Back

Privacy Policy

Last updated: [Insert Date]

Your Wardrobe Hero respects your privacy and is committed to protecting your data. This Privacy Policy explains how we collect, use, and safeguard information when you use our security scanning tool for Supabase projects.

1. Information We Collect

Project Data Access:

To perform security scans, we read, insert, update, and delete data within your Supabase tables as part of the automated scanning and recommendation process.

No Personal User Data Collected:

Currently, we do not collect personal information such as your email address, username, password, or any other personally identifiable information unless you voluntarily provide it through separate communication channels. If we introduce paid plans in the future, we will update this Privacy Policy to reflect any additional data collection.

Consent Records:

We store records of your consent to access and modify your Supabase data, linked to a unique consent identifier that is retained persistently to avoid repeated consent requests unless you clear your browser data.

2. How We Use Your Data

Project Data Access:

To perform scans, we access your Supabase project details, including your project identifier, public anon key, and table names.

Security Scanning:

We use your Supabase data solely to analyze Row Level Security (RLS) settings, permissions, and potential vulnerabilities. This involves reading your data, and performing insert, update, and delete operations strictly as part of the automated scanning process to generate accurate security recommendations.

Recommendations:

Based on our scans, we provide you with actionable recommendations to improve your database security. We do not automatically apply fixes; all changes are your responsibility.

Service Improvement:

Aggregated and anonymized data may be used internally to improve our service quality and features.

3. Data Sharing and Disclosure

  • We do not sell, trade, or share your Supabase data with third parties.
  • Data access is strictly limited to the scope necessary for scanning and providing recommendations.
  • We may disclose information if required by law or to protect our rights.

4. Data Security

  • We implement industry-standard technical and organizational measures to protect your data from unauthorized access, alteration, disclosure, or destruction.
  • Access to your data is strictly limited to authorized personnel and automated processes necessary for providing our service.
  • We recommend using scoped API keys with minimal permissions when connecting your Supabase projects to Peek Leaks, following the principle of least privilege to reduce security risks.
  • Data transmitted between your device and our servers is encrypted using secure protocols (e.g., TLS).

5. Consent and Control

  • You must provide explicit consent before Peek Leaks accesses or modifies your Supabase data.
  • Consent is obtained via a clear consent notice before any scanning begins.
  • You can revoke your consent at any time by clearing your browser data or contacting us to stop scans on your project. Upon revocation, we will immediately cease all data processing related to your project.
  • Since we do not have user accounts, revocation requests require you to provide identifying information about your project or consent session.

6. Data Retention

In the free version, we do not store your Supabase project data or scan results on our servers.

We retain only minimal records of your consent as necessary to comply with legal obligations.

Upon consent withdrawal or if you clear your browser data, any stored consent information is deleted.

If you have any questions or requests regarding your data, please contact us through the contact form.

7. Your Rights

Depending on your jurisdiction, you may have rights regarding your data, including:

  • Accessing the data we hold about you
  • Correcting inaccurate data
  • Requesting deletion of your data
  • Objecting to or restricting processing
  • Data portability

Since we currently store minimal personal data, some rights may have limited applicability. To exercise your rights or for any questions, please contact us through our contact form.

8. Children's Privacy

Our service is not intended for individuals under the age of 13. We do not knowingly collect data from children under 13.

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page with an updated "Last updated" date.

10. Contact Us

If you have any questions or concerns about this Privacy Policy or your data, please contact us through Contact Us form.