graph from your repo and store that graph. Raw source files are discarded after the scan completes.
Read-only repo access (contents:read, metadata:read). We never request write permissions.
Scans run in isolated, short-lived compute containers. No scan shares infrastructure with another tenant.
AES-256 at rest. TLS 1.3 in transit. Encryption keys are rotated quarterly.
US-East by default. EU region available on Enterprise plans. Data residency guarantees on request.
Admins configure role-based access. Engineers see full output; PMs and founders see plain-language summaries only if you choose.
Yes — at any time from your GitHub OAuth settings or from the Anchoria dashboard. All associated data is queued for deletion within 24h.
No. Support engineers can access metadata (scan status, error logs) with your explicit permission. Source or graph data requires a separate, logged approval.
SOC 2 Type II audit is in progress. Expected completion Q3 2025. Full report shared under NDA for enterprise customers.
DPAs are available for Enterprise plans. Contact sales for a signed copy.
Email privacy@anchoria.dev or use the dashboard. We process deletion requests within 7 business days and confirm in writing.