Privacy Policy

Last updated: February 2026

1. Introduction

Askance is operated by Advancer Limited ("we", "us", "our"). This Privacy Policy explains how we collect, use, and protect your information when you use the Askance platform, including the web dashboard, desktop app, mobile app, CLI tool, and API (collectively, the "Service").

2. Information We Collect

Account Information

  • Email address (from your OAuth provider)
  • Display name and profile information (from GitHub or Microsoft)
  • OAuth provider identifier

Usage Data

  • Tool call metadata (tool name, risk level, approval decisions)
  • Session information (agent type, start time, activity timestamps)
  • Audit logs of approval and denial events
  • Policy configuration data

Technical Data

  • Machine name and operating system (reported by the CLI)
  • IP address and browser user agent
  • Error and diagnostic logs

3. How We Use Your Information

  • To provide and operate the Service
  • To authenticate your identity and manage your account
  • To route approval requests to your dashboard
  • To enforce policy rules and safety guardrails
  • To generate usage analytics and billing
  • To send service-related notifications
  • To improve the Service and fix bugs

4. Data Storage and Security

Your data is stored on Microsoft Azure infrastructure in the Australia East region. We use PostgreSQL for structured data, Azure Key Vault for secrets, and TLS encryption for all data in transit. Authentication tokens are signed with keys stored in Azure Key Vault.

We implement industry-standard security measures including encrypted connections, role-based access control, multi-tenant data isolation, and regular security reviews.

5. Data Retention

Session and audit log data is retained for 30 days by default. Account data is retained for the duration of your account. You may request deletion of your data at any time by contacting us.

6. Third-Party Services

We use the following third-party services:

  • Microsoft Azure — Cloud hosting, database, authentication infrastructure
  • GitHub OAuth — Authentication provider
  • Microsoft OAuth — Authentication provider
  • Stripe — Payment processing (for paid tiers)
  • Azure Application Insights — Error tracking and diagnostics

We do not sell your personal information to third parties. We only share data with third-party services as necessary to operate the Service.

7. Your Code

Askance does not access, read, or store your source code. The CLI hook handler intercepts tool call metadata (tool name and input summary) but does not transmit file contents to our servers. Your code remains on your local machine and in your own repositories.

8. Your Rights

You have the right to:

  • Access your personal data
  • Request correction of inaccurate data
  • Request deletion of your account and data
  • Export your data in a portable format
  • Withdraw consent for data processing

To exercise any of these rights, contact us at privacy@askance.app.

9. Cookies

We use essential cookies for authentication and session management. We do not use advertising or tracking cookies. The dashboard stores your authentication token in localStorage.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the "Last updated" date.

11. Contact

If you have questions about this Privacy Policy, contact us at: privacy@askance.app

Advancer Limited
New Zealand