Legal

Privacy Policy

Last updated: 11 July 2026

The short version

We collect your email address, your encrypted scan results, and anonymous usage analytics. That is it. Your source code never leaves your browser. We do not sell your data. We do not train AI on your data unless you explicitly opt in. Scan results are deleted after 30 days. You can export or delete everything at any time.

Who we are

X185Plus is a deterministic code governance platform operated by a solo developer in Australia. You scan your code, receive verified repairs, and earn Gold Certificates. This policy explains what personal data we handle and why.

We comply with the Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth). If you are in the European Union or United Kingdom, we also comply with the GDPR.

What we collect

What we do not collect

How we use your data

We use your data only to run the service. That means creating and securing your account, storing your scan results for the 30 day retention window, processing subscription payments through Stripe, and improving the product using anonymous analytics.

We do not sell your personal data. We do not share it with third parties for their own purposes. We do not use your data to train AI models unless you give explicit opt-in consent, and you can withdraw that consent at any time.

Services we rely on

A small number of trusted providers help us run X185Plus. Each one only receives the minimum data needed to do its job.

Some of these providers store data outside Australia. Where that happens, we take reasonable steps to ensure your data receives protection consistent with the APPs. Where the GDPR applies, we rely on appropriate safeguards. These include standard contractual clauses.

Cookies

We use essential session cookies only. These keep you signed in and keep the service secure. There are no tracking cookies. There are no advertising cookies. There are no third-party marketing scripts. Because we only use essential cookies, there is no cookie banner to click through.

How long we keep your data

Your rights

You are in control of your data. At any time you can:

Under the GDPR you also have the rights of access, rectification, erasure, restriction, portability, and objection. To exercise any right, email us and we will respond within 30 days.

If you believe we have mishandled your data, you can complain to us first. You can also complain to the Office of the Australian Information Commissioner (OAIC). If you are in the EU or UK, you can complain to your local data protection authority.

Security and data breaches

Scan results are stored encrypted. Access to production systems is restricted and authenticated. Payments are isolated with Stripe so card data never enters our infrastructure.

If a data breach occurs that is likely to result in serious harm or risk to your rights, we will notify you and the relevant regulator within 72 hours of becoming aware of it. This is required by the GDPR and the Australian Notifiable Data Breaches scheme.

Children

X185Plus is a professional developer tool and is not directed at children under 16. We do not knowingly collect data from children.

Changes to this policy

If we change this policy, we will update the date at the top of this page. For significant changes, we will email you before they take effect. We will never quietly weaken your protections.

Contact

Questions, requests, or concerns about your privacy can be sent to [email protected]. A human reads every message.