Privacy Policy

Iris ("we", "our", or "us") is a VS Code extension and accompanying web service built by David Jaja. This Privacy Policy explains what information we collect, why we collect it, how we use it, and your rights regarding your data.

By using Iris — including the VS Code extension, this website, or your account dashboard — you agree to the practices described in this policy. If you do not agree, please discontinue use of the service.

Account information: When you sign in, Clerk (our authentication provider) collects your name, email address, and profile picture from your Google account. We sync this information to our backend database to create and maintain your Iris account.

Payment information: When you upgrade to Pro, Paystack processes your payment. We receive confirmation of payment and your subscription status, but we never see or store your card number, bank details, or other raw payment credentials — these stay with Paystack.

License and subscription data: We store your subscription plan (Free or Pro), license key, and activation status on our servers.

Technical data: Our infrastructure may log standard server-side information such as request timestamps and error traces for debugging purposes. We do not log IP addresses for marketing or tracking.

Iris analyses your source code entirely on your local machine. No source code, file contents, or project data is ever transmitted to our servers.

The extension reads files in your workspace to compute health scores, complexity metrics, TypeScript quality scores, and code smell detections. All of this processing happens locally, offline, and privately.

The only network calls the extension makes are to verify your license key against our backend (authenticated with your Clerk JWT). The payload contains only your user ID and license status — not any code.

To provide the service: your name, email, and account status are used to authenticate you, display your account information, and manage your subscription.

To process payments: your subscription details are passed to Paystack to initiate and confirm billing.

To manage your license: your Clerk user ID is used to validate extension activation and gate Pro features.

To communicate with you: we may send transactional emails (e.g., payment receipts, license assignment) to your registered email address. We do not send marketing emails without your consent.

Clerk (clerk.com): handles authentication. Clerk may collect device and session information as part of their fraud-prevention and session-management features. See clerk.com/privacy.

Paystack (paystack.com): handles payment processing. Paystack is PCI-DSS compliant. See paystack.com/privacy.

We do not sell, rent, or share your personal information with any other third parties for advertising or marketing purposes.

Your account data is stored on our backend servers hosted in a secured environment. We retain your data for as long as your account is active.

If you delete your account, we will delete your personal data (name, email, avatar URL) from our database within 30 days. Anonymised billing records may be retained for legal and accounting purposes.

You may request access to, correction of, or deletion of your personal data at any time by contacting us at the email below.

If you are in the EU or UK, you have rights under the GDPR including the right to data portability and the right to lodge a complaint with your local supervisory authority.

If you are in California, you have rights under the CCPA including the right to know what personal information is collected and the right to opt out of sale (we do not sell personal information).

This website uses cookies set by Clerk to maintain your authentication session. These are strictly necessary cookies and cannot be disabled without breaking sign-in functionality.

We do not use advertising cookies, tracking pixels, or analytics that fingerprint individual users. We do not run Google Analytics or similar third-party tracking scripts.

Iris is not directed at children under 13. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.

We may update this Privacy Policy from time to time. When we do, we will update the 'Last updated' date at the top of this page. Continued use of Iris after changes constitutes acceptance of the updated policy.

If you have questions or requests regarding this Privacy Policy or your personal data, please contact us at: hello@iriscode.co