Skip to main content

Security and Privacy

At CuriousBox, we prioritize the security and privacy of your code and data. This document outlines our security practices and privacy commitments to ensure transparency about how we handle your information when you use ProdE.

Data Protection Principles

No Training on Client Code

We do not use your code for training purposes. Your code remains yours, and we do not use it to train or improve our models. The code you share with ProdE is only used to provide you with the requested assistance.

Limited API Calls

ProdE only makes the following types of API calls:

  • LLM API calls: To generate responses and code suggestions
  • Embedding API calls: For semantic search and context understanding
  • Reranking API calls: To improve relevance of results
  • Authentication API calls: To verify user identity and manage access
  • Settings API calls: To fetch user preferences and configurations set on our web dashboard
  • Telemetry: Used to collect anonymous usage metrics to help understand the product usage and adoption

No Storage of Request/Response Content

We do not store the content of API requests or responses. Only metadata such as:

  • User ID making the call
  • Token usage statistics
  • Timestamp of requests

This limited metadata is stored solely for cost tracking and security audit purposes, allowing us to monitor usage patterns and ensure proper billing.

Encryption in Transit

All data transmitted between the ProdE extension and our backend services is encrypted using industry-standard TLS/SSL protocols. This ensures that your code and communications cannot be intercepted or read by unauthorized parties during transmission.

No Sensitive Data in Logs

Our logging systems are designed to exclude any API request or response data. Logs contain only system-level information necessary for troubleshooting and performance monitoring, without capturing any of your code or sensitive information.

Additional Security Measures

Local Processing

Whenever possible, ProdE processes information locally within your development environment to minimize data transmission.

Transparent Tool Usage

All actions that ProdE performs on your behalf are transparent and require your explicit approval before execution, giving you complete control over how the extension interacts with your codebase.

Regular Security Audits

We conduct regular security audits of our systems and processes to identify and address potential vulnerabilities.

Your Control

You maintain full control over what code is shared with ProdE. The extension only accesses the files you explicitly share or reference in your interactions.

Commitment to Privacy

We are committed to maintaining the highest standards of privacy and security. Our goal is to provide you with a powerful development assistant while ensuring your intellectual property remains protected and private.

If you have any questions or concerns about our security and privacy practices, please reach out to us at contact@curiousbox.ai.

Last updated on