Legal

Privacy Policy

Last updated: June 2026

Your trust is the product. This policy explains exactly what Inferr collects and what it never touches.

What the scanner reads

The local CLI scanner and GitHub sync collect metadata only:

  • Commit counts and dates; per-repo activity and streaks
  • Languages (from file extensions) and dependency-derived frameworks/APIs/vector DBs
  • AI-tool fingerprints (e.g. Claude Code, Cursor) and detected IDEs
  • Repository names from remotes; paths are hashed (SHA-256), never stored raw

What we never collect

Source code, file contents, actual file paths, secrets/credentials. The scanner is open source so you can verify this. You preview everything before anything uploads.

Account data

Authentication is handled by Clerk (email, name, avatar). Payments by Stripe. We store your profile, application, and subscription status in our database. We do not sell your data.

Who sees your profile

Your public profile is visible only when you mark it public. Employers see your verified profile — never a PDF of self-reported claims. You can edit or unpublish at any time.

Your rights

You can edit, export, or delete your profile and account. Deleting your account removes your profile, scans, and applications. Email privacy@inferr.works for requests.