Privacy Policy

01Introduction

SecureCodingHub ("we," "us," or "our") is an enterprise B2B SaaS platform for secure coding training, operated by LimePlate LLC. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you access or use our platform, website, and related services (collectively, the "Service").

This policy applies to all users of the Service, including individual learners, team administrators, and enterprise account holders. By accessing or using the Service, you acknowledge that you have read and understood this Privacy Policy. If you are using the Service on behalf of an organization, you represent that you are authorized to accept this policy on that organization's behalf.

If you have questions about this policy, you can contact us at privacy@securecodinghub.com.

02Information We Collect

Account Information

When you create an account or when your organization provisions one on your behalf, we collect information necessary to set up and maintain your account. This typically includes your full name, business email address, company name, job title, and role within the platform. If your organization uses SSO or SCIM provisioning, some of this information may be supplied automatically by your identity provider.

Usage and Training Data

As you interact with the Service, we collect data about your training activities. This includes challenge completion status and scores, learning path progress, time spent on individual modules and sessions, code review answers, guided scenario interactions, and assignment completion records. This data is essential for delivering personalized training experiences and generating progress reports for you and your organization's administrators.

Technical Data

We automatically collect certain technical information when you use the Service. This includes your IP address, browser type and version, operating system, device type, referring URL, pages visited, session duration, and timestamps. We use this data for security monitoring, performance optimization, and service improvement.

Communication Data

If you contact our support team or submit feedback, we retain the contents of those communications along with any associated metadata, such as your email address, the date and time of the communication, and any attachments.

03How We Use Your Information

We use the information we collect for the following purposes:

• Providing the Service. We use your account and usage data to deliver secure coding training, track your progress, generate completion certificates, and provide personalized learning recommendations.
• Analytics and Reporting. We generate aggregated and individual training analytics that help enterprise administrators understand their team's security competency levels, identify knowledge gaps, and measure the effectiveness of their training programs.
• Customer Support. We use your information to respond to your inquiries, troubleshoot issues, and provide technical assistance when you contact us.
• Security and Fraud Prevention. We monitor usage patterns and technical data to detect, prevent, and respond to potential security threats, unauthorized access attempts, and fraudulent activity.
• Service Improvement. We analyze aggregated usage data to improve our training content, develop new features, optimize platform performance, and enhance the overall user experience.
• Legal Compliance. We may process your data as necessary to comply with applicable laws, regulations, legal processes, or enforceable governmental requests.

04Legal Basis for Processing (GDPR)

If you are located in the European Economic Area (EEA), the United Kingdom, or Switzerland, we process your personal data under the following legal bases:

• Contract Performance. Processing your account and usage data is necessary to perform our contractual obligations to you and your organization, including delivering the training service, tracking progress, and generating reports.
• Legitimate Interests. We process certain data based on our legitimate business interests, such as improving the Service, ensuring platform security, preventing fraud, and conducting aggregated analytics. We balance these interests against your rights and freedoms and only rely on this basis where our interests are not overridden by your data protection rights.
• Consent. Where required by applicable law, we obtain your consent before processing your personal data for specific purposes, such as sending optional marketing communications. You may withdraw your consent at any time by contacting us at privacy@securecodinghub.com.
• Legal Obligation. We may process your personal data to comply with legal obligations to which we are subject, including tax, accounting, and regulatory requirements.

05Data Sharing and Disclosure

We do not sell your personal data. We do not rent, trade, or otherwise make your personal information available to third parties for their own marketing purposes.

We may share your information in the following limited circumstances:

• Enterprise Customer Access. If your account is part of an enterprise subscription, your organization's designated administrators can access training progress data, completion records, and performance analytics for users within their organization. This is a core feature of our enterprise offering and is governed by the agreement between us and your employer or contracting organization.
• Sub-Processors. We engage a limited number of trusted third-party service providers to help us operate and deliver the Service. These include cloud infrastructure and hosting providers, analytics and monitoring services, email delivery providers, and customer support tools. All sub-processors are contractually bound to process personal data only on our instructions and in accordance with applicable data protection laws.
• Legal Requirements. We may disclose your information if required to do so by law, regulation, legal process, or governmental request, or if we believe in good faith that such disclosure is necessary to protect the rights, property, or safety of SecureCodingHub, our users, or the public.
• Business Transfers. In the event of a merger, acquisition, reorganization, or sale of assets, your personal data may be transferred as part of the transaction. We will notify you of any such change and any choices you may have regarding your information.

06International Data Transfers

SecureCodingHub is based in the United States, and our primary data processing facilities are located in the United States. If you access the Service from outside the United States, your personal data will be transferred to and processed in the United States.

For transfers of personal data from the EEA, the United Kingdom, or Switzerland to the United States, we rely on Standard Contractual Clauses (SCCs) approved by the European Commission, supplemented by additional technical and organizational measures where appropriate. We also conduct transfer impact assessments to ensure that the data protection standards in the destination country provide an adequate level of protection for your personal data.

If you would like to obtain a copy of the Standard Contractual Clauses we use, please contact us at privacy@securecodinghub.com.

07Data Retention

We retain your personal data for as long as your account is active or as needed to provide you with the Service. The specific retention periods are as follows:

• Active Account Data. Your account information and training data are retained for the duration of your active account. If your organization maintains an active subscription, your data is retained for the duration of that subscription.
• Post-Deletion Retention. After account deletion or upon request for erasure, we retain personal data for a period of 90 days to allow for account recovery and to comply with legal obligations. After this 90-day period, your personal data is permanently deleted from our active systems.
• Aggregated and Anonymized Data. We may retain aggregated, de-identified, or anonymized data indefinitely. This data cannot be used to identify you and is used for statistical analysis, benchmarking, and service improvement purposes.
• Legal and Compliance Records. Where we are required by law to retain certain data for longer periods (for example, for tax or audit purposes), we will retain that data for the period required by applicable law.

08Your Rights

Rights Under the GDPR (EEA, UK, Switzerland)

If you are located in the EEA, the United Kingdom, or Switzerland, you have the following rights under applicable data protection legislation:

• Right of Access. You have the right to request a copy of the personal data we hold about you.
• Right to Rectification. You have the right to request correction of inaccurate or incomplete personal data.
• Right to Erasure. You have the right to request deletion of your personal data, subject to certain legal exceptions.
• Right to Data Portability. You have the right to receive your personal data in a structured, commonly used, and machine-readable format.
• Right to Restriction of Processing. You have the right to request that we limit how we use your data in certain circumstances.
• Right to Object. You have the right to object to our processing of your personal data based on legitimate interests.
• Right to Withdraw Consent. Where we process your data based on consent, you have the right to withdraw that consent at any time.

To exercise any of these rights, please contact us at privacy@securecodinghub.com. We will respond to your request within 30 days. You also have the right to lodge a complaint with your local data protection supervisory authority.

Rights Under the CCPA (California Residents)

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA):

• Right to Know. You have the right to request information about the categories and specific pieces of personal information we have collected about you, the sources from which it was collected, and the purposes for which it is used.
• Right to Delete. You have the right to request deletion of personal information we have collected from you, subject to certain legal exceptions.
• Right to Opt-Out of Sale. We do not sell your personal information. However, you retain the right to opt out if our practices change in the future.
• Right to Non-Discrimination. We will not discriminate against you for exercising any of your CCPA rights.

To submit a CCPA request, please contact us at privacy@securecodinghub.com. We will verify your identity before processing your request.

09Security Measures

We take the security of your personal data seriously and implement industry-standard technical and organizational measures to protect it against unauthorized access, alteration, disclosure, or destruction. Our security practices include:

• Encryption. All data is encrypted in transit using TLS 1.2 or higher. Data at rest is encrypted using AES-256 encryption.
• Access Controls. We implement role-based access controls, multi-factor authentication, and the principle of least privilege across our infrastructure and internal systems.
• Infrastructure Security. Our platform is hosted on enterprise-grade cloud infrastructure with network-level security controls, intrusion detection, and continuous monitoring.
• Compliance and Audits. We maintain a SOC 2 Type II compliance program and undergo regular third-party security audits and penetration testing to validate the effectiveness of our controls.
• Incident Response. We maintain a documented incident response plan and will notify affected users and relevant authorities of any data breach in accordance with applicable laws and contractual obligations.

While we implement robust safeguards, no method of electronic storage or transmission is completely secure. We encourage you to protect your account credentials and report any suspected security issues to privacy@securecodinghub.com.

10Children's Privacy

SecureCodingHub is an enterprise B2B service designed for professional use and is not directed to individuals under the age of 16. We do not knowingly collect personal data from children under 16. If we become aware that we have inadvertently collected personal data from a child under 16, we will take steps to delete such data promptly. If you believe that we may have collected information from a child under 16, please contact us immediately at privacy@securecodinghub.com.

11Cookies and Tracking Technologies

We use cookies and similar tracking technologies to operate the Service, maintain your session, remember your preferences, and analyze how the platform is used. Essential cookies are required for the Service to function properly and cannot be disabled. Analytics cookies help us understand usage patterns and improve the Service.

For detailed information about the types of cookies we use, how they work, and how you can manage your preferences, please refer to our Cookie Policy.

12Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, the Service, or applicable laws. When we make material changes, we will provide at least 30 days' prior notice by posting the updated policy on our website, sending an email notification to registered users, or displaying a prominent notice within the Service.

We encourage you to review this page periodically to stay informed about how we are protecting your data. Your continued use of the Service after the effective date of any changes constitutes your acceptance of the updated Privacy Policy.