Privacy Policy

the-doctor.report ("the Service", "we", "us") is the optional hosted layer for @geoql/doctor, an open-source code-audit CLI for Vue 3 and Nuxt 4. The Service is operated by Vinayak Kulkarni. The marketing site (the-doctor.report) and the dashboard (app.the-doctor.report) are covered by this policy. The open-source CLI is MIT-licensed, runs entirely on your machine, and is not covered here because it collects nothing.

We collect the minimum required to run a hosted score-history dashboard. Specifically:

• Account information. When you sign in with Google, we receive your name, email address, and profile avatar from Google. We use this only to create and identify your account. We never receive your Google password.
• Project and run metadata. When the CLI or GitHub Action pushes a run to our ingest API, we store the health score, run timestamp, commit reference, and project slug (org/repo).
• Privacy-preserving findings. For each rule violation we store only the file path, line, column, severity, and stable rule identifier. We never receive or store the contents of your source code, the offending lines, diffs, or diagnostic snippets.
• API keys. We store a hashed reference to the doc_ API keys you create so the CLI and CI can authenticate ingest requests.
• Aggregate usage analytics. We use Plausible Analytics, a cookieless, privacy-friendly analytics service, to count page views and outbound clicks. This data is aggregated and cannot identify you.

We deliberately designed the ingest API so your code never leaves your machine. We do not collect your source code, file contents, the text of flagged lines, environment variables, secrets, or any tracking cookies. The CLI itself makes zero network calls and has no telemetry.

We use the information above solely to operate the Service: to authenticate you, to render your score history and trend graphs, to compute team baselines and regressions, to gate CI runs against a baseline, and to send transactional email related to your account. We do not sell your data, and we do not use it for advertising.

When you choose "Sign in with Google", we access your Google account profile (name, email address, and avatar) through Google API Services solely to authenticate you and create or identify your account. We do not access any other Google data, such as your Gmail, Drive, Calendar, or contacts.

the-doctor.report's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. We use Google user data only to provide and improve the sign-in and account features described here. We do not sell this data, do not transfer it to third parties except as needed to provide the Service or as required by law, and do not use it for advertising or to train generalized artificial-intelligence or machine-learning models. Humans do not read this data except where you give explicit consent, where it is necessary for security or to comply with law, or where the data has been aggregated and anonymized.

We rely on a small set of subprocessors to run the Service. Each receives only the data necessary for its function:

• Google (Sign-in with Google) — authenticates your identity via OAuth.
• Cloudflare — hosts the site and dashboard (Pages and Workers) and stores data in Cloudflare D1.
• Plausible Analytics — cookieless, aggregate traffic analytics, self-hosted on our infrastructure.

We retain your account and run history for as long as your account is active so you can see year-over-year trends. When you delete your account, we delete your account information, projects, runs, and findings. Aggregate, non-identifying analytics may persist.

You can export all of your account data at any time from your dashboard account settings (the /api/v1/account/export endpoint). To delete your account, open your account settings in the dashboard and use the delete-account control, or email us at [email protected] and we will delete it for you. Deleting your account permanently removes your account information, projects, runs, and findings. If you are in a jurisdiction with data-protection laws such as the GDPR or CCPA, you may also request access, correction, or deletion by emailing us.

The marketing site uses no tracking cookies. The dashboard uses a single first-party session cookie to keep you signed in. Our analytics provider, Plausible, does not use cookies and does not track you across sites.

The Service is a developer tool intended for professional use and is not directed at children under 16. We do not knowingly collect personal information from children.

We may update this policy as the Service evolves. When we make material changes, we will update the effective date at the top of this page. Continued use of the Service after a change constitutes acceptance of the revised policy.

Questions about this policy or your data? Email [email protected] and we will respond promptly.