Privacy as a spectrum, not a checkbox

Your source codenever leaves your machine.

Name: Faultlines
Author: Faultlines

Three privacy modes — Standard, Private, Sovereign — let you decide how much metadata our servers hold. Source code itself is never persisted at rest, on any tier. Per-org KMS encryption is on by default; Customer-Managed Keys available on Business+.

Source code never written to disk

The scanner reads files into memory, builds the feature map, and discards the source. Plaintext code is never persisted on our servers — on any tier.

Per-org KMS encryption

Each org has its own KEK in HSM-backed KMS (AWS / Vercel / Vault). Every scan is encrypted with a unique DEK that's wrapped by your KEK. Plaintext decrypts in memory only when an authorized team member requests it.

Three privacy modes

Standard, Private, Sovereign. You pick how much we see — feature names + counts (default, like Linear treats titles), opaque IDs only (Business+), or absolutely nothing (Enterprise self-hosted).

Bring your own LLM key

Name clustering uses Claude, OpenAI, or local Ollama with your own API key. Prompts contain file paths and commit messages, never file contents.

Customer-Managed Keys

On Business+, point us at your own KMS endpoint. You can rotate keys, revoke our decrypt access mid-session, or block access entirely. Every decryption is audit-logged.

Privacy modes

Same data flow shape, different visibility window

Each mode controls one knob: how much your metadata is readable by our servers. Switch modes any time from Org Settings — encrypted blobs stay encrypted, only the visibility of new scans changes.

Standard

All paid tiers · default

Data livesCode structure encrypted on our servers; feature names + counts as metadata

Faultlines seesFeature & flow names, file path index, LOC, coverage, error counts

Best forStandard SaaS trust model · same as Linear, Sentry, Vercel

Private

Business and above

Data livesAll scan content encrypted with your org key; opaque UUIDs + counts on our servers

Faultlines seesOpaque feature_uuid + flow_uuid, aggregate counts, commit timestamps

Best forFintech · healthcare · privacy-sensitive codebases · regulatory pressure

Sovereign

Enterprise · self-hosted

Data livesFaultlines Docker image inside your VPC. Engine, dashboard, Postgres — all yours

Faultlines seesLicense-check ping. Nothing else. Air-gapped deployment supported

Best forBanks · defense · regulated industries · zero-trust mandates

Encryption architecture

Envelope encryption with per-org keys

[scan time — your machine or our scanner]

├─engine reads files in memory(never written to disk on our side)

├─generates feature map with stable UUIDs(lineage matching survives renames)

└─AES-256-GCM encrypts payload with random DEK(DEK is one-shot, per-scan)

▲ Plaintext source code stays in memory for ~30s then is discarded.

[storage time — our database]

├─ciphertext stored as BYTEA in Postgres

├─DEK wrapped by your org's KEK in KMS(HSM-backed)

└─plaintext metadata (names, counts) stored separately(Standard mode) or encrypted (Private mode)

▲ Without KMS unwrap call, ciphertext is mathematical noise.

[read time — authorized team member opens dashboard]

├─server calls KMS to unwrap DEK(audit-logged event)

├─decrypts ciphertext in memory only

└─streams to browser via TLS, discards plaintext

▲ Customer-Managed Keys → you control every unwrap.

✗ Faultlines staff have zero standing access. Internal access requires explicit customer authorization and is audit-logged.

Runtime integrations

Sentry + PostHog — what we pull and how we match

[sentry → faultlines]

├─OAuth or auth token(scoped: event:read, project:read, org:read)

├─read symbolicated stack frames + release commit SHA

├─match frame.filename against scan.path_index[commit_sha]

└─write feature_uuid + flow_uuids to fl_analytics_events

▲ Zero SDK changes. We don't host or read source maps — Sentry symbolicates before we see frames.

[posthog → faultlines]

├─API key paste or OAuth

├─read $current_url + $app_version per event

├─match URL against scan.routes_index[commit_sha]

└─write feature_uuid to fl_analytics_events

▲ One env var enables it: NEXT_PUBLIC_POSTHOG_APP_VERSION=$VERCEL_GIT_COMMIT_SHA.

What we store

Exhaustive, not marketing-safe

The first column applies on every tier. The second column splits by privacy mode — column header tells you which mode the field is plaintext in.

Always encrypted (or never stored)

Source code file contents
Commit messages and diff hunks
Secrets, .env files, credentials
Issue tracker data, PR descriptions
AI agent prompt bodies
Anything from the CLI if you skip cloud sync

Metadata · plaintext in Standard mode

Feature & flow names (LLM-suggested, you can rename)
Relative file paths (src/api/users.ts)
Commit counts, timestamps, author names
Health scores, bug-fix ratios, coverage percentages
Account metadata (email, org name, plan)
Sentry / PostHog event counts per feature

Metadata · plaintext in Private mode

Opaque UUIDs (feature_a3f4..., flow_b8e2...)
Aggregate counts (LOC, error count, scan count)
Commit SHA + timestamps
Account metadata (email, org name, plan)

In Private mode, the fields shown above as "Standard plaintext" become ciphertext too. PR comments are rendered by your CI runner; Slack notifications become link-only stubs (or you run a small self-hosted notifier we provide).

Subprocessors

Who else can see your data

If you use the hosted dashboard, your scan metadata passes through the services below. The local CLI by itself talks to none of them — except the LLM you explicitly pick (or Ollama on your machine).

ServicePurposeWhat they see

AWS KMSHSM-backed key management for per-org KEK and DEK wrappingWrapped DEKs only — never plaintext keys

Anthropicopt-inLLM for feature-name clustering (Claude)File paths, commit messages — not file contents

OpenAIopt-inLLM for feature-name clustering (alternative)File paths, commit messages — not file contents

VercelWeb hosting + serverless functions for dashboardRequest metadata, auth sessions, deployed code

SupabaseManaged Postgres for accounts + ciphertext scan storageAccount data, encrypted scan blobs, metadata

StripePayment processing for paid tiersPayment method, billing address, invoice history

PostHogProduct analytics on our dashboard (not your scan data)Anonymous usage events — your team's clicks on dashboard.faultlines.dev

Google · GitHub OAuthSign-in provider for dashboard accountsOAuth tokens, email, name

Sovereign mode (Enterprise on-prem) removes every external subprocessor from the data path except the LLM you choose. Contact sales for a full DPA and subprocessor attestation.

Compliance

Where we are on the checklist

In progress

SOC 2 Type II

Audit in progress · target Q4 2026

Compliant

GDPR

Compliant · DPA available for EU customers

Compliant

CCPA

Compliant · CA residents can request data export and deletion

Compliant

Data residency

US default · EU region on Enterprise

In progress

Pen test (annual)

Scheduled Q3 2026 with an external firm

Planned

ISO 27001

Under evaluation · 2027 target if customer demand warrants

Not applicable

HIPAA

Not a covered-entity tool · BAA not offered

We list "in progress" explicitly rather than claim compliance. If your procurement needs an attestation letter, interim security questionnaire, or Vanta Trust Report, reach out tosecurity@faultlines.dev.

Questions

Compliance & privacy FAQ

What's the difference between Standard and Private mode?

Standard mode (default for Team and Business) stores feature/flow names and metrics as metadata on our servers — same trust model Linear uses for ticket titles. The detailed scan content (line ranges, narrative descriptions, dependency graphs) is encrypted at rest with your per-org key. Private mode (Business+) goes further: feature names, file paths, and descriptions are also encrypted. Our servers see only opaque UUIDs and aggregate counts. PR comments in Private mode are rendered by your CI runner, MCP becomes local-only, and Slack notifications switch to link-only stubs.

Do you ever store source code at rest?

No. On any tier. The scanner processes file contents in memory only and discards them after analyzing. What we persist is derived metadata — and which fields are plaintext vs ciphertext depends on your privacy mode. In Sovereign mode (Enterprise) we don't touch your code even in memory; Faultlines runs entirely inside your VPC.

How does Customer-Managed Keys (CMK) work?

On Business+, you can point us at your own KMS endpoint (AWS KMS, GCP KMS, HashiCorp Vault). Our service requests DEK unwrap from your KMS for each decryption operation. You control rotation, revocation, and audit logging on your side. If you revoke our access, we immediately lose the ability to decrypt — even our own data plane stops working for your org until you grant it back.

How does Sentry / PostHog attribution work without changing my app code?

We read Sentry events and PostHog events via OAuth or API key (you authorize on the Integrations page). For each event we extract two things: (1) the file path from the stack trace (Sentry) or the URL from $current_url (PostHog), and (2) the commit SHA from event.release ($app_version for PostHog). We look up which feature owns that file (or URL) at that commit using the scan's path index, and attribute the event to that feature_uuid. Zero code changes, zero SDK additions, zero manual tags.

What about Sentry source maps?

Source maps live in Sentry, not in Faultlines. You upload them via @sentry/cli during your build (one line in CI — most teams already do this for production debugging). Sentry symbolicates stack frames before we see them, so we get readable file paths. If source maps aren't uploaded, frontend errors come back as bundle.js:1:1234 and we can't attribute them — we'll show 'X% unattributed' in your dashboard with a one-click guide to fix.

Can my AI agent see my data in Private mode?

Yes — but the decryption happens on your machine, not ours. In Private mode the Faultlines MCP server runs as a local process (`@faultlines/mcp-server` from npm). It pulls encrypted scans from us, decrypts with your org key in process memory, and serves rich data to Cursor / Claude Code / Cline / Aider. Hosted agents that can't run a local MCP (like Claude.ai web) only work in Standard mode.

Can I run Faultlines fully offline?

Yes. The CLI plus a local Ollama endpoint runs end-to-end with no network calls beyond your machine. Scan output lives in ~/.faultline/ and never reaches us. You won't get the hosted dashboard, MCP, or PR comments — but the core analysis is yours alone.

Do you offer on-prem (self-hosted) deployment?

Yes, on Enterprise. Sovereign mode ships a Docker image with engine, dashboard, MCP server, and Postgres. Runs in your VPC with SAML SSO, custom data retention, and dedicated support. Air-gapped deployment is supported. Start with an email to security@faultlines.dev.

What happens to my data when I delete a scan or close my account?

Deletion is immediate in the application database. Encrypted backups are purged within 30 days. On Enterprise we can guarantee custom retention windows and provide written attestation of deletion. Deletion of the encrypted blob deletes both the ciphertext and the wrapped DEK — even if we wanted to recover it later we couldn't.

Are LLM prompts and responses stored?

No. When the CLI uses Claude / OpenAI for feature-name clustering, the prompt is sent directly to the provider you chose with your own API key. Faultlines never sees the prompt body or the model's response. If you use Ollama, everything stays on your machine.

Contact

Report a vulnerability

Security email

security@faultlines.dev

For suspected security issues, responsible-disclosure reports, or compliance-questionnaire requests. Also published at/.well-known/security.txt.

Disclosure policy

· Acknowledgement within 48 hours
· Triage and fix plan within 5 business days
· Public disclosure coordinated with reporter
· Researcher credit on request