Privacy Policy

Last updated: April 3, 2026

This Privacy Policy describes how Refresh ("we", "us", or "our") collects, uses, and discloses information when you use the Refresh Market website and services (collectively, the "Service").

1. Information We Collect

We collect information you provide directly to us, including:

• Contact information: name, email address, LinkedIn or website URL when you submit an estimate request or referral.
• Codebase metadata: evaluation script output, repository statistics, language composition, lines of code, and structural analysis. This metadata does not include your source code.
• Operational data metadata: artifact counts, tool integrations, and volume information from services such as Jira, Linear, Zendesk, Front, Notion, and Google Drive.
• Submitted data for evaluation: codebases, operational artifacts, and related materials that you voluntarily submit for acquisition evaluation. We receive and process this data solely for the purpose of assessing quality, structure, and fit prior to any purchase decision.

2. Data Evaluation and Acquisition

By submitting codebases, operational artifacts, or other materials through the Service, you acknowledge and agree that:

• Refresh is entitled to receive, review, and evaluate submitted data prior to any purchase decision or payment.
• Evaluation includes automated and manual review of code quality, structure, complexity, documentation, and relevance to AI training needs.
• Submission of data for evaluation does not constitute a sale or transfer of ownership. Ownership transfers only upon execution of a formal acquisition agreement and payment.
• Refresh may decline to acquire submitted data at its sole discretion, and in such cases, submitted evaluation materials will be deleted within 30 days of the decision.

3. How We Use Your Information

We use the information we collect to:

• Evaluate and price submitted codebases and operational data.
• Communicate with you about submissions, estimates, and acquisition offers.
• Process referrals and associated payments.
• Improve our evaluation processes and pricing models.
• Comply with legal obligations.

4. Data Security

We implement industry-standard security measures to protect your data:

• SOC 2 Type II certified infrastructure.
• End-to-end encryption for all data transfers and storage.
• Automated PII and secrets scrubbing on all submitted code and data.
• Air-gapped processing environments for sensitive evaluations.
• Access controls and audit logging for all data access.

5. Data Sharing

We do not sell your personal information. We may share information with:

• Service providers who assist with data processing, storage, and security.
• Professional advisors (legal, accounting) as necessary for business operations.
• Law enforcement or regulatory bodies when required by law.

6. Data Retention

We retain contact information for as long as necessary to fulfill the purposes described in this policy. Submitted evaluation data that is not acquired is deleted within 30 days of the decline decision. Acquired data is retained in accordance with the applicable acquisition agreement.

7. Your Rights

You may request access to, correction of, or deletion of your personal information by contacting us at market@refresh.dev. We will respond to requests within 30 days.

8. Analytics

We use Vercel Analytics to collect anonymized usage data such as page views and visitor counts. This service does not use cookies and does not collect personally identifiable information.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page with a revised "Last updated" date.

10. Contact Us

If you have questions about this Privacy Policy, contact us at market@refresh.dev.