# Aikido Never Stores Your Code {% hint style="success" %} In short: Aikido does not store your code after analysis has taken place. Some of the analysis jobs such as SAST or Secrets Detection require a git clone operation. Below we talk about the technical measures we take to ensure your code is protected: {% endhint %} * We perform different actions such as git clones in a fresh docker container for each repository. After analysis, the data is wiped and the docker container is terminated. * For GitHub, no refresh or access tokens are ever stored in our database. We use the new GitHub Apps which do not require this. Even a database breach of Aikido itself would not result in your GitHub code being downloadable. * By default, our integrations require a very minimal read-only scope. Only if you enable special features such as Autofix Pull Requests, Aikido will request write accesses. * If you want to keep your code completely on-premise, without ever leaving your environment, you can use our [Local Scanner](https://help.aikido.dev/category/aikido-local-scan-setup/sg4xF4OsJciW). The results will seamlessly populate on the Aikido platform. * Aikido has SOC2 Type 2 & ISO27001:2022 certification. A report is available [upon request](http://trustcenter.aikido.dev/). That means we adhere to several organizational and technical policies by default. * Aikido runs AWS, with data residency in the EU and US region.That means all processing and storage will stay in that location. The process we use to ensure code security: ![Secure repository scanning workflow: select, clone, scan, encrypt findings, destroy containers.](/files/5UmpQF2rNPVmNmnSUxfo) **Disclaimer.** Aikido has some features where certain parts of your code are stored. This is in the case for the following functionalities: * AutoFix: Aikido stores the diffs (original and AutoFixed code) - only files that are part of the AutoFix * Aikido stores the calltree for each AutoTriaged SAST finding for up to 2 weeks All code that is stored is ran through Gitleaks. If there are any obvious secrets in the code, we make sure to definitely not store these. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://help.aikido.dev/getting-started/setting-up-your-account/aikido-never-stores-your-code.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.