You control your data.
- ✅ You can opt out of code snippet telemetry at any time.
- ✅ All communication is encrypted.
- ✅ We will never train generative models on private data.
Our Security and Privacy
Code is every software engineer's most important Intellectual Property, so we know AI code acceleration must be secure and private. We at Codeium are committed to securing user information and being transparent in the identity and usage of collected data.
Without legal-ese, what does this mean specifically?
All data is protected at rest by major cloud providers and encrypted in transit via SSL to prevent any third party from gaining access to your data during execution. We do not use any external machine learning APIs to perform inference or processing, so your data cannot be shared or leaked in that manner.
Codeium collects registration information such as name, email, and time of sign up solely to prevent abuse of the Codeium system by using this information to verify a Codeium extension installation. Codeium does not share or sell this data to any other party, or use this data for any other purpose.
Codeium collects telemetry data such as latency, engagement with features, and suggestion acceptance information. This data is only used to surface usage statistics to the user, detect abuse of the system, evaluate Codeium's impact, and in conjunction with code snippet data, improve the quality of the service. Your data is not shared with, sold to, or used by any other party, company, or product.
Codeium collects code snippet data to be used only for directly improving the functionality, usability, and quality of Codeium. We will never train generative models on private data. This data only consists of limited contexts of code used for an inference, and Codeium will never contiguously store complete or large sections of a user's codebase. This data can only be directly accessed in extreme cases by authorized members of the Codeium team (2FA) for support requests, and similar to telemetry data, this data is not shared with, sold to, or used by any other party, company, or product. Research has shown that AI codegen rarely regurgitates training data due to user codebase specific stylistic conventions, and anecdotally, exact matching occurs only when there are near-universal implementations or where there is not enough context to derive stylistic effects from. That being said, Codeium does provide users with the option to opt out from allowing Codeium to store (and therefore use) their code snippet data post-inference.
We are actively working on receiving SOC2 attestation for our security and privacy policies. We are committed to announcing any changes to these practices and policies in our Discord Community before enacting said changes.