Privacy Policy

Last updated: June 22, 2026

This policy explains what CodeTrain ("we", operated by Inferhaven) collects and how we use it.

Your source code stays on your machine. CodeTrain's agent runs locally. On managed plans, only the small prompt snippets needed for a tutoring turn are sent through our model proxy to the AI provider; on bring-your-own-key plans, those calls go straight from your machine to the provider and never touch our servers. We never copy or store your repository.

What we collect

Account data — via our auth provider (Clerk): your email, name, and (if you sign in with GitHub/Google) basic profile info.
Usage & metering — session counts, model token usage and cost, plan and entitlement state, so we can enforce limits and show your usage.
Billing — handled by Stripe. We store a customer/subscription reference; we never see or store your full card number.
Prompt snippets (managed plans only) — transiently proxied to the model provider to generate a tutoring response; not retained as a profile of your code.
Support communications — if you email us.

What we do with it

To operate and secure the Service, enforce plan limits, process payments, provide support, and improve the product. We do not sell your personal data.

Service providers

We share the minimum necessary with: Clerk (authentication), Stripe (payments), OpenRouter / Anthropic (model access), Cloudflare (hosting/CDN/DNS), Fly.io (API hosting), and Neon (database). Each processes data under its own terms.

Cookies

We use essential cookies for authentication/session management (via Clerk). We don't use advertising trackers.

Data retention

We keep account and usage data while your account is active and as needed for legal, accounting, and security purposes. You can request deletion (below).

Your rights

Depending on where you live (e.g. GDPR/UK GDPR, CCPA), you may have rights to access, correct, export, or delete your personal data, and to object to certain processing. Email us to exercise them.

Security

We use encryption in transit, scoped access tokens, and reputable infrastructure providers. No system is perfectly secure, but we work to protect your data.

Children

The Service isn't directed to children under 16, and we don't knowingly collect their data.

Changes

We'll post updates here with a new date. Material changes may also be notified by email.

Contact

Privacy questions or data requests: privacy@codetrain.ai.