Seercode Privacy Policy

Seercode (“the Extension”) is a Visual Studio Code extension published by Seerror for local detection of Indian PII and secrets. This Privacy Policy applies only to the Extension—not the main Seerror website, which is covered in our site Privacy Policy. By installing or using Seercode, you acknowledge this policy.

01Scope and Acceptance

This Privacy Policy ("Policy") governs the Seercode VS Code extension ("Seercode", "Extension"), operated by Jay Tiwari ("we", "us", "our", "Data Fiduciary") under the Seerror brand at seerror.com.

By installing or using Seercode, you ("User", "you") agree to this Policy in its entirety. If you do not agree to any part, uninstall the Extension and discontinue use.

This Policy is binding under the laws of the Republic of India, including but not limited to:

• Information Technology Act, 2000 and its amendments
• Digital Personal Data Protection Act, 2023 ("DPDP Act")
• Information Technology (Reasonable Security Practices) Rules, 2011
• Bharatiya Nyaya Sanhita, 2023 provisions on cybercrime

02Data Controller and Identity

03The Short Answer

The remaining sections of this Policy are legal formalities and protections required under Indian law. The substance of our privacy promise is contained in the box above.

04Data We Collect

Seercode collects the following data, all of which stays entirely on your local device:

4.1 Stored Locally In VS Code Settings

• Your detector preferences (which detectors are on or off)
• Your severity setting (Error / Warning / Information / Hint)
• Your scan-on-save and scan-on-type preferences
• Your custom ignore patterns (glob patterns)
• Your status bar visibility preference

These settings are stored by VS Code itself in your local configuration (typically under settings.json or VS Code's user data directory). They are not transmitted to us. They live only on your machine.

4.2 Held in Memory During a Session

• The text content of files being scanned (held in RAM only, never persisted by Seercode)
• Detection results for currently open files (in-memory map, cleared on file close)
• Diagnostic markers displayed in the VS Code Problems panel

When you close a file, the corresponding detection data is purged from memory automatically. When you close VS Code, all Seercode session data ceases to exist.

05Data We Never Collect

The following is explicitly and absolutely not collected, transmitted, or stored by Seercode:

• The contents of your code files (scanned in memory only, never sent anywhere)
• Detection results aggregated across users (there is no server to aggregate them)
• Telemetry or usage analytics of any kind
• Crash reports, error logs sent to external services
• Your IP address, location, or device identifiers
• Your VS Code version, OS, or environment information
• Your name, email address, or identity
• Your repositories, project names, or file paths
• Any data about specific detections you triggered
• Any data about which detectors you enabled or disabled
• Any A/B testing or feature flag data
• Any advertising identifiers or marketing data
• Anything else, of any kind, ever

06Local Detection Architecture

Seercode is architecturally incapable of leaking your data because:

• The extension's manifest.json does not request any network permissions beyond what VS Code itself uses for updates
• The source code contains zero calls to fetch(), http.request(), XMLHttpRequest, WebSocket, or any other network primitive
• All regex matching, Verhoeff checksum validation, and detection logic runs synchronously in your VS Code process
• The bundled JavaScript output (out/ folder) can be inspected to confirm no network code was added during compilation

07Source Code Transparency

Seercode is open source under the MIT License. The complete source code is available at:

github.com/Seerror-Technologies/seercode

You are encouraged to read the code before installing. You may fork, audit, modify, and self-host your own build. We welcome security disclosures, pull requests, and independent audits.

08Permissions Requested

Seercode requests the minimum permissions necessary to function:

• Read open documents: required to scan file content for PII and secrets
• Display diagnostics: required to underline detections in your editor
• Show status bar item: required to display detection count
• Read VS Code settings: required to honour your detector preferences
• Write VS Code settings: required when you toggle a detector via the command palette
• Open external URLs: required only when you click "About" to visit seerror.com

We do not request: network permissions, file system access beyond VS Code's workspace, microphone, camera, location, or any system-level capabilities.

09Third-Party Services

Seercode integrates with the following third parties, none of which receive any data from Seercode beyond what VS Code itself sends:

• VS Code Marketplace (Microsoft): distributes the extension and handles update checks. Subject to Microsoft's privacy policy. We do not control this and cannot disable it.
• GitHub Inc.: hosts the open source code repository. Subject to GitHub's privacy policy. Visiting the repository is governed by GitHub's terms.
• Open VSX (Eclipse Foundation): an alternative marketplace where Seercode may be published. Subject to Eclipse's privacy policy.

We do not use: Google Analytics, Mixpanel, Segment, Amplitude, Sentry, Bugsnag, advertising networks, A/B testing services, behavioural analytics platforms, or any service that profiles users.

10VS Code Marketplace Distribution

When you install or update Seercode through the VS Code Marketplace, Microsoft may collect telemetry under their own privacy policy. This collection is separate from Seercode and outside our control. We recommend reviewing Microsoft's VS Code telemetry settings if this concerns you.

You can disable Microsoft's VS Code telemetry entirely by setting telemetry.telemetryLevel to off in your VS Code settings. This does not affect Seercode's functionality.

11Your Rights Under DPDP Act 2023

Under the Digital Personal Data Protection Act 2023, you have the following rights as a Data Principal:

• Right to access the data we hold about you (which is none)
• Right to correction of inaccurate data (there is no data to correct)
• Right to erasure of your data (uninstalling deletes all settings)
• Right to data portability (your VS Code settings export covers this)
• Right to withdraw consent by uninstalling the Extension
• Right to nominate another person to exercise rights in case of death or incapacity
• Right to grievance redressal through our Grievance Officer (Section 22)
• Right to lodge complaints with the Data Protection Board of India

Most of these rights are trivially satisfied because we do not hold any of your data in the first place.

12Data Security

Because Seercode does not transmit or persist your data, the security threat model is limited to:

• The integrity of the published extension: ensured via VS Code Marketplace's signed distribution and the open source repository
• Your local file system permissions: managed by your operating system, not Seercode
• Supply chain security: dependencies are minimal and reviewed before each release

We commit to publishing security advisories at github.com/Seerror-Technologies/seercode/security for any identified vulnerabilities.

13Children's Privacy

Seercode is a developer tool and is not directed at children under 13. We do not knowingly collect data from any user, including minors, because we collect no data from anyone. Use of VS Code by minors is governed by Microsoft's terms.

14Breach Notification

Because Seercode holds no user data, the conventional concept of a data breach does not apply. However, if the published Seercode binary is ever found to be compromised (e.g., a malicious version is detected in the marketplace), we will:

• Publish an immediate advisory on seerror.com and the GitHub repository
• Coordinate with VS Code Marketplace for removal of the compromised version
• Notify users via the GitHub repository's security advisory feed
• Notify the Data Protection Board of India if user data exposure is implicated

15User Responsibility

Seercode is a tool that helps you find potential leaks. It is not a guarantee that no leaks exist in your code.

16Prohibited Uses

You agree NOT to use Seercode for any of the following:

• Any activity illegal under Indian law or the law of your jurisdiction
• Reverse-engineering detection logic to deliberately bypass it for malicious purposes
• Using detected secrets that were not yours to begin with
• Scanning code or repositories you do not have permission to access
• Embedding Seercode in a malicious extension or product
• Selling, sublicensing, or rebranding Seercode without complying with the MIT License terms
• Using Seercode to facilitate cyber crime, data theft, or unauthorised access
• Activities prohibited by IT Act 2000, DPDP Act 2023, or Bharatiya Nyaya Sanhita 2023

17Limitation of Liability

To the maximum extent permitted by Indian law, Jay Tiwari, the Seerror brand, and Seerror Technologies (OPC) Private Limited (when incorporated) shall not be liable for:

• False positives or false negatives in detection
• Any leak that Seercode failed to detect
• Any code that was incorrectly modified by you in response to a Seercode warning
• Service interruption, editor lag, or extension crashes
• Any indirect, consequential, special, or punitive damages
• Loss of profits, data, business, or reputation

Total cumulative liability shall not exceed Indian Rupees One Hundred (Rs. 100). The Extension is provided "AS IS" and "AS AVAILABLE" without warranties of any kind.

18Government and Legal Requests

Because Seercode holds no user data, no government request can compel disclosure of user activity through us. There is nothing to disclose. If a legally valid order is received seeking user data, we will respond truthfully that no such data exists.

Requests related to the source code (which is already public) or extension distribution (handled by VS Code Marketplace) would be handled in accordance with applicable law.

19CERT-In Directives

The CERT-In Directive of 28 April 2022 applies to VPN providers, data centres, and similar service operators. Seercode is a developer tool that collects no data and operates no service infrastructure. The Directive's logging requirements are not applicable.

20Dispute Resolution and Jurisdiction

Any dispute arising from or related to Seercode shall be governed exclusively by the laws of the Republic of India. Courts in Bengaluru, Karnataka, India shall have exclusive jurisdiction. You expressly waive any objection to venue.

Before initiating legal action, you agree to first attempt good-faith resolution by contacting our Grievance Officer (Section 22) and allowing thirty (30) days for response.

21Changes to This Policy

We may update this Privacy Policy. Material changes will be reflected with a new Effective Date and Version. The current version is v1.0 dated 15 May 2026.

Material changes will be announced via:

• An updated CHANGELOG entry in the GitHub repository
• A version bump in the next extension release
• Updates to this webpage

22Grievance Officer

23Contact and Verification

24Open Source License

Seercode is released under the MIT License. The full license text is available in the source repository and ships with every extension package.

You are granted broad rights to use, copy, modify, merge, publish, distribute, sublicense, and sell copies of the software, subject to including the copyright notice and license terms.

25Final Verification

Last revised: 15 May 2026. This Policy supersedes all prior versions. Historical versions available at github.com/Seerror-Technologies/seercode.

Seercode VS Code extension — Powered by Seerror