Privacy Policy

Last updated: October 4, 2024

1. Introduction

Welcome to Git Digest! This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service. When we say "Company", "we", "our", or "us" in this document, we are referring to Sunergos IT LLC, the company behind Git Digest. When we say "Service", we are referring to Git Digest. When we say "You" or "your", we are referring to the people or organizations that use our Service.

By using Git Digest, you agree to the collection and use of information in accordance with this policy. We will not use or share your information with anyone except as described in this Privacy Policy.

2. Information We Collect

We collect the following information to provide and improve our Service to you:

  • GitHub account data: To provide our core service, we analyze data from your GitHub repositories that you explicitly grant us access to. It's important to note that we do not store any repository code in our database. We only process code patch changes and we don't store these in our database either.
    • GitHub information we store:
      • Repository data: owner, name, description, URL, default branch, full name, created at, updated at
      • Commit data: URL, sha, commit date, any pull request data linked to the commit (number, description), author (name and avatar URL), lines added, lines removed, number of changed files
    • The following data is encrypted at the database level: summaries we generate, commit messages, and pull request descriptions.

3. Use of Data

Git Digest uses the collected data for various purposes:

  • To provide and maintain our Service
  • To notify you about changes to our Service
  • To allow you to participate in interactive features of our Service when you choose to do so
  • To provide customer support
  • To gather analysis or valuable information so that we can improve our Service
  • To monitor the usage of our Service
  • To detect, prevent and address technical issues

We use OpenAI's completion API to process code patch changes. OpenAI does not train their models on the code patch changes we send to their API.

4. Third-Party Services

We use the following third-party services to operate our Service:

  • Stripe: For processing payments
  • Vercel: For hosting our application
  • Clerk: For user system management

These services may collect, use, and share your information. We encourage you to review the privacy policies of these third-party services.

5. Data Security

The security of your data is important to us, but remember that no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.

6. Your Data Protection Rights

Git Digest aims to take reasonable steps to allow you to correct, amend, delete, or limit the use of your Personal Data. If you wish to be informed what Personal Data we hold about you and if you want it to be removed from our systems, please contact us.

In certain circumstances, you have the following data protection rights:

  • The right to access, update or to delete the information we have on you
  • The right of rectification
  • The right to object
  • The right of restriction
  • The right to data portability
  • The right to withdraw consent

8. Data Retention Policy

We only maintain minimal, necessary data within our systems. The data we do keep (such as repository metadata, commit metadata, and related analytics) is retained as long as you have an active account on Git Digest or until it is no longer relevant for providing our Service. If you request account deletion, we proceed to remove associated data after a grace period to allow for any necessary dispute resolution or debugging.

This retention approach is consistent with our codebase logic, which focuses on processing Git repository commits in real time without storing entire code or patch changes in our database.

9. Data Archival and Removal Policy

In cases where data is no longer needed for immediate processing, it may be archived in a secure location with restricted access. Archival primarily pertains to logs and metadata used for system debugging and performance metrics. Logs containing sensitive information are purged or anonymized in accordance with our internal guidelines.

When you request data deletion or close your account, we will remove personal data from our active database. Some archival logs, which do not include sensitive or personal information, may be retained for operational or compliance purposes. Encryption is always used for any sensitive or personal data stored beyond active usage.

10. Data Storage Policy

We store your data in an encrypted database, and only essential repository details and commit metadata are persisted. Our codebase ensures that we do not store any repository code; only references to repository owners, commit SHAs, and relevant metadata are kept for analytics and summarization.

Additionally, any summaries, commit messages, or pull request descriptions are encrypted at the database level to prevent unauthorized access. To further mitigate risks, we rely on established cloud service providers (such as Vercel) that maintain industry-standard security measures.

By following a minimal data retention approach and encrypting any stored text, we aim to protect your data and reduce the possibility of unauthorized disclosure.

11. Contact Us

If you have any questions about this Privacy Policy, please contact us at support@gitdigest.ai.