Privacy Policy
A practical privacy baseline for GhostCode Security visitors, scan leads, and prospective clients.
Information we collect
We may collect website URLs, email addresses, booking details, form submissions, technical project context, analytics events, and communications you choose to send us.
How we use information
We use information to provide the website, run preliminary scans, respond to requests, schedule calls, prepare security services, improve the site, and maintain security and abuse prevention.
Sensitive information
Do not send credentials, secrets, private keys, regulated data, customer records, or exploit payloads before a secure intake channel is agreed.
Third-party tools
GhostCode may use hosting, analytics, booking, email, form, payment, and security tools. Those providers may process data under their own terms and privacy policies.
No selling of data
GhostCode Security does not sell submitted URLs, email addresses, booking data, or client project information.
Before you scale traffic,make sure you are not scaling exposure.
Explore GhostCode
Scan
Run a preliminary exposure estimate for your AI-built SaaS and see recommended checks across Supabase RLS, auth, APIs, storage, webhooks, secrets, business logic, and admin routes.
Security Quiz
Take the free GhostCode Security Quiz to find likely blind spots in your AI-built SaaS and get the GhostCode Audit Checklist.
Audit Checklist
A practical SaaS security checklist for AI-assisted founders covering Supabase, auth, APIs, storage, secrets, webhooks, and business logic.
Services
Compare GhostCode Security services: GhostScan Audit, GhostFix Sprint, and GhostShield Retainer for AI-assisted SaaS teams.
Supabase Security
Supabase security audits for RLS policies, anon key exposure, storage buckets, service role handling, Edge Functions, APIs, and app permissions.
AI Code Security
Security audits for AI-generated SaaS built with Lovable, Bolt, Replit, Cursor, Claude, Codex, and similar AI-assisted development tools.
Case Studies
Coming soon: anonymized GhostCode Security teardowns covering exposed Supabase policies, public buckets, admin route leaks, API abuse paths, and payment or webhook issues.
Security
How GhostCode Security handles client data, access, confidentiality, findings delivery, retention, responsible disclosure, and preliminary scan boundaries.
Book
Book a GhostCode Security call to review your AI-built SaaS, likely exposure paths, access needs, and next security steps.