Privacy Policy
Last updated: May 2025
Table of Contents
1. Overview
Testhide ("we", "us", or "our") operates the Testhide platform — a CI/CD service with native LLM evaluation, available at testhide.com and related subdomains.
This Privacy Policy explains what information we collect, why we collect it, how we use and protect it, and the rights you have regarding your data. By using Testhide you agree to this policy.
The short version: We collect only what's necessary to operate the service. We don't sell your data. We don't use your test results or pipeline data to train AI models. You stay in control.
2. Data We Collect
2.1 Account & Identity Data
When you register or contact us we may collect:
- Name and email address
- Organization or team name
- Password (stored as a cryptographic hash — we never store it in plain text)
2.2 Usage & Technical Data
As part of operating the service we automatically record:
- IP addresses and browser/agent information for security and abuse prevention
- API request logs (endpoint, timestamp, status code) — retained for 30 days
- Error and crash reports to help us diagnose issues
- Feature-usage telemetry (which features you enable, aggregate counts) — no content
2.3 Pipeline & Test Data
When you connect your CI system, Testhide processes build metadata, test results, logs, and LLM evaluation outputs on your behalf. This data:
- Is processed solely to deliver the service to you
- Is never used to train any AI or ML model
- Is never sold, shared, or analysed for any purpose outside your account
- Remains your property at all times
2.4 Billing Data
Payment is handled by Stripe. We never see or store full card numbers. We store only the Stripe customer ID and subscription status needed to manage your plan.
2.5 Communications
If you contact us via the contact form or email, we retain those messages to respond to you and to improve support quality.
3. How We Use Your Data
We use the data we collect to:
- Create and manage your account and subscription
- Deliver, maintain, and improve the Testhide platform
- Authenticate API requests and enforce license limits
- Send transactional emails (receipts, password resets, service notifications)
- Detect and prevent abuse, fraud, and security incidents
- Comply with applicable legal obligations
We do not use your data for advertising, profiling, or any purpose unrelated to operating the service.
4. Data Sharing & Third Parties
We do not sell, rent, or trade your personal data. We share data only with the sub-processors necessary to operate the service:
- Stripe — payment processing. Stripe Privacy Policy
- Cloud infrastructure provider — hosting (servers, storage, CDN). Data is stored in the provider's data centres with encryption at rest.
- Error tracking / monitoring — aggregated crash reports without personal identifiers.
We may disclose data when required by law, regulation, or valid legal process (e.g. a court order). We will notify you when permitted to do so.
5. Data Retention
We retain data for as long as necessary to provide the service or as required by law:
- Account data — retained while your account is active, deleted within 30 days of account deletion.
- API logs — 30 days rolling window.
- Pipeline / test data — retained per your plan limits; you can delete it at any time from the dashboard.
- Billing records — retained for 7 years for accounting purposes.
You can request deletion of your account and all associated data at any time by contacting us at thuesdays@gmail.com.
6. Security
We take the security of your data seriously. Our measures include:
- TLS 1.2+ encryption in transit for all connections
- AES-256 encryption at rest for stored data
- Cryptographically hashed passwords (bcrypt)
- RS256-signed JWT tokens for API authentication
- Role-based access controls limiting internal access to data
- Regular dependency and security audits
For a full description of our security practices see our Security page. To report a vulnerability, email thuesdays@gmail.com.
7. Your Rights
Regardless of where you are located, you have the right to:
- Access — request a copy of the data we hold about you.
- Correction — ask us to correct inaccurate or incomplete data.
- Deletion — ask us to delete your personal data ("right to be forgotten").
- Portability — request your data in a machine-readable format.
- Objection — object to certain types of processing.
- Withdraw consent — where processing is based on consent, you may withdraw it at any time.
To exercise any of these rights, contact us at thuesdays@gmail.com. We will respond within 30 days.
8. Cookies & Tracking
Testhide uses a minimal set of cookies:
- Session cookies — required for authentication. Expire when you close your browser.
- CSRF tokens — required for security. Not used for tracking.
We do not use advertising cookies, third-party tracking pixels, or analytics services that identify individual users.
9. Children's Privacy
Testhide is a professional developer tool. It is not directed at children under 16. We do not knowingly collect personal data from anyone under 16. If you believe we have inadvertently collected such data, contact us and we will delete it promptly.
10. Changes to This Policy
We may update this Privacy Policy from time to time. If we make material changes, we will notify registered users by email at least 14 days before the change takes effect. The "Last updated" date at the top of this page reflects the most recent revision.
Continued use of Testhide after a change takes effect constitutes acceptance of the updated policy.
11. Contact
For any privacy-related questions, requests, or concerns:
- Email: thuesdays@gmail.com
- Website: testhide.com/about
We aim to respond to all privacy enquiries within 5 business days.