Security & data handling

Your code builds a graph, not a copy.

Symvanta is graph-first by design. We parse your repositories into a knowledge graph and, by default, discard the source. This page explains exactly how that pipeline works, what we encrypt, where we run, the permissions we request, and how we handle incidents. No marketing, just the mechanics.

How your source is handled

Every repository you connect flows through the same four steps. The output that we keep is the graph: symbols and the relationships between them. Your raw files are not part of it.

  1. 01
    Ingest, read-only
    A GitHub App you install reads repository contents and metadata into an isolated in-memory (RAM) workspace, never written to persistent disk. Nothing is shared across tenants.
  2. 02
    Parse in memory
    Files are parsed into abstract syntax trees and logical symbols across 11 languages. The parse happens in memory.
  3. 03
    Persist the graph
    Nodes, edges, file hashes, and vector embeddings are written to your workspace's isolated store. Your raw source files are not among them.
  4. 04
    Discard source
    The cloned working copy is deleted. What remains is the graph, not your code.
Source storage is off by default

Stored source is an optional, paid add-on. It is never on unless you explicitly turn it on. When you do, Symvanta retains your indexed checkout in that same in-memory store, isolated to your workspace, so raw-file tools (read_file, grep, tree) work for CI, chat, and headless agents. It is never copied to a persistent disk, and turning the add-on off stops those tools from serving it. Even with it on, your code is never shared across tenants and never used to train models.

When an agent makes uncommitted edits queryable with index_working_tree, those file contents are indexed into a short-lived revision that is reclaimed within a few hours and scoped to your workspace.

Encryption

In transit

Every connection is encrypted with TLS 1.2 or higher: your browser to the app, your agent to the MCP endpoint, our services to GitHub, and our internal service-to-service traffic.

At rest

Sensitive secrets (OAuth client secrets, per-tenant GitHub credentials, and 2FA recovery codes) are encrypted with AES-256-GCM before they are written to the database. The encryption key lives in the runtime environment, never in the database alongside the data it protects, so a database read on its own does not expose those secrets.

Infrastructure

Symvanta runs on Hetzner in Germany, so your data is processed and stored in the EU. The platform is built from a small, well-understood set of datastores:

  • PostgreSQL 16 holds the code graph (nodes, edges, file hashes) and all relational data.
  • Qdrant holds the vector embeddings that power semantic search.
  • RabbitMQ carries the asynchronous ingestion and inference work off the request path.
  • Redis backs short-lived caches.

None of these datastores is reachable from the public internet. They sit on a private network behind a firewall that only admits the application tier, so the graph and embeddings cannot be queried directly from outside.

What we ask GitHub and Google for

We request the minimum each integration needs, and you can see the full list before you approve it.

GitHub

You connect Symvanta through a GitHub App, installed only on the repositories you choose. The App requests:

  • Repository contents, read. So we can clone and parse your code into the graph.
  • Repository metadata, read. The mandatory baseline every GitHub App carries.
  • Webhook delivery for push and pull request events. So the graph stays current and feature branches with an open pull request can be tracked.

Per-tenant GitHub credentials are encrypted at rest. The optional automated-fix add-on, only when you enable it, additionally requests permission to open pull requests; it raises draft pull requests for your review and never pushes commits to your branches on its own. GitHub shows you the exact permission list on the installation screen before you approve, and you can revoke access at any time from your GitHub settings.

Google sign-in

If you sign in with Google we request only the openid, profile, and email scopes, used solely to create and authenticate your account. We never access your Google Drive, Gmail, Calendar, or Contacts. See our Privacy Policy for the full detail on Google user data.

Access control and isolation

  • Tenant isolation. Every record is scoped to your workspace and queries are tenant-filtered by default, so one workspace cannot read another's graph.
  • Role-based access. Members are admin, developer, or readonly, with permissions enforced on every request.
  • Scoped MCP tokens. Agents authenticate with scoped OAuth tokens (mcp:read), not your GitHub credentials.
  • Stronger sign-in. Optional two-factor authentication (TOTP), plus enterprise SSO (SAML and OIDC) and SCIM provisioning.
  • No model training on your code. We never train, fine-tune, or evaluate models on your code, and never share it across tenants.

Incident response

Production is monitored continuously with metrics and error tracking, so anomalies surface quickly. If you believe you have found a vulnerability, email info@symvanta.com with the details and we will work the report promptly. Please give us a reasonable window to remediate before any public disclosure.

If an incident affects your data, we will investigate, contain it, and notify affected customers without undue delay, consistent with applicable law.

Your data, your control

Disconnect a repository and its graph is removed. Request account deletion by emailing info@symvanta.com and we remove your data within 30 days. For self-hosted requirements, an on-premise deployment keeps the entire pipeline inside your own infrastructure.

Questions from your security team?

We are happy to walk through architecture, data flows, and access controls in detail.

Talk to us →info@symvanta.com