Privacy Policy
Last updated: June 6, 2026
1. Overview
DevopsFriend ("we", "us") provides AI-powered analysis of DevOps configuration files (Dockerfiles, Compose files, and .env files). We built this service with a privacy-first principle: we do not store the files you analyze. This policy explains what limited data we do handle and the choices you have.
2. Analyzed Files (Not Stored)
When you submit a config file, its text is processed in memory for the duration of the request and is not retained on our servers after the analysis completes. We do not build a profile from your files, and we do not use them to train any model.
Because .env files can contain secrets, EnvGuard masks detected secret values in its output. Even so, treat any exposed secret as compromised and rotate it. We still recommend redacting live production secrets before pasting anything into any online tool.
3. AI Processing (Amazon Bedrock)
Analysis is performed using foundation models (Anthropic Claude) hosted on Amazon Bedrock, AWS's managed AI service. This gives three concrete privacy guarantees:
- Not stored: Bedrock does not store your prompts or completions and does not use them to train or improve any model. See AWS Bedrock Data Protection.
- Encrypted: data is encrypted in transit and at rest. See AWS Bedrock Data Encryption.
- Compliant: processed within AWS infrastructure under AWS's security and compliance certifications. See AWS Bedrock Security & Compliance.
4. Account & Usage Data We Do Keep
The only personal data we retain is the minimum needed to run your account:
- Account data: your email address and name, obtained through Google Sign-In.
- Usage data: your credit balance and transaction history.
- Payment data: processed entirely by Lemon Squeezy. We never see or store your card details.
5. Service Providers
- Supabase: authentication and database hosting (account data only).
- Amazon Bedrock (AWS): AI model inference (Anthropic Claude); does not store or train on your data.
- Lemon Squeezy: payment processing.
- Vercel & Cloudflare: hosting and content delivery.
We do not sell your personal data to anyone.
6. Security
We use industry-standard measures including encrypted connections (HTTPS), row-level security on the database, and token-based authentication. No method of transmission or storage is 100% secure, but we work to protect your data.
7. Your Rights
You can request deletion of your account and associated data at any time. To exercise these rights, contact us at contact@devopsfriend.com.
8. Changes to This Policy
We may update this policy from time to time. Material changes will be reflected by updating the "Last updated" date above.
9. Contact
Questions? Email us at contact@devopsfriend.com.