Privacy Policy

When you use DynaLab.ai, we collect:

• Account information: Name, email address, and profile picture from your GitHub or Google account when you sign in.
• Session data: Code edits, AI prompts, test runs, file operations, and timing data during coding sessions. This is used to generate your scorecard and session replay.
• Usage data: Pages visited, features used, and interactions with the platform for analytics and product improvement.
• Waitlist information: Email address when you join the Pro waitlist.

• Generate scorecards and session replays for your coding sessions.
• Compute benchmarking and percentile rankings (aggregated, anonymized).
• Send transactional emails (scorecard ready, waitlist confirmation).
• Improve the platform, fix bugs, and develop new features.
• Communicate product updates if you opt in.

We do not sell your personal data. We may share data with:

• AI providers (Anthropic, OpenAI): Your prompts are sent to generate AI responses during sessions. We do not send personally identifiable information.
• Analytics services (PostHog): Anonymized usage data to understand how the platform is used.
• Hosting providers (Vercel, Fly.io, Neon): Infrastructure providers that process data on our behalf.

Your data is stored on secure cloud infrastructure. All data is encrypted at rest using AES-256 and in transit using TLS 1.3.

Assessment session data, including telemetry events and scorecards, is stored in our primary database hosted in secure data centers.

For enterprise customers, we offer custom data residency options. Contact sales@dynalab.ai for details.

• Account data: Retained while your account is active. You can request deletion at any time.
• Assessment sessions and scorecards: Retained for 24 months after completion for your reference and comparison.
• Telemetry and event data: Retained for 12 months, then automatically anonymized.
• After account deletion: All personally identifiable data is purged within 30 days. Anonymized, aggregated data may be retained for platform improvement.

Code you write during sessions is stored to generate scorecards and replays. Your code is not shared with other users, used for AI training, or made publicly accessible unless you explicitly share your scorecard link.

We use essential cookies for authentication and session management. We use analytics cookies (PostHog) to understand usage patterns. You can disable non-essential cookies in your browser settings.

We use industry-standard security measures including HTTPS encryption, secure authentication via OAuth providers, and encrypted database connections. Sandbox environments are isolated per session.

DynaLab.ai is not intended for users under 13 years of age. We do not knowingly collect data from children under 13.

DynaLab.ai is committed to compliance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

Legal Basis for Processing: We process personal data based on legitimate interest (service delivery and platform security), contractual necessity (providing the services you signed up for), and consent (for optional analytics and marketing communications).

Your Rights:

• Right to access your personal data
• Right to rectify inaccurate data
• Right to erasure (“right to be forgotten”)
• Right to restrict processing
• Right to data portability
• Right to withdraw consent at any time
• Right to lodge a complaint with a supervisory authority

For enterprise customers, we offer Data Processing Agreements (DPAs) upon request.

To exercise any of these rights, contact us at privacy@dynalab.ai.

We may update this privacy policy from time to time. We will notify users of material changes via email or an in-app notice.

For questions about this privacy policy or to request data deletion, contact us at privacy@dynalab.ai.