# Security & Privacy

Personally Identifiable Information

## Scan Data Collection

### Threat Agent Data Collection

During scans that occur while using [Threat Agent](https://docs.threatrix.io/resources/broken-reference), will collect the following data.

* Dependency manager files
* File Metadata
  * File name
  * File size
  * File locations relative to the root of the project
* Whole file SHA1 signatures
* File DNA signatures(As part of TrueMatch)

{% hint style="success" %}
Threat Agent does not collect or transmit your source code to our server during standard scans.
{% endhint %}

{% hint style="warning" %}
**SOURCE CODE** will be collected and transmitted to our server if you select the `--cloud-scan` option when launching Threat Agent.
{% endhint %}

### ThreatScan Data Collection

ThreatScan integrates directly with your authorized SCM; Github, Gitlab, or Bitbucket. During scans, a copy of your code is transmitted to our scan server, processed, and then destroyed. No copy of your code ever remains on our servers. 

*