Privacy Policy

Information We Collect

Information you provide

When you create an account, book a demo, or contact us, we may collect your name, email address, company name, and any other information you choose to provide.

GitHub account information

When you authenticate with GitHub OAuth, we receive limited profile information from GitHub, including your GitHub username, email address, and organization memberships. We request only the permissions necessary to operate the inklu bot on your selected repositories. We do not store your GitHub password.

Repository and scan data

When you connect repositories to inklu, our bot accesses your codebase to perform accessibility scans. This includes reading the contents of files changed in pull requests and scanning rendered web pages using automated browser technology. Scan results — including violation details, page URLs, compliance scores, and associated metadata such as commit hashes and branch names — are stored in our systems to provide historical tracking and reporting.

We do not store full copies of your source code. We access code only during the scanning process and retain only the scan results and associated metadata.

Usage data

We collect standard usage information such as pages visited on inklu.io, features used within the dashboard, browser type, device information, and IP address. We use this information to improve our services and troubleshoot issues.

Cookies

We use essential cookies required for authentication and session management. We may use analytics cookies to understand how our website is used. You can control cookie preferences through your browser settings.

How We Use Your Information

We use the information we collect to operate and provide the inklu platform, including running accessibility scans on your repositories, generating compliance reports, displaying results in your dashboard, and delivering PR comments to your GitHub pull requests.

We also use your information to communicate with you about your account, respond to support requests, send product updates relevant to your usage (you can opt out at any time), and improve and develop our services.

We do not sell your personal information to third parties. We do not use your code or scan data to train machine learning models.

Third-Party Services

We use the following categories of third-party services to operate inklu. Each processes data only as necessary to provide their respective services.

Infrastructure and hosting: We use cloud hosting providers to run our platform and store data. Our infrastructure is hosted in North America.

Authentication:We use GitHub OAuth for user authentication. GitHub's privacy policy governs how GitHub handles your data during the authentication process.

AI processing: We use third-party AI services to analyze scan results, prioritize violations, and generate fix suggestions. Scan data sent to AI providers is used solely for processing your request and is not used by those providers to train their models, per our data processing agreements.

Payment processing: If and when you make payments, we use third-party payment processors. We do not store your credit card information directly.

Analytics: We may use analytics services to understand usage patterns on our website.

Data Retention

We retain your account information for as long as your account is active or as needed to provide you with our services. Scan results and compliance data are retained to provide historical tracking features. If you delete your account, we will delete your personal information and scan data within 30 days, except where we are required to retain it for legal or compliance purposes.

Data Security

We implement industry-standard security measures to protect your information, including encryption in transit (TLS) and at rest, access controls, and regular security reviews. However, no method of transmission or storage is completely secure, and we cannot guarantee absolute security.

Your Rights

Depending on your jurisdiction, you may have the right to access the personal information we hold about you, request correction of inaccurate information, request deletion of your information, withdraw consent for data processing, and receive a copy of your data in a portable format.

To exercise any of these rights, contact us at hello@inklu.io. We will respond within 30 days.

For Canadian residents

inklu is based in Ontario, Canada. We comply with the Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable provincial privacy legislation. You have the right to access your personal information, challenge its accuracy, and withdraw consent for its collection, use, or disclosure.

If you have a privacy complaint that we are unable to resolve, you may contact the Office of the Privacy Commissioner of Canada.

Children's Privacy

inklu is a business-to-business service and is not directed at individuals under the age of 18. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us and we will delete it.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the updated policy on this page and updating the “Last updated” date. Your continued use of inklu after changes are posted constitutes acceptance of the updated policy.

Contact Us

If you have questions about this Privacy Policy or our data practices, contact us at:

Email: hello@inklu.io
Location: Toronto, Ontario, Canada