Privacy Policy

This Privacy Policy explains how Sidian Labs (referred to as "we," "us," or "our") collects, uses, and protects your information when you use Sidian, our AI-powered IDE service (referred to as the "Service"). We understand the importance of your privacy and are committed to protecting your personal information and ensuring that your source code remains secure and under your complete control at all times.

By using Sidian, you acknowledge that you have read, understood, and agree to be bound by the terms of this Privacy Policy. If you do not agree with any part of this policy, please discontinue use of our Service immediately.

At Sidian, we believe in transparency about what data we collect and, more importantly, what we don't collect. Our privacy-first architecture ensures that your most sensitive information, your source code, never leaves your device unless you explicitly choose to use cloud-based features.

What We Don't Collect

We want to be crystal clear about what we do not collect. We do not store, access, or transmit your source code files in any form. Your project files, file contents, and intellectual property remain entirely on your local machine. This is a fundamental principle of how Sidian operates, and we have designed our architecture specifically to ensure your code stays private and under your control.

2.1 Account Information

When you create an account with Sidian, we collect certain information necessary to provide you with access to our Service. This includes your email address, which serves as your primary identifier and allows us to communicate important information about your account. We also collect your chosen username and display name, which are used to personalize your experience within the application. Your password is collected during account creation but is immediately encrypted using industry-standard security practices before being stored. Additionally, we store your account preferences and settings to ensure a consistent experience across sessions and devices.

2.2 Subscription Data

If you subscribe to a paid plan on Sidian, we collect billing information necessary to process your payments and maintain your subscription. This includes payment method details, which are securely processed by our third-party payment processors and never stored directly on our servers in unencrypted form. We maintain records of your subscription plan and status to ensure you have access to the appropriate features and capabilities. We also track usage limits and quotas associated with your subscription tier to prevent service interruptions and ensure fair usage across our user base.

2.3 Usage Analytics

To continuously improve Sidian and provide you with the best possible experience, we collect anonymized usage analytics. These statistics help us understand which features are most valuable to our users and where we should focus our development efforts. We track feature usage statistics in a completely anonymized manner, meaning we cannot identify individual users from this data. We also collect performance metrics to identify and resolve bottlenecks in the application. Error logs and crash reports are automatically generated when issues occur, but these reports are carefully sanitized to ensure they contain no code content or sensitive information. Finally, we record session duration and frequency to understand usage patterns and optimize the application for typical workflows.

2.4 Technical Information

Certain technical information about your system is collected to ensure Sidian runs smoothly and efficiently on your device. This includes your operating system type and version, which allows us to optimize performance and provide platform-specific features. We collect information about your Sidian version and configuration to ensure compatibility with our services and to help troubleshoot any issues you might encounter. Hardware specifications such as processor type, memory, and storage information are used purely for optimization purposes and to ensure system requirements are met. We also collect network information including your IP address and Internet Service Provider details, which are primarily used for security purposes and to comply with legal requirements in various jurisdictions.

2.5 AI Interaction Data

When you use Sidian's AI-powered features, we collect certain data to improve and personalize the AI experience. We store your AI model preferences and settings to ensure consistent behavior across sessions. We collect anonymized usage patterns for AI features to understand how developers interact with AI assistance and to improve our models over time. Performance metrics for AI responses help us optimize response times and accuracy. When you provide feedback on AI suggestions (which is optional), we use this information to refine our algorithms and deliver better suggestions in the future. It's important to note that when using cloud-based AI features, your code snippets may be sent to AI providers for processing, but you always have the option to use local-only AI processing to avoid any external data sharing.

The data we collect serves specific purposes, all aimed at providing you with the best possible experience while maintaining your privacy and security. We use this information responsibly and only for the purposes outlined in this section.

3.1 Provide and Improve the Service

The primary use of your data is to deliver and enhance the Sidian experience. We use your account information to authenticate users and manage accounts, ensuring that only authorized individuals can access your data and settings. Your subscription data allows us to process subscriptions and billing accurately, maintaining uninterrupted access to the features you've paid for. Your preferences and usage patterns help us deliver AI-powered features and suggestions that are tailored to your workflow and coding style. By analyzing aggregated usage data, we continuously optimize performance and user experience, identifying areas where we can make improvements and streamline workflows.

3.2 Communication

We use your contact information to maintain effective communication with you. Critical service updates and notifications are sent to ensure you're always informed about changes that might affect your use of Sidian. When you reach out to our support team with questions or issues, we use your information to respond promptly and effectively to your support requests and inquiries. We also share information about product updates and new features, but only with your explicit consent. You can opt out of these communications at any time. Security alerts and account information are sent when necessary to protect your account and keep you informed of any suspicious activity or important account changes.

3.3 Analytics and Improvement

Understanding how Sidian is used in real-world scenarios helps us build a better product. We analyze usage patterns to improve features, identifying which capabilities are most valuable and which might need enhancement or redesign. We continuously monitor service performance and reliability to ensure Sidian runs smoothly and efficiently for all users. Our research and development efforts are guided by real usage data, helping us prioritize new features and improvements that will have the greatest impact. All analytics we generate are based on anonymized usage statistics that cannot be traced back to individual users, protecting your privacy while giving us valuable insights.

3.4 Legal and Security

We take our legal obligations and your security seriously. We use collected data to comply with legal obligations and regulations in the jurisdictions where we operate. Your information helps us protect against fraud, abuse, and security threats, ensuring a safe environment for all Sidian users. We use data when necessary to enforce our Terms of Service and maintain the integrity of our platform. In rare cases, we may need to respond to legal requests and court orders, and having accurate records ensures we can comply with such requests appropriately while protecting user privacy to the maximum extent permitted by law.

Your privacy is paramount to us, and we want to be completely transparent about how and when we share data. We do not sell, rent, or trade your personal information under any circumstances. However, there are limited situations where we may share data with trusted partners or as required by law.

4.1 Service Providers

To deliver Sidian's features and functionality, we work with carefully selected third-party service providers. Payment processors handle billing and subscriptions on our behalf, ensuring secure and reliable payment processing without us directly handling your financial information. Cloud infrastructure providers host our service and ensure it's available and performant for users worldwide. Analytics services help us gain insights from usage data, but they only receive anonymized data that cannot identify individual users. Customer support tools enable our team to provide you with timely and effective assistance when you need help. All these service providers are contractually obligated to protect your data and use it only for the purposes we've specified.

4.2 AI Model Providers

When you use cloud-based AI features in Sidian, code snippets may be sent to AI providers for processing in real-time. This is necessary to generate intelligent suggestions and assistance. However, this data is processed immediately and is not stored by these providers beyond the time needed to generate a response. It's important to note that you always have complete control over this. You can opt for local-only AI processing to avoid any external sharing of your code. We provide clear indicators in the interface when cloud AI features are being used, so you always know when data is being sent externally.

4.3 Legal Requirements

In certain circumstances, we may be required to share information to comply with legal obligations. This includes situations where we're required by law, regulation, or court order to disclose information. We may share data when necessary to protect our rights, property, or safety, or that of our users and the general public. When there's a need to prevent fraud or security threats, we may share relevant information with appropriate authorities or security services. In connection with legal proceedings, we may be required to provide information as part of discovery or other legal processes. In all such cases, we carefully review requests to ensure they are legally valid and we share only the minimum information necessary to comply.

4.4 Business Transfers

In the event of a merger, acquisition, or sale of assets involving Sidian Labs, your information may be transferred to the acquiring entity as part of the transaction. Should this occur, we will notify all users in advance of any ownership changes and provide information about the new entity. Importantly, all existing privacy protections will be maintained, and the new owners will be required to honor the commitments made in this Privacy Policy. You will have the opportunity to delete your account if you do not wish your information to be transferred.

Protecting your data is one of our highest priorities. We implement comprehensive security measures across technical, operational, and architectural levels to ensure your information remains safe and private.

5.1 Technical Safeguards

We employ multiple layers of technical security to protect your data. All data transmitted between your device and our servers is protected using end-to-end encryption, ensuring that even if intercepted, it cannot be read by unauthorized parties. When data is stored on our servers, it's secured using industry-standard encryption protocols that meet or exceed current best practices. We conduct regular security audits and penetration testing to identify and address potential vulnerabilities before they can be exploited. Multi-factor authentication is available for all accounts and is required for sensitive operations, adding an extra layer of security beyond just passwords.

5.2 Operational Security

Security isn't just about technology, it's also about how we operate. Access to personal data within our organization is strictly limited on a need-to-know basis, with only authorized personnel able to access specific types of data for specific purposes. All our employees and contractors receive regular training on privacy and security practices to ensure they understand the importance of protecting user data. We maintain comprehensive incident response procedures for security breaches, ensuring that if an incident does occur, we can respond quickly and effectively to minimize any potential impact. Regular backup and disaster recovery testing ensures that your data can be restored in the unlikely event of a catastrophic failure.

5.3 Code Privacy

Perhaps most importantly, your source code enjoys the highest level of privacy protection. Under normal operation, your source code never leaves your device. All core IDE functionality, including editing, syntax highlighting, and local analysis, happens entirely on your machine. When you choose to use cloud-based AI features, code snippets are transmitted securely and processed in real-time without being stored. These cloud features are entirely optional, and you have clear control over when and if they're used. You also have the ability to disable all external data transmission if you prefer to work in a completely offline mode, ensuring your code never leaves your local environment under any circumstances.

We believe you should have complete control over your personal data. You have several important rights regarding how your information is collected, used, and stored, and we make it easy for you to exercise these rights.

6.1 Access and Portability

You have the right to know exactly what data we hold about you. You can request a complete copy of your personal data at any time, and we will provide it to you in a structured, commonly used format. You can export your account settings and preferences, making it easy to back up your configuration or move to another service if you choose. You also have the right to access logs of data processing activities, giving you visibility into how your data has been used. These rights ensure you're never in the dark about what information we have and how it's being handled.

6.2 Correction and Deletion

If any of your personal information is inaccurate or out of date, you have the right to update or correct it at any time. Most of this information can be updated directly in your account settings. If you decide you no longer want to use Sidian, you can delete your account and all associated data. When you delete your account, we will remove all personal information from our active systems within 30 days. You can also request the removal of specific categories of data if you don't want to delete your entire account. We respect your right to control your information and make these processes as simple and straightforward as possible.

6.3 Control and Consent

You have granular control over what data is collected and how it's used. You can opt out of non-essential data collection at any time through your account settings. If you prefer not to use cloud-based AI features that might transmit code snippets externally, you can disable these features and use only local AI processing. You have complete control over marketing communications and can unsubscribe from promotional emails while still receiving important service updates. If you've previously given consent for specific data processing activities, you can withdraw that consent at any time, though this may limit some functionality of the Service.

6.4 Regional Rights

Depending on where you're located, you may have additional rights under local privacy laws. For residents of the European Union, we comply fully with the General Data Protection Regulation (GDPR), which provides extensive rights including the right to data portability, the right to restrict processing, and the right to object to certain uses of your data. California residents are protected by the California Consumer Privacy Act (CCPA), which grants rights to know what personal information is collected, the right to delete personal information, and the right to opt-out of the sale of personal information (note that we never sell personal information). We also respect and comply with other regional privacy rights as applicable based on your location, including laws in Canada, Australia, Brazil, and other jurisdictions with comprehensive privacy regulations.

Like most modern web applications, Sidian uses cookies and similar technologies to provide functionality and improve your experience. However, we're committed to transparency about what cookies we use and giving you control over non-essential tracking.

7.1 Cookies We Use

We use several types of cookies, each serving a specific purpose. Essential cookies are required for the service to function properly and cannot be disabled without breaking core functionality. These include authentication cookies that keep you logged in and session cookies that maintain your state within the application. Preference cookies remember your settings like theme preferences, editor configurations, and UI customizations, ensuring a consistent experience across sessions. Analytics cookies help us understand how users interact with Sidian by tracking page views, feature usage, and navigation patterns, but these are only used with your consent and can be disabled at any time. We make it easy to manage your cookie preferences through clear controls in your account settings.

7.2 Third-Party Tracking

We want to be clear that we do not use third-party advertising trackers or pixels. You won't find retargeting cookies or advertising networks tracking your behavior on Sidian. When we do use analytics services to understand user behavior, they only receive anonymized data that cannot identify individual users. You always have the option to disable non-essential cookies, and we provide clear cookie controls in your account settings that let you choose exactly what types of tracking you're comfortable with. We believe in respecting your privacy while still gathering the insights we need to improve the product.

Sidian is used by developers around the world, which means your data may be processed in different countries depending on where our service providers operate. We take international data transfers seriously and ensure appropriate protections are in place regardless of where data is processed.

When we transfer data internationally, we ensure adequate protection through the use of standard contractual clauses approved by regulatory authorities, including those approved by the European Commission for transfers from the EU. For data originating in the European Union, we process it in strict accordance with GDPR requirements, ensuring that the level of protection meets European standards regardless of where the processing occurs. If you have questions about where your data is processed or want more information about the safeguards we use for international transfers, you can contact us and request detailed information about data transfer locations and the specific protections in place.

We don't keep your data forever. We retain different types of data for different periods based on our business needs and legal obligations, always striving to minimize how long we keep personal information.

9.1 Account Data

Your account information is retained for as long as your account remains active. We need this information to provide you with access to Sidian and maintain your preferences and settings. When you delete your account, we remove your personal information from our active systems within 30 days. However, some data may need to be retained longer for legitimate business purposes or legal compliance. For example, we may need to retain certain records to comply with tax regulations or to defend against potential legal claims. In all cases, we retain information only for as long as necessary and then securely delete it.

9.2 Usage Data

Different types of usage data have different retention periods based on their purpose. Analytics data, which helps us understand how users interact with Sidian and identify areas for improvement, is typically retained for up to two years. After this period, the data is either deleted or further anonymized. Error logs and crash reports, which are essential for fixing bugs and maintaining service stability, are retained for up to one year. Billing records are subject to different requirements and are retained as required by tax and financial regulations, which may vary by jurisdiction but typically means we keep these records for at least seven years.

9.3 AI Interaction Data

When you use Sidian's AI-powered features, we treat interaction data with special care. Code snippets sent to AI providers for processing are handled in real-time and are not stored permanently by us or by the AI providers. The data is used to generate a response and then discarded. We do collect anonymized usage patterns to understand how developers interact with AI features and to improve our models, but these patterns are aggregated and cannot be traced back to individual users or specific code. Individual AI interactions are not retained beyond the time needed to process them and generate results.

Sidian is a professional development tool designed for adult developers and is not intended for use by children under the age of 13. We do not knowingly collect personal information from children under 13 years of age. If we discover that we have inadvertently collected such information, we will delete it immediately.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately at privacy@sidian.dev so we can remove the data from our systems. For users between 13 and 18 years of age, we recommend that parents or guardians review this Privacy Policy and discuss it with their children to ensure they understand how their information will be used. In some cases, we may require age verification during account creation to ensure compliance with age-related requirements and to protect minors from inappropriate exposure to our service.

Privacy laws, technology, and our business practices evolve over time, which means we may need to update this Privacy Policy periodically. When we make changes, we're committed to keeping you informed and ensuring you understand how your data is being handled.

If we make material changes to this Privacy Policy (changes that significantly affect how we collect, use, or share your data), we will communicate these changes to you via email at the address associated with your account. We'll also update the "Last Updated" date at the top of this document so you can easily see when the policy was last revised. Your continued use of Sidian after we make changes constitutes your acceptance of the updated policy. However, if you don't agree with the new terms, you can stop using the Service and delete your account. We also maintain previous versions of our Privacy Policy and can provide them upon request if you want to see what has changed over time.

We're committed to transparency and want to hear from you if you have any questions, concerns, or requests regarding your privacy or this Privacy Policy. We've established multiple channels through which you can reach us, and we're committed to responding to your inquiries promptly and thoroughly.