Privacy Policy

Last updated June 12, 2026

1. Overview

This Privacy Policy explains what information Vigil collects when you use our code-virtualization service, how we use it, and the choices you have. It applies to the Vigil websites, APIs, and dashboard.

2. Information we collect

  • Account information from your identity provider when you sign in with GitHub, such as your name, email address, and avatar.
  • Content you submit, including binaries, debug symbols, and job configuration.
  • Usage data, such as job counts, quota consumption, and basic request logs used to operate and secure the Service.

3. How we use information

We use your information to authenticate you, perform the protection jobs you request, enforce plan quotas, provide support, and keep the Service secure. We do not sell your personal information, and we do not use your submitted binaries to train machine-learning models.

4. Processing of binaries and symbols

Binaries and debug symbols you upload are processed only to produce the protected artifact you requested. They are handled as confidential, retained no longer than needed to deliver and support the job, and then deleted on a routine schedule.

5. Sharing and disclosure

We share information only with service providers that help us operate the Service (such as hosting and payment processors) under confidentiality obligations, or when required by law.

We may disclose information to protect the rights, safety, and security of Vigil, our users, and the public.

6. Data retention

Account data is retained while your account is active. Submitted binaries and symbols are retained only transiently to complete and support a job. You can request deletion of your account and associated data at any time.

7. Security

We use encryption in transit, access controls, and isolation between customer jobs to protect your data. No method of transmission or storage is perfectly secure, but we work to protect your information using industry-standard safeguards.

8. Cookies and sessions

We use a single, strictly necessary session cookie to keep you signed in. It is set as HttpOnly so it cannot be read by client-side scripts. We do not use third-party advertising or tracking cookies.

9. Your rights

Depending on your location, you may have the right to access, correct, export, or delete your personal information, and to object to or restrict certain processing. To exercise these rights, contact us using the details below.

10. International transfers

Your information may be processed in countries other than your own. Where it is, we take steps to ensure an adequate level of protection consistent with applicable law.

11. Children's privacy

The Service is not directed to children, and we do not knowingly collect personal information from anyone under the age of majority in their jurisdiction.

12. Changes to this policy

We may update this Policy from time to time. Material changes will be communicated through the Service or by email, and the updated date above will reflect the latest revision.

13. Contact

Questions about this Policy or your data can be sent to [email protected].