SeeCodes Security Posture

Security and data isolation designed for enterprise trust.

Granting a tool access to source code and project management data requires absolute trust. SeeCodes is architected from the ground up with enterprise-grade controls and clear data boundaries.
AWS CloudUS / EU / UK regions48-hour automatic purge
Privacy policyAPI referenceSubmit an issue

Infrastructure & Hosting

The backend runs entirely on AWS using managed services and regional isolation options.

AWS Cloud

SeeCodes is hosted on Amazon Web Services and uses managed services such as API Gateway, Lambda, DynamoDB, and S3 that comply with SOC 1, SOC 2, and SOC 3 standards.

Regional Isolation

Administrators can choose to process and store data in the US, EU (Stockholm), or UK (London).

Data Encryption

Encryption is applied both in transit and at rest.

In transit

All traffic between the IDE, Jira, and the backend is protected with TLS 1.2 or higher.

At rest

Persistent configuration and telemetry data, along with temporary task uploads, are encrypted at rest with AES-256 via AWS KMS.

Data Retention & Ephemerality

SeeCodes minimizes the footprint of proprietary code on the service.
  • Temporary Context: selected source files are uploaded to S3 only for the active AI task.
  • Automatic Deletion: task inputs, AI outputs, and generated diffs are automatically and permanently purged within 48 hours of task completion.
  • No Long-Term Code Storage: SeeCodes does not keep a permanent clone or index of your repository.

Authentication & Authorization

Access control follows the existing Jira relationship and narrows permissions wherever possible.
  • Jira Integration: the Jira App authenticates through Atlassian's standard Connect/Forge framework.
  • IDE Access Permits: the VS Code extension uses short-lived, cryptographically signed JWT-like permits generated from the authenticated Jira session. Default expiration is 30 days and access is scoped strictly to the assigned task.
  • Instance Keys: communication between Jira and the backend uses hashed, rotated API keys.

AI Model Privacy

SeeCodes routes model calls through secure, business-to-business integrations.

Zero training policy

Source code, prompts, and Jira data are never used by underlying AI providers to train their public or foundational models.

AI requests are routed through secure B2B APIs such as AWS Bedrock, with contractual controls in place around data handling and model usage.

Vulnerability Management

Operational access is restricted and the delivery pipeline includes automated checks.
  • Automated dependency scanning and static application security testing (SAST) are part of the CI/CD pipeline.
  • Production infrastructure access is limited to authorized eprojac engineers using SSO, MFA, and audited bastion hosts.

Enterprise procurement

If you need security questionnaires or additional architectural detail, contact security@seecodes.com.